Methodologies and Technologies for Industrial Strength Systems Engineering (MATISSE) The Healthcare Case Study

  1 Methodologies and Technologiesfor Industrial Strength SystemsEngineering (MATISSE) The Healthcare Case Study M. Waldén and E. Troubitsyna Aabo Akademi UniversityFinland MATISSE Contents n Overview of the MATISSE-project n The requirements of the healthcare case study n The methodology used within the healthcare casestudy n Overview n Dependability n UML n Tools n B-action systems n Superposition refinement n Conclusions  2 MATISSE MATISSE Approach n MATISSE-project is exploiting and enhancingexisting generic methodologies and associatedtechnologies that support the construction of correct software-based systems. n Methods and tools that are being exploited are n the B Method and its associated technology n CSP and its associated model checker FDR n as well as UML and safety analysis techniques. MATISSE The MATISSE Partners n QinetiQ (lead partner with Formal Systems as subcontractor) n CNRS (Scientific co-ordinator) n Gemplus (Industrial Partner) n Siemens Transportation Systems (Industrial partner) n  Aabo Akademi University (working with Wallac as industrial partner) n ClearSy (B tool provider, J.R. Abrial consultant) n Southampton University (Academic partner)  3 MATISSE MATISSE Work Packages n Methodology  (lead by CNRS) n Tools  (lead by Southampton University) n  An embedded verifier for a smart card  (Gemplus) n  A railway signalling and control system (STS) n  A liquid handling workstation for healthcareclinicians and researchers (Aabo AkademiUniversity and Wallac) MATISSE MATISSE Handbook n Overview of a Systems Engineering approach usingrefinement techniques n Describing specific techniques that are required for system level modelling and reasoning in B n Guidance on constructing B models at software level n Guidance on verification and implementation in B n Describing how B can be combined with some other techniques and notations in order to enhance thecapability of B in a pragmatic way  4 MATISSE The B Method The B Method is n a formal specification method n based on set theory n relying on an extension of the weakest preconditioncalculus of E.W. Dijkstra n created by J.-R. AbrialThe B model constitutes n a specification of what the system should do n refinements realising the specification in successivestages n an implementation of the software system describinghow the system fulfils the specification MATISSE B tools  Atelier B structure n lexical and semantic analysis n generation of proof obligations n automated and interactive proofs n translation into target codeExtensions n Event B tool evt2b translates distributed (event-based)B models into sequential B n Interactive prover interface XIPI that eases the readingand navigation of proofsProvided by ClearSy  5 MATISSE Smartcard Case Study (1) Goals n Check if the B Method is affordable for developingsoftware components of a smart card n comparing formal and conventional development n Propose a development methodology to enable the useof B by “traditional” developers n Provide requirements for tools improvementFormal methods provide n Reliable implementation of an on-card byte code verifier  n Elements for high-level certification. n Test suites generation from the formal specification MATISSE Smartcard Case Study (2) n Byte code verifier for Java Card embedded in asmart card n Critical component of the next-generation of smartcard systems n The card can autonomously download newapplications n Type verifier  n Ensures that the Java card typing rules are enforced n Structural verifier  n Provides access to data n Ensures no memory violation
