Learn More
In this paper, we present an evaluation of the AADL Behavioural Annex that is currently in evaluation phase. We relate our experiment with respect to a development concerning the reengineering of a flight software. This experiments has led us to introduce hierarchical aspects and study the link especially with AADL modes. We discuss about the definition of(More)
We describe a formal verification toolchain for AADL, the SAE Architecture Analysis and Design Language, enriched with its behavioral annex. Our approach is based on tools that are integrated in the Topcased environment. We give a high-level view of the tools involved and illustrate the successive transformations that take place during the verification(More)
A security policy of an information system is a set of security requirements that correspond to permissions, prohibitions and obligations to execute some actions when some contextual conditions are satisfied. Traditional approaches consider that the information system enforces its associated security policy if and only if actions executed in this system are(More)
In this paper, we relate an experiment whose aim is to study how to combine two existing approaches for ensuring software correct-ness: Domain Specific Languages (DSLs) and formal methods. As examples , we consider the Bossa DSL and the B formal method. Bossa is dedicated to the development of process schedulers and has been used in the context of Linux and(More)
The Cotre Project 1 is aimed at providing a design methodology and an associated software environment for the development of embedded realtime avionic systems. It contributes to bridging the gap between requirements of such systems, typically expressed in Architecture Description Languages, and formal development techniques, relying on system modeling and(More)
The analysis and verification of an AADL model usually requires its transformation into the meta-model of this model-checker or that schedulability analysis tool. However, one challenging problem is to prove that the transformation into the target model of computation (MoC) preserves the semantics of the original AADL model or at least some of its(More)