Wang, Shaohui

Email Address
Research Projects
Organizational Units
Research Interests

Search Results

Now showing 1 - 6 of 6
  • Publication
    A Safety-Assured Development Approach for Real-Time Software
    (2010-08-23) Jee, Eunkyoung; Wang, Shaohui; Kim, Jeong Ki; Lee, Jaewoo; Sokolsky, Oleg; Lee, Insup
    Guaranteeing timing properties is an important issue as we develop safety-critical real-time systems such as cardiac pacemakers. We present a safety assured development approach of real-time software using a pacemaker as our case study. Following the model-driven development techniques, measurement-based timing analysis is used to guarantee timing properties in implementation as well as in the formal model. Formal specification with timed automata is checked with respect to timing properties by model checking technique and is transformed into implementation systematically. When timing properties may be violated in the implementation due to timing delay, it is suggested to measure the time deviation and reflect it to the code explicitly by modifying guards. The model is altered according to the modifications in the code. These changes of the code and the model are considered safe if all the properties are still satisfied by the modified model in re-performed model hecking. We demonstrate how the suggested approach can be applied to single-threaded and multi-threaded versions of implementation. This approach can provide developers with a useful time-guaranteeing technique applicable to several code generation schemes without imposing many restrictions.
  • Publication
    A Hybrid Approach to Causality Analysis
    (2015-09-01) Wang, Shaohui; Sokolsky, Oleg; Geoffroy, Yoann; Lee, Insup; Gössler, Gregor
    In component-based safety-critical systems, when a system safety property is violated, it is necessary to analyze which components are the cause. Given a system execution trace that exhibits component faults leading to a property violation, our causality analysis formalizes a notion of counterfactual reasoning (\what would the system behavior be if a component had been correct?") and algorithmically derives such alternative system behaviors, without re-executing the system itself. In this paper, we show that we can improve precision of the analysis if 1) we can emulate execution of components instead of relying on their contracts, and 2) take into consideration input/output dependencies between components to avoid blaming components for faults induced by other components. We demonstrate the utility of the extended analysis with a case study for a closed-loop patient-controlled analgesia system.
  • Publication
    A Causality Analysis Framework for Component-Based Real-Time Systems
    (2013-09-01) Wang, Shaohui; Ayoub, Anaheed; Kim, BaekGyu; Sokolsky, Oleg; Lee, Insup; Gössler, Gregor
    We propose an approach to enhance the fault diagnosis in black-box component-based systems, in which only events on component interfaces are observable, and assume that causal dependencies between component interface events within components are not known. For such systems, we describe a causality analysis framework that helps us establish the causal relationship between component failures and system failures, given an observed system execution trace. The analysis is based on a formalization of counterfactual reasoning, and applicable to real-time systems. We illustrate the analysis with a case study from the medical device domain.
  • Publication
    Runtime Verification of Traces Under Recording Uncertainty
    (2011-09-01) Wang, Shaohui; Ayoub, Anaheed; Sokolsky, Oleg; Lee, Insup
    We present an on-line algorithm for the runtime checking of temporal properties, expressed as past-time Linear Temporal Logic (LTL) over the traces of observations recorded by a "black box"-like device. The recorder captures the observed values but not the precise time of their occurrences, and precise truth evaluation of a temporal logic formula cannot always be obtained. In order to handle this uncertainty, the checking algorithm is based on a three-valued semantics for pasttime LTL defined in this paper. In addition to the algorithm, the paper presents results of an evaluation that aimed to study the effects of the recording uncertainty on different kinds of temporal logic properties.
  • Publication
    Contract-Based Blame Assignment by Trace Analysis
    (2013-04-01) Wang, Shaohui; Ayoub, Anaheed; Ivanov, Radoslav; Sokolsky, Oleg; Lee, Insup
    Fault diagnosis in networked systems has been an extensively studied field in systems engineering. Fault diagnosis generally includes the tasks of fault detection and isolation, and optionally recovery (FDIR). In this paper we further consider the blame assignment problem: given a system trace on which a system failure occurred and an identified set of faulty components, determine which subsets of faulty components are the culprits for the system failure. We provide formal definitions of the notion culprits and the blame assignment problem, under the assumptions that only one system trace is given and the system cannot be rerun. We show that the problem is equivalent to deciding the unsatisfiability of a set of logical constraints on component behaviors, and present the transformation from a blame assignment instance into an instance of unsatisfiability checking. We also apply the approach to a case study in the medical device interoperability scenario that has motivated our work.
  • Publication
    High-Level Model Extraction via Symbolic Execution
    (2012-01-01) Wang, Shaohui; Dwarakanathan, Srinivasan; Sokolsky, Oleg; Lee, Insup
    We study the problem of extracting high-level state machine models from software source code. Our target domain is GUI-driven applications for small hand-held devices such as cell phones and PDAs. In such systems, a natural high-level model is captured by a state machine, where states are GUI screens and button/menu item tappings are actions that trigger transitions between states. The paper presents a symbolic execution technique that allows us to identify states and transitions from the application source code. We discuss an implementation of this technique that operates on a large subset of the C# language and apply as a case study to the subsystem of a decision support tool for medical diagnosis.