Comparison Of International Federation Of Consulting Engineers And General Specification For Public Works Contracts From Risk Management Perspective

Usta, Ergun

01 August 2005

Contractors have to construct the projects efficiently in accordance with the contract provisions when they accept a contract. All construction projects involve risk and there is no possibility to eliminate all the risks associated with a specific project. Management of risk requires identification and analysis of risk factors. After this risk assessment step, proper response strategies have to be developed so that an optimum risk-reward structure is ensured. Contracts are the grounds where risk allocation schemes between parties are settled and risk-reward mechanisms are defined. Since contractors are usually unable to influence the contract conditions and clauses, they should understand which risks they are retaining under contract conditions. Thus, succesful management of risk requires understanding of contract clauses and identification of secondary risk factors created due to poorly defined contract clauses. The aim of this thesis is to investigate standard conditions of contract, namely FIDIC and GSPW, which are the most widely utilised contracts by the Turkish contractors, from the risk management point of view. For this purpose an interview form is prepared and interviews are conducted using this structured form. Implications of the contract clauses for the risk management strategy of contractors are discussed based on interview findings. The basic philosophy of FIDIC and GSPW are investigated so that necessary suggestions for the contractors can be made considering the risk allocation schemes defined in these documents.

Some aspects of user participation and the application of specifications in technology mediated educational innovation

Griffiths Jenkins, David

30 March 2009

Aquesta tesi està constituïda per diverses activitats de recerca, entre les quals trobam principalment articles i capítols publicats. Es descriu el disseny d'una joguina robòtica que facilita la metacognició dels nens. Es detallen els nous mètodes de disseny participatiu desenvolupats per donar suport a aquest procés, com també els resultats de les experiències dins l'aula que varen validar la seva eficàcia. Aquestes experiències varen fer servir l'especificació Unit of Practice d'Apple, la qual posibilita la descripció normalitzada de de les activitats pedagògiques amb els recursos d'ensenyament tecnològics. L'enfocament de la investigació llavors se centra en les especificacions de IMS, que representen recursos i activitats pedagògiques en un format que els ordinadors poden processar. S'analitzen les eines necessàries per treballar amb aquestes especificacions. Es fa una distinció entre processos de disseny en móns tancats (dirigits a grups limitats d'usuaris) i oberts (dirigits a un grup obert o universal). Es descriuen els processos participatius de disseny en ambdós casos. Es tenen especialment en consideració les eines necessàries per treballar amb l'especificació IMS LD, i es desenvolupen models conceptuals per clarificar la tipologia de les eines i els seus usos.Es proposa la participació en les comunitats de pràctica com una metodologia per avaluar les necessitats, les eines, i l'ús de l'especificació. / This thesis is composed of a number of related research activities, which are principally represented by means of published papers. The design of a robotic toy to provide support for children's meta-cognition is described. The new participatory design methods developed to support this process are detailed, together with the results of field trials which validated its effectiveness. These trials make use of Apple's Unit of Practice specification for the consistent description of pedagogic activities with technological teaching resources. The investigation of IMS' machine readable representations of pedagogy, their use, and the tooling they require, then becomes the focus for the inquiry. A distinction is drawn between closed world design processes, addressed at a circumscribed user group, and open world design addressing a wide or universal user group. Participatory design processes in both contexts are described. A particular focus is tooling for the IMS LD specification, and conceptual models are developed to clarify its tooling and use. Engagement with communities of practice is proposed as a means of addressing open world design challenges, and this methodology is used to assess user needs, tooling and use of the specification.

community of practice

Learning Design

IMS

Unit of Learning

Unit of Practice

specification

interoperability

robot

user

children

Participatory design

62

Stochastic volatility : maximum likelihood estimation and specification testing

White, Scott Ian

January 2006

Stochastic volatility (SV) models provide a means of tracking and forecasting the variance of financial asset returns. While SV models have a number of theoretical advantages over competing variance modelling procedures they are notoriously difficult to estimate. The distinguishing feature of the SV estimation literature is that those algorithms that provide accurate parameter estimates are conceptually demanding and require a significant amount of computational resources to implement. Furthermore, although a significant number of distinct SV specifications exist, little attention has been paid to how one would choose the appropriate specification for a given data series. Motivated by these facts, a likelihood based joint estimation and specification testing procedure for SV models is introduced that significantly overcomes the operational issues surrounding existing estimators. The estimation and specification testing procedures in this thesis are made possible by the introduction of a discrete nonlinear filtering (DNF) algorithm. This procedure uses the nonlinear filtering set of equations to provide maximum likelihood estimates for the general class of nonlinear latent variable problems which includes the SV model class. The DNF algorithm provides a fast and accurate implementation of the nonlinear filtering equations by treating the continuously valued state-variable as if it were a discrete Markov variable with a large number of states. When the DNF procedure is applied to the standard SV model, very accurate parameter estimates are obtained. Since the accuracy of the DNF is comparable to other procedures, its advantages are seen as ease and speed of implementation and the provision of online filtering (prediction) of variance. Additionally, the DNF procedure is very flexible and can be used for any dynamic latent variable problem with closed form likelihood and transition functions. Likelihood based specification testing for non-nested SV specifications is undertaken by formulating and estimating an encompassing model that nests two competing SV models. Likelihood ratio statistics are then used to make judgements regarding the optimal SV specification. The proposed framework is applied to SV models that incorporate either extreme returns or asymmetries.

stochastic volatility

variance prediction

heavy tailed SV

asymmetric SV

nonlinear filtering

maximum likelihood estimation

specification testing

encompassing models

RECOMENDAÇÕES PARA ESPECIFICAÇÃO DE VIDROS EM EDIFICAÇÕES COMERCIAIS NA REGIÃO CLIMÁTICA DE PORTO ALEGRE-RS / RECOMMENDATIONS REGARDING THE SPECIFICATION OF GLASSES ON BUSINESS BUILDINGS ON THE CLIMATE ZONE OF PORTO ALEGRE - RS

Cornetet, Mariângela Conte

18 November 2009

In business buildings, great part of the required power is spent on the air conditioning of internal settings. The transparent façades on such buildings are greatly significant on such matters, since a notable percentage of the thermal exchanges happen trough these elements. This paper structures an overview on the historical changes on the use of glasses on business buildings in the city of Porto Alegre, state of Rio Grande do Sul, highlighting the contemplation of the aspect of thermal and luminosity control on built environments. For each historical period, it s notable that the availability of different types of glasses on the market, chosen by architects, changes, resulting in diverse thermo-environmental and visual behaviors. The present paper was based on historical data, ranging from the period of 1992 to 2008, allowing analyses based on the performance of each alternative, taking into consideration the glasses spectrophotometric characteristics, solar factor values, visible transmission and thermal transmittance and the relation within the amount of energy required for cooling and heating the considered settings. 25 buildings were analyzed in the city and, from those, seven were selected for being considered to be representative of their period, with different solutions on their glass coverings. The data obtained was the basis for comparing their performances, on the various solar orientations, with that of a common glass. A trend of specifying lenses less reflective has been observed, with an increase in the amount of energy inflowing the rooms; and insulated glasses also, that hamper trade among environments. / Em edifícios comerciais, grande parte da energia necessária é gasta para o condicionamento térmico dos ambientes. Os fechamentos transparentes destes edifícios têm grande importância neste fato, pois significativo percentual das trocas térmicas ocorre através destes elementos. Este trabalho faz uma avaliação das mudanças históricas na utilização de vidros em prédios comerciais na cidade de Porto Alegre no estado do Rio Grande do Sul, evidenciando a consideração do aspecto do controle térmico e luminoso dos ambientes. Para cada período histórico, observa-se que as opções de vidros disponíveis no mercado, e especificados, são diferentes, resultando em comportamentos ambientais térmicos e visuais também diferentes. Este trabalho foi baseado em dados históricos do período de 1992 a 2009, permitindo uma análise dos desempenhos de cada solução, considerando-se as características espectrofotométricas dos vidros, valores de fator solar, transmissão no visível e transmitância térmica, e sua relação com a quantidade de energia necessária para refrigerar e aquecer suas salas. Foram analisados 25 edifícios comerciais na cidade, e destes, foram selecionadas sete considerados representativos para sua época, com soluções diferentes em seus envidraçamentos. Os dados obtidos serviram de base para comparar suas performances, nas devidas orientações solares, com as de um vidro comum. Observou-se que há uma tendência pela especificação de vidros menos refletivos, favorecendo o aumento da quantidade de energia que adentra as salas, e também de vidros insulados, que dificultam as trocas térmicas entre ambientes.

Especificação de vidros

Edifícios comerciais

Comportamento térmico

Comportamento lumínico

Specification of glasses

Business buildings

Thermal behavior, luminous behavior

CNPQ::ENGENHARIAS::ENGENHARIA CIVIL

Especifica??o do micron?cleo FreeRTOS utilizando o m?todo B

Galv?o, Stephenson de Sousa Lima

16 August 2011

Made available in DSpace on 2014-12-17T15:47:55Z (GMT). No. of bitstreams: 1 StephennsonSLG_DISSERT.pdf: 4909051 bytes, checksum: 2a9f94a42d9fc75bb16a1ff239148437 (MD5) Previous issue date: 2011-08-16 / This paper presents a contribution to the international Verified Software Repository effort through the formal specification of the microkernel FreeRTOS real-time system. Such specification was made in abstract level making use of the B method . For thus, properties of the microkernel were chosen and selected as specification requisites, which was constructed centered at the functionalities responsible for the utilization of these properties. This properties weres setting as specification requirements. The specification was constructed modeling the function of microkernel that implement this properties. This work intended to encourage the formal verification of FreeRTOS and also contribute to the formal creation of a microkernel real-time systems, based in FreeRTOS. Furthermore, this model brings a formal documentation point view of the microkernel, demonstrating features and how this internal states is changing. Finally, this work could be an example of specification of the actual system by the B method. / Este trabalho apresenta uma contribui??o para o esfor?o internacional do Verified Software Repository atrav?s da especifica??o formal da biblioteca de sistema de tempo real FreeRTOS. Tal especifica??o foi realizada de forma abstrata utilizando o m?todo B. Para isso, propriedades disponibilizadas por essa biblioteca foram elencadas e selecionadas como requisitos da especifica??o, a qual foi constru?da centrada nas funcionalidades respons?veis pela utiliza??o dessas propriedades. Com a modelagem desenvolvida pretende-se incentivar a verifica??o formal do FreeRTOS e tamb?m contribuir para a cria??o formal de uma biblioteca de sistemas de tempo real baseada na FreeRTOS. Al?m disso, tal modelagem traz uma documenta??o do ponto de vista formal do sistema, demonstrando como ocorrer internamente o seu funcionamento e serve como um exemplo da especifica??o de um sistema real pelo m?todo B.

Especifica??o

FreeRTOS

M?todo B

Specification

FreeRTOS

B method

A Co-Design Modeling Methodology for Simulation of Service Oriented Computing Systems

January 2011

abstract: The adoption of the Service Oriented Architecture (SOA) as the foundation for developing a new generation of software systems - known as Service Based Software Systems (SBS), poses new challenges in system design. While simulation as a methodology serves a principal role in design, there is a growing recognition that simulation of SBS requires modeling capabilities beyond those that are developed for the traditional distributed software systems. In particular, while different component-based modeling approaches may lend themselves to simulating the logical process flows in Service Oriented Computing (SOC) systems, they are inadequate in terms of supporting SOA-compliant modeling. Furthermore, composite services must satisfy multiple QoS attributes under constrained service reconfigurations and hardware resources. A key desired capability, therefore, is to model and simulate not only the services consistent with SOA concepts and principles, but also the hardware and network components on which services must execute on. In this dissertation, SOC-DEVS - a novel co-design modeling methodology that enables simulation of software and hardware aspects of SBS for early architectural design evaluation is developed. A set of abstractions representing important service characteristics and service relationships are modeled. The proposed software/hardware co-design simulation capability is introduced into the DEVS-Suite simulator. Exemplar simulation models of a communication intensive Voice Communication System and a computation intensive Encryption System are developed and then validated using data from an existing real system. The applicability of the SOC-DEVS methodology is demonstrated in a simulation testbed aimed at facilitating the design & development of SBS. Furthermore, the simulation testbed is extended by integrating an existing prototype monitoring and adaptation system with the simulator to support basic experimentation towards design & development of Adaptive SBS. / Dissertation/Thesis / Ph.D. Computer Science 2011

Computer science

Co-Design Modeling

Discrete EVent System Specification

Service Based Software Systems

Service Oriented Architecture

Software Service Simulation

Spécification et analyse formelles des politiques de sécurité dans un processus de courtage de l'informatique en nuage / Formal specification and analysis of security policies in a cloud brokerage process

Guesmi, Asma

01 July 2016

Les offres de l’informatique en nuage augmentent de plus en plus et les clients ne sont pas capables de lescomparer afin de choisir la plus adaptée à leurs besoins. De plus, les garanties de sécurité proposées parles fournisseurs restent incompréhensibles pour les clients. Cela représente un frein pour l'adoption dessolutions de l’informatique en nuage.Dans cette thèse, nous proposons un mécanisme de courtage des services de l’informatique en nuage quiprend en compte les besoins du client en termes de sécurité.Les besoins exprimés par le client sont de deux natures. Les besoins fonctionnels représentent lesressources et leurs performances. Les besoins non-fonctionnels représentent les propriétés de sécurité etles contraintes de placement des ressources dans le nuage informatique. Nous utilisons le langage Alloypour décrire les offres et les besoins. Nous utilisons l'analyseur Alloy pour l'analyse et la vérification desspécifications du client. Le courtier sélectionne les fournisseurs qui satisfont les besoins fonctionnels et nonfonctionnelsdu client. Il vérifie ensuite, que la configuration du placement des ressources chez lesfournisseurs respecte toutes les propriétés de sécurité exigées par le client.Toutes ces démarches sont effectuées avant le déploiement des ressources dans le nuage informatique.Cela permet de détecter les erreurs et conflits des besoins du client tôt. Ainsi, on réduit les vulnérabilités desressources du client une fois déployées. / The number of cloud offerings increases rapidly. Therefore, it is difficult for clients to select the adequate cloud providers which fit their needs. In this thesis, we introduce a cloud service brokerage mechanism that considers the client security requirements. We consider two types of the client requirements. The amount of resources is represented by the functional requirements. The non-functional requirements consist on security properties and placement constraints. The requirements and the offers are specified using the Alloy language. To eliminate inner conflicts within customers requirements, and to match the cloud providers offers with these customers requirements, we use a formal analysis tool: Alloy. The broker uses a matching algorithm to place the required resources in the adequate cloud providers, in a way that fulfills all customer requirements, including security properties. The broker checks that the placement configuration ensures all the security requirements. All these steps are done before the resources deployment in the cloud computing. This allows to detect the conflicts and errors in the clients requirements, thus resources vulnerabilities can be avoided after the deployment.

Courtage informatique

Nuage informatique

Sécurité

Alloy

Spécification

Méthode formelle

Cloud brokerage

Cloud computing

Security

Alloy

Specification

Formal method

004.678 2

Modelagem temporal de sistemas : uma abordagem fundamentada em redes de petri / Temporal modeling of information systems: a Petri net based approach

Antunes, Dante Carlos

January 1997

Neste trabalho e proposta a abordagem TempER-Tr, uma técnica de modelagem conceitual, fundamentada em rede de Petri, que integra a especificação das propriedades dinâmicas de um sistema a um modelo de dados temporal do tipo entidade relacionamento. Um modelo ou esquema conceitual descreve as propriedades identificadas de um sistema a ser desenvolvido. Estas propriedades podem ser classificadas em propriedades estáticas e propriedades dinâmicas As propriedades estáticas descrevem os estados que o sistema pode alcançar, enquanto que as propriedades dinâmicas descrevem as transições entre estes estados. A modelagem conceitual das propriedades estáticas é normalmente conhecida como modelagem de dados. A modelagem das propriedades dinâmicas é denominada de modelagem funcional ou comportamental. Mais especificamente, o modelo TempER-Tr é uma extensão de um trabalho anterior, conhecido como ER-Tr. No modelo ER-Tr, para descrever as propriedades estáticas de um sistema utiliza-se o modelo entidade-relacionamento convencional. No modelo TempER-Tr passa-se a adotar um modelo entidade-relacionamento temporal. Aliado a isto, uma nova linguagem de anotação, baseada em SQL, com mais poder de expressão é proposta. O modelo entidade-relacionamento convencional não possui dispositivos de modelagem capazes de especificar restrições que envolvam a associação dos objetos com o tempo, exigindo que isto se faca ao nível da modelagem das propriedades dinâmicas. Em um modelo entidade-relacionamento convencional, os conjuntos de entidades e relacionamentos apresentam apenas duas dimensões: a primeira refere-se as instâncias (linhas) e a segunda aos atributos (colunas). Em uma abordagem entidade relacionamento temporal, uma nova dimensão e acrescentada: o eixo temporal, possibilitando que as restrições temporais decorrentes da associação entre os objetos possam ser especificadas ao nível do modelo estático. Um requisito importante a ser preenchido por um modelo de dados temporal é permitir que em um mesmo diagrama seja possível associar objetos (entidades, relacionamentos ou atributos) temporalizados com objetos não temporalizados. lsto porque em sistemas de informação alguns dados precisam ser explicitamente referenciados ao tempo e outros não, ou porque não mudam com o tempo, ou porque é irrelevante ao usuário saber quando os fatos ocorreram. O modelo de dados temporal proposto neste trabalho, denominado TempER, pressupõe que todas as entidades, sejam elas temporalizadas ou não temporalizadas, apresentam uma "existência", ou seja, uma validade temporal. No caso das entidades temporalizadas esta existência é um subconjunto de pontos do eixo temporal. Em virtude disto são chamadas de entidades transitórias. Em relação as entidades não temporalizadas, e assumido que "existem sempre", ou seja, a sua validade temporal é constante, implícita e igual a todo o eixo temporal. Por isto são denominadas entidades perenes. Tanto as entidades transitórias quanto as entidades perenes, são focalizadas pelo modelo TempER através de duas perspectivas: uma intemporal e outra temporal. Através da perspectiva intemporal as entidades apresentam duas dimensões, semelhança do que ocorre em um modelo entidade-relacionamento convencional. Através da perspectiva temporal as entidades apresentam três dimensões, as duas convencionais e mais o tempo. Enquanto que o modelo de dados temporal descreve as propriedades estáticas de um sistema, o modelo comportamental, a outra face da abordagem TempER-Tr, focaliza as transações executadas no interior do sistema, em resposta a eventos que ocorrem no ambiente externo. Estas transações, quando efetivadas, provocam mudanças de estados no sistema. Entretanto, para estarem habilitadas a ocorrer, é necessário que um determinado conjunto de restrições dinâmicas sejam atendidas, o que se configura em um comportamento análogo ao de uma rede de Petri. O modelo TempER-Tr é completamente mapeável, inclusive o modelo de dados temporal, para a rede CEM, um tipo de rede de Petri de alto nível. Isto permite que a sua semântica seja formalmente especificada e possibilita o aproveitamento das características das redes de Petri. / This dissertation presents TempER-Tr approach. TempER-Tr is a conceptual modeling technique based on Petri nets that integrates the specification of the dynamic properties of system to a temporal entity-relationship data model. A model or conceptual schema describes the identified properties of a system. These properties can be classified into static and dynamic properties. The static properties describe the states that the system can reach, while the dynamic properties describe the transitions between the states. The conceptual modeling of the static properties is usually known as data modeling, while behavioral or functional modeling deals with dynamic properties. The TempER-Tr model is an extension of a model known as ER-Tr. In the ER-Tr model, the conventional entity-relationship model is used to describe the static properties of a system. In the TempER-Tr model, it is adopted a kind of temporal entityrelationship model. In addition, a new notation language is proposed, based on SQL, with more expression power. The conventional entity-relationship model doesn't provide tools to specify constraints that involve the association of objects with the time dimension, requiring that this have to be done at the dynamic properties modeling level. At the conventional entityrelationship model the entities and relationships sets present just two dimensions: the first one is related to the instance (lines) and the second to the attributes (columns). At a temporal entity-relationship approach, a new dimension is added: the time line. This way, the temporal constraints can be specified at the level of the static diagrams. An important requirement to be supplied by any temporal data model is the possibility to relate, into the same diagram, time-varying objects with time-invarying objects. This is due to the fact that in information systems some data need to be explicitly related to time and others don't, either because they don't change with time, or because users don't need to know when the facts occurred. • The temporal data model proposed in this work, nominated TempER, presupposes that all entities, being them time-varying or time-invarying, have an "existence", or a temporal validity. At the time-varying entities, named transitory entities, this existence is a subset of points from the time line. In time-invarying entities, named perennial entities, it is assumed that they "always exist", i.e., their temporal validity is constant, implicit, and equal to all points of the time line. Transitory entities, as much as perennial entities, are focused by the TempER model through two perspectives: a temporal perspective and a non-temporal perspective. Through the non-temporal perspective the entities present two dimensions - lines and columns - similar to a conventional entity-relationship model. Through the temporal perspective the entities present three dimensions: the two conventional dimensions and, in addition, the time dimension. While the temporal data model describes the static properties of a system, the behavioral model in the TempER-Tr approach focus the transactions that are executed by the system, in response to the events that occur at the external environment. A certain set of dynamic constraints must be attended so that transactions are enable to occur. This configures a behavior similar to a Petri net. The TempER-Tr model is completely mappeable, inclusive the temporal data model, to the CEM net, a kind of high level Petri net. This way, the semantic of TempER-Tr model is formally specified. In addition, the utilization of the characteristics of Petri nets is possible.

Sistemas : Informação

Redes : Petri

Modelagem conceitual

Modelagem temporal

Conceptual modeling

Temporal modeling

Time dimension

Transaction specification

Petri nets

Uma metodologia de modelagem de sistemas computacionais baseada em gramáticas de grafos

Pretz, Eduardo

January 2000

Vários métodos de especificação procuram realizar a modelagem de sistemas sob três visões: uma visão funcional, que procura apresentar as informações que trafegam entre os diversos componentes do sistema, uma visão de dados, que apresenta as relações entre as estruturas de dados estáticas do sistema e a visão dinâmica, que mostra as transformações que o sistema pode sofrer ao longo do tempo. Alguns modelos procuram integrar mais de uma visão, mas, em geral, os modelos possuem sérias deficiências ao tentarem representar mais de um aspecto do sistema ao mesmo tempo, sendo necessário o apoio de outros métodos. Este trabalho apresenta um método de especificação de sistemas que procura integrar a modelagem de dados com a modelagem funcional e dinâmica utilizando-se, para isso, das Gramáticas de Grafos como método formal de especificação. Sendo um grafo formado por vértices, arestas e rótulos, pode-se facilmente criar uma camada de abstração em que o usuário (em geral responsável pela análise de sistemas) manipule um método de especificação com o qual já convive, agora com uma semântica formal definida. Espera-se, com a aplicação do método, gerar modelos passíveis de prova, não ambíguos e que promovam um incremento de qualidade no sistema gerado. / Several specification methods try to realize system modeling following three visions: the functional vision, which is based on representing the information exchange among the several components of the system; the data vision, which represents the relations among the static data structures of the system; and the dynamic vision, which presents the transformations the system may endure over the time. Some models exist that try to integrate more than one of these visions, but, in general, they suffer from deficiencies when trying to represent more than one aspect of the system at the same time, in which case the use of other methods is necessary. This work presents a novel method of systems specification that attempts to integrate data modeling with functional and dynamic modelings using, for this, Graph Grammars as its formal specification method. A graph, being made of nodes, edges and labels, is appropriate for creating, easily, an abstraction layer in which the user (usually responsible for the system analysis) manipulates a specification method which is known to him, but now with a well defined formal semantics. We hope, by applying this method, to generate provable, unambiguous models which promote an increase in the quality of the generated system.

Metodos formais

Especificacao : Software

Grafos

Gramatica : Grafos

Engenharia de software

Graph grammars

Graph transformation systems

Formal methods

Formal specification

Relational approach of graph grammars / Abordagem relacional de gramática de grafos

Cavalheiro, Simone André da Costa

January 2010

Gramática de grafos é uma linguagem formal bastante adequada para sistemas cujos estados possuem uma topologia complexa (que envolvem vários tipos de elementos e diferentes tipos de relações entre eles) e cujo comportamento é essencialmente orientado pelos dados, isto é, eventos são disparados por configurações particulares do estado. Vários sistemas reativos são exemplos desta classe de aplicações, como protocolos para sistemas distribuídos e móveis, simulação de sistemas biológicos, entre outros. A verificação de gramática de grafos através da técnica de verificação de modelos já é utilizada por diversas abordagens. Embora esta técnica constitua um método de análise bastante importante, ela tem como desvantagem a necessidade de construir o espaço de estados completo do sistema, o que pode levar ao problema da explosão de estados. Bastante progresso tem sido feito para lidar com esta dificuldade, e diversas técnicas têm aumentado o tamanho dos sistemas que podem ser verificados. Outras abordagens propõem aproximar o espaço de estados, mas neste caso não é possível a verificação de propriedades arbitrárias. Além da verificação de modelos, a prova de teoremas constitui outra técnica consolidada para verificação formal. Nesta técnica tanto o sistema quanto suas propriedades são expressas em alguma lógica matemática. O processo de prova consiste em encontrar uma prova a partir dos axiomas e lemas intermediários do sistema. Cada técnica tem argumentos pró e contra o seu uso, mas é possível dizer que a verificação de modelos e a prova de teoremas são complementares. A maioria das abordagens utilizam verificadores de modelos para analisar propriedades de computações, isto é, sobre a seqüência de passos de um sistema. Propriedades sobre estados alcançáveis só são verificadas de forma restrita. O objetivo deste trabalho é prover uma abordagem para a prova de propriedades de grafos alcançáveis de uma gramática de grafos através da técnica de prova de teoremas. Propõe-se uma tradução (da abordagem Single-Pushout) de gramática de grafos para uma abordagem lógica e relacional, a qual permite a aplicação de indução matemática para análise de sistemas com espaço de estados infinito. Definiu-se gramática de grafos utilizando estruturas relacionais e aplicações de regras com linguagens lógicas. Inicialmente considerou-se o caso de grafos (tipados) simples, e então se estendeu a abordagem para grafos com atributos e gramáticas com condições negativas de aplicação. Além disso, baseado nesta abordagem, foram estabelecidos padrões para a definição, codificação e reuso de especificações de propriedades. O sistema de padrões tem o objetivo de auxiliar e simplificar a tarefa de especificar requisitos de forma precisa. Finalmente, propõe-se implementar definições relacionais de gramática de grafos em estruturas de event-B, de forma que seja possível utilizar os provadores disponíveis para event-B para demonstrar propriedades de gramática de grafos. / Graph grammars are a formal language well-suited to applications in which states have a complex topology (involving not only many types of elements, but also different types of relations between them) and in which behaviour is essentially data-driven, that is, events are triggered basically by particular configurations of the state. Many reactive systems are examples of this class of applications, such as protocols for distributed and mobile systems, simulation of biological systems, and many others. The verification of graph grammar models through model-checking is currently supported by various approaches. Although model-checking is an important analysis method, it has as disadvantage the need to build the complete state space, which can lead to the state explosion problem. Much progress has been made to deal with this difficulty, and many techniques have increased the size of the systems that may be verified. Other approaches propose to over- and/or under-approximate the state-space, but in this case it is not possible to check arbitrary properties. Besides model checking, theorem proving is another wellestablished approach for verification. Theorem proving is a technique where both the system and its desired properties are expressed as formulas in some mathematical logic. A logical description defines the system, establishing a set of axioms and inference rules. The process of verification consists of finding a proof of the required property from the axioms or intermediary lemmas of the system. Each verification technique has arguments for and against its use, but we can say that model-checking and theorem proving are complementary. Most of the existing approaches use model checkers to analyse properties of computations, that is, properties over the sequences of steps a system may engage in. Properties about reachable states are handled, if at all possible, only in very restricted ways. In this work, our main aim is to provide a means to prove properties of reachable graphs of graph grammar models using the theorem proving technique. We propose an encoding of (the Single-Pushout approach of) graph grammar specifications into a relational and logical approach which allows the application of the mathematical induction technique to analyse systems with infinite state-spaces. We have defined graph grammars using relational structures and used logical languages to model rule applications. We first consider the case of simple (typed) graphs, and then we extend the approach to the non-trivial case of attributed-graphs and grammars with negative application conditions. Besides that, based on this relational encoding, we establish patterns for the presentation, codification and reuse of property specifications. The pattern has the goal of helping and simplifying the task of stating precise requirements to be verified. Finally, we propose to implement relational definitions of graph grammars in event-B structures, such that it is possible to use the event-B provers to demonstrate properties of a graph grammar.

Gramatica : Grafos

Teoria : Categorias

Grafos

Metodos formais

Graph grammar

Theorem proving

First-order logic

Formal specification

Formal verification