JML- Based formal development of a Java card application for managing medical appointments

Although formal methods can dramatically increase the quality of software systems, they have not widely been adopted in software industry. Many software companies have the perception that formal methods are not cost-effective cause they are plenty of mathematical symbols that are difficult for non-experts to assimilate. The Java Modelling Language (short for JML) Section 3.3 is an academic initiative towards the development of a common formal specification language for Java programs, and the implementation of tools to check program correctness. This master thesis work shows how JML based formal methods can be used to formally develop a privacy sensitive Java application. This is a smart card application for managing medical appointments. The application is named HealthCard. We follow the software development strategy introduced by João Pestana, presented in Section 3.4. Our work influenced the development of this strategy by providing hands-on insight on challenges related to development of a privacy sensitive application in Java. Pestana’s strategy is based on a three-step evolution strategy of software specifications, from informal ones, through semiformal ones, to JML formal specifications. We further prove that this strategy can be automated by implementing a tool that generates JML formal specifications from a welldefined subset of informal software specifications. Hence, our work proves that JML-based formal methods techniques are cost-effective, and that they can be made popular in software industry. Although formal methods are not popular in many software development companies, we endeavour to integrate formal methods to general software practices. We hope our work can contribute to a better acceptance of mathematical based formalisms and tools used by software engineers. The structure of this document is as follows. In Section 2, we describe the preliminaries of this thesis work. We make an introduction to the application for managing medical applications we have implemented. We also describe the technologies used in the development of the application. This section further illustrates the Java Card Remote Method Invocation communication model used in the medical application for the client and server applications. Section 3 introduces software correctness, including the design by contract and the concept of contract in JML. Section 4 presents the design structure of the application. Section 5 shows the implementation of the HealthCard. Section 6 describes how the HealthCard is verified and validated using JML formal methods tools. Section 7 includes some metrics of the HealthCard implementation and specification. Section 8 presents a short example of how a client-side of a smart card application can be implemented while respecting formal specifications. Section 9 describes a prototype tools to generate JML formal specifications from informal specifications automatically. Section 10 describes some challenges and main ideas came acrorss during the development of the HealthCard. The full formal specification and implementation of the HealthCard smart card application presented in this document can be reached at https://sourceforge.net/projects/healthcard/.

Outward foreign direct investment and human capital development:A small country perspective

Purpose - The purpose of this paper is to examine the pattern of outward foreign direct investment (FDI) by Irish MNCs, and more specifically, to investigate their approach to human capital development and how these correspond to foreign MNCs in Ireland. In particular, it seeks to investigate training and development expenditure, adoption of succession planning, use of formal development programmes for senior management "potential", and also the presence of a specific "key group" development programme. Design/methodology/approach - Data were obtained through the largest, most representative study ever conducted on multinational companies (MNCs) in Ireland. The most senior human resources practitioner in these firms completed a questionnaire, through the personal interview medium, on various facets of their human resource management (HRM) practices. In total 260 usable interviews were completed equating to an overall response rate of 63 per cent. This represents a 78 per cent response rate for Irish MNCs, the primary focus of this paper, and 60 per cent for foreign MNCs. Findings - Overall, Irish MNCs tend to compare favourably with their foreign counterparts in terms of the human capital development mechanisms examined. Only one statistically significant association was found regarding differences between Irish and foreign owned MNCs, Irish MNCs were found to be significantly less likely to have formal management development programmes. Originality/value - The study is the first large scale, representative survey to be conducted on MNCs in Ireland helping to address the research lacuna on Irish owned MNCs. © Emerald Group Publishing Limited.

Desenvolvimento formal de aplicações para smartcards

Smart card applications represent a growing market. Usually this kind of application manipulate and store critical information that requires some level of security, such as financial or confidential information. The quality and trustworthiness of smart card software can be improved through a rigorous development process that embraces formal techniques of software engineering. In this work we propose the BSmart method, a specialization of the B formal method dedicated to the development of smart card Java Card applications. The method describes how a Java Card application can be generated from a B refinement process of its formal abstract specification. The development is supported by a set of tools, which automates the generation of some required refinements and the translation to Java Card client (host) and server (applet) applications. With respect to verification, the method development process was formalized and verified in the B method, using the Atelier B tool [Cle12a]. We emphasize that the Java Card application is translated from the last stage of refinement, named implementation. This translation process was specified in ASF+SDF [BKV08], describing the grammar of both languages (SDF) and the code transformations through rewrite rules (ASF). This specification was an important support during the translator development and contributes to the tool documentation. We also emphasize the KitSmart library [Dut06, San12], an essential component of BSmart, containing models of all 93 classes/interfaces of Java Card API 2:2:2, of Java/Java Card data types and machines that can be useful for the specifier, but are not part of the standard Java Card library. In other to validate the method, its tool support and the KitSmart, we developed an electronic passport application following the BSmart method. We believe that the results reached in this work contribute to Java Card development, allowing the generation of complete (client and server components), and less subject to errors, Java Card applications.

Stepwise refinement of interrupt-driven real-time programs

Embedded real-time programs rely on external interrupts to respond to events in their physical environment in a timely fashion. Formal program verification theories, such as the refinement calculus, are intended for development of sequential, block-structured code and do not allow for asynchronous control constructs such as interrupt service routines. In this article we extend the refinement calculus to support formal development of interrupt-dependent programs. To do this we: use a timed semantics, to support reasoning about the occurrence of interrupts within bounded time intervals; introduce a restricted form of concurrency, to model composition of interrupt service routines with the main program they may preempt; introduce a semantics for shared variables, to model contention for variables accessed by both interrupt service routines and the main program; and use real-time scheduling theory to discharge timing requirements on interruptible program code.

Theoretical Description of Time-Resolved Photoemission Spectroscopy: Application to Pump-Probe Experiments

The theory for time-resolved, pump-probe, photoemission spectroscopy and other pump-probe experiments is developed. The formal development is completely general, incorporating all of the nonequilibrium effects of the pump pulse and the finite time width of the probe pulse, and including possibilities for taking into account band structure and matrix element effects, surface states, and the interaction of the photoexcited electrons with the system leading to corrections to the sudden approximation. We also illustrate the effects of windowing that arise from the finite width of the probe pulse in a simple model system by assuming the quasiequilibrium approximation.

Approximate Best Proximity Points of Cyclic Self-maps in Metric Spaces and Cyclic Asymptotic Regularity

3rd International Conference on Mathematical Modeling in Physical Sciences (IC-MSQUARE) Madrid, AUG 28-31, 2014 / editado por Vagenas, EC; Vlachos, DS; Bastos, C; Hofer, T; Kominis, Y; Kosmas, O; LeLay, G; DePadova, P; Rode, B; Suraud, E; Varga, K

Desenvolvimento de um instrumento de avaliação da vulnerabilidade de pacientes imunodeprimidos a infecções zoonóticas a partir de animais de estimação.

Os animais de estimação podem ser fonte de infecções, principalmente para seres humanos imunocomprometidos, em especial, pacientes portadores do vírus HIV. Considerando que o contato com animais pode prover benefícios emocionais, profissionais da área da saúde, em particular médicos e médicos veterinários, devem estar conscientes do papel potencial destes animais na transmissão de doenças de forma a preconizar medidas profiláticas para que esta transmissão não ocorra. As circunstâncias que favorecem a transmissão de doenças a partir dos animais de estimação ainda não são totalmente conhecidas, principalmente na realidade brasileira. Faltam estudos com o objetivo de investigar o risco de doenças de origem zoonótica decorrentes do contato com estes animais, hoje também chamados de animais pet. Ademais, ressente-se da falta de um instrumento devidamente elaborado e validado com a finalidade de captar as informações necessárias para a realização de estudos deste tipo ou mesmo para servir como ferramenta de rastreio de situações de vulnerabilidade de pacientes imunodeprimidos com vistas ao aconselhamento sobre medidas de prevenção. Desta maneira, o objetivo deste estudo é elaborar um instrumento para averiguar a vulnerabilidade de pacientes imunodeprimidos a infecções zoonóticas a partir de animais de estimação. Inicialmente, foram mapeados os animais de estimação mais encontrados no ambiente doméstico e as principais infecções que podem ser transmitidas a partir deles. Selecionaram-se, então, os possíveis mecanismos de transmissão a serem abordados. Dentre as espécies de animais de estimação elencadas, os cães, gatos, aves, répteis e os pequenos roedores foram os selecionados para a confecção deste instrumento. As infecções selecionadas foram: Salmonelose; Criptosporidíase; Giardíase; Dermatofitoses, Esporotricose, Bartonelose; Ancilostomíase; Toxocaríase; Psitacose; Toxoplasmose; Escabiose; Campilobacteriose; Criptococose e Histoplasmose. Considerando as diferentes formas de transmissão de cada infecção foram identificados os possíveis atos e comportamentos no contato com animais de estimação, bem como características destes animais, que poderiam aumentar a probabilidade de transmissão. O instrumento desenvolvido foi composto de uma primeira parte abarcando os critérios de elegibilidade, e de outra envolvendo o escopo principal do instrumento. Como as características de contato e as infecções variam de acordo com a espécie de animal, o instrumento abordou cada um dos cinco grupos de animais separadamente. O instrumento aqui proposto concerne à etapa inicial de um processo de desenvolvimento formal para utilização em futuras pesquisas sobre o papel dos animais de estimação na transmissão de infecções para pacientes imunodeprimidos. Estudos que explorem a confiabilidade e validade do instrumento proposto, assim como sua aceitabilidade, são necessários antes que seu uso seja recomendado.

基于PAR的算法形式化开发

形式化方法是构建可信软件的重要途径.基于对算法问题的分析,针对形式化方法PAR开发算法的特征,刻划了问题分划、递推关系构造方面的规律.从一类问题的形式化功能规约出发,可机械地完成问题的分划及规约的变换,自然地揭示出求解问题的算法思想,在相关工具的支持下自动生成算法程序.研究结果将算法设计中尽可能多的创造性劳动转化为非创造性劳动,降低了形式化求解算法问题的难度,提高了算法程序的可靠性和形式化开发效率.

Geração de casos de teste a partir de especificações B

With the increasing complexity of software systems, there is also an increased concern about its faults. These faults can cause financial losses and even loss of life. Therefore, we propose in this paper the minimization of faults in software by using formally specified tests. The combination of testing and formal specifications is gaining strength in searches mainly through the MBT (Model-Based Testing). The development of software from formal specifications, when the whole process of refinement is done rigorously, ensures that what is specified in the application will be implemented. Thus, the implementation generated from these specifications would accurately depict what was specified. But not always the specification is refined to the level of implementation and code generation, and in these cases the tests generated from the specification tend to find fault. Additionally, the generation of so-called "invalid tests", ie tests that exercise the application scenarios that were not addressed in the specification, complements more significantly the formal development process. Therefore, this paper proposes a method for generating tests from B formal specifications. This method was structured in pseudo-code. The method is based on the systematization of the techniques of black box testing of boundary value analysis, equivalence partitioning, as well as the technique of orthogonal pairs. The method was applied to a B specification and B test machines that generate test cases independent of implementation language were generated. Aiming to validate the method, test cases were transformed manually in JUnit test cases and the application, created from the B specification and developed in Java, was tested. Faults were found with the execution of the JUnit test cases

A concepção das crianças e os valores associados à doação de sangue: doadores do futuro

Coordenação de Aperfeiçoamento de Pessoal de Nível Superior (CAPES)

Against Logically Possible World-Relativized Existence

The thesis that entities exist in, at, or in relation to logically possible worlds is criticized. The suggestion that actually nonexistent fictional characters might nevertheless exist in nonactual merely logically possible worlds runs afoul of the most general transworld identity requirements. An influential philosophical argument for the concept of world-relativized existence is examined in Alvin Plantinga’s formal development and explanation of modal semantic relations. Despite proposing an attractive unified semantics of alethic modality, Plantinga’s argument is rejected on formal grounds as supporting materially false actual existence assertions in the case of actually nonexistent objects in the framework of Plantinga’s own underlying classical predicate-quantificational logic.

La arquitectura de Víctor Eusa

El arquitecto Víctor Eusa (Pamplona, 1894-1990) es la figura central de la arquitectura en Navarra durante la mayor parte del siglo XX. Desde 1920, año en que termina sus estudios en Madrid, hasta 1973, año de su jubilación, produjo centenares de obras y proyectos en esta región española, con esporádicas intervenciones en otras zonas, como las provincias vecinas de Guipúzcoa, Vizcaya y Zaragoza. Su periodo activo coincide con el de la construcción del II Ensanche de Pamplona. La cantidad y calidad de su producción hacen posible establecer una identificación entre la obra de Eusa y la ciudad entonces existente. Sus obras principales son auténticos hitos urbanos que caracterizan el Ensanche. El archivo personal del arquitecto se perdió desgraciadamente en los años setenta del pasado siglo. Este trabajo de investigación ha partido de la recopilación de la documentación gráfica existente en archivos públicos y privados, que ha dado como fruto la catalogación de las obras y proyectos de Víctor Eusa, que constituye el tomo II de la tesis. En el tomo I se analiza la trayectoria del arquitecto y la evolución formal de su lenguaje, a partir de su formación académica y las sucesivas influencias que jalonan sus primeros años de profesión: sus viajes por Europa y Oriente, Otto Wagner y la Sezession vienesa, Perret y el hormigón armado, el Art-Déco y la Exposición de París de 1925, Dudok y la arquitectura holandesa, etc. Todo ello fructifica en una arquitectura expresionista muy personal, basada en la geometría de líneas rectas y quebradas, que combina el ladrillo y el hormigón como sus materiales preferidos. Su madurez se alcanza a finales de los años veinte y se prolonga hasta la guerra civil española. En este periodo se concentran sus obras más conocidas: Casa de Misericordia, Iglesia de los Paúles, Colegio de Escolapios, edificios de viviendas en plaza Príncipe de Viana y calle García Castañón, Seminario, Casino Eslava,… Después del 36, sus responsabilidades públicas sucesivas como arquitecto municipal de Pamplona y como arquitecto provincial de la Diputación Foral de Navarra introducen en su obra una nueva dimensión urbana. ABSTRACT The architect Víctor Eusa (Pamplona, 1894-1990) was the central figure in architecture in Navarra for most of the 20th century. From 1920, when he finished his studies in Madrid, to his retirement in 1973, he was responsible for hundreds of buildings in Navarra, as well as occasional projects in the neighbouring provinces of Guipúzcoa, Vizcaya and Zaragoza. His career as an architect developed in parallel with the second phase of urban expansion in Pamplona. In terms of both quantity and quality, this new district can be seen as an embodiment of Eusa's work, and his most outstanding buildings form the landmarks which give character to this area. Unfortunately, Eusa's personal archive was lost in the 1970s. By collecting and analyzing the graphic information available in public archives, the author of this dissertation was able to compile a catalogue of Eusa's work and projects, which is provided in volume II. Volume I focuses on Eusa's career and the formal development of his language, starting from his academic training and tracing the successive influences that were at work during his early years as an architect: his journeys through Europe and the East, Otto Wagner and the Vienna Secession, Perret and reinforced concrete, Art-Déco and the Paris Exhibition of 1925, Dudok and the Dutch architecture represented in the magazines Wendingen and De Stijl, and many others. All of this came together in Eusa's highly personal expressionist style, based on a geometry of straight and zigzag lines, combining his favourite materials, brick and concrete. His mature period consolidated by end of the 1920s and lasted until the Spanish Civil War. After 1936, Eusa's responsibilities as municipal architect for Pamplona and later as head of architecture for Navarra enabled him to develop his talents in the area of urban design.

When sparks fly : developing formal mentoring programs for the career development of young and emerging artists

Formal mentoring programs are accepted as a valuable strategy for developing young and emerging artists. This thesis presents the results of an evaluation of the SPARK National Young Artists Mentoring Program (SPARK). SPARK was a ten-month formal mentoring program managed by Youth Arts Queensland (YAQ) on behalf of the Australia Council for the Arts from 2003-2009. The program aimed to assist young and emerging Australian artists between the ages of 18-26 to establish a professional career in the arts. It was a highly successful formal arts mentoring program that facilitated 58 mentorships between young and emerging artists and professional artists from across Australia in five program rounds over its seven year lifespan. Interest from other cultural organisations looking to develop their own formal mentoring programs encouraged YAQ to commission this research to determine how the program works to achieve its effects. This study was conducted with young and emerging artists who participated in SPARK from 2003 to 2008. It took a theory-driven evaluation approach to examine SPARK as an example of what makes formal arts mentoring programs effective. It focused on understanding the program’s theory or how the program worked to achieve its desired outcomes. The program activities and assumed responses to program activities were mapped out in a theories of change model. This theoretical framework was then used to plan the points for data collection. Through the process of data collection, actual program developments were compared to the theoretical framework to see what occurred as expected and what did not. The findings were then generalised for knowledge and wider application. The findings demonstrated that SPARK was a successful and effective program and an exemplar model of a formal mentoring program preparing young and emerging artists for professional careers in the arts. They also indicate several ways in which this already strong program could be further improved, including: looking at the way mentoring relationships are set up and how the mentoring process is managed; considering the balance between artistic and professional development; developing career development competencies and networking skills; taking into account the needs of young and emerging artists to develop their professional identity and build confidence; and giving more thought to the desired program outcomes and considering the issue of timeliness and readiness for career transition. From these findings, together with principles outlined in the mentoring and career development literature, a number of necessary conditions have been identified for developing effective mentoring programs in the career development of young and emerging artists.