Linas Laibinis

Linas Laibinis
Vilnius University · Department of Computer Science I

PhD, Docent

About

123
Publications
16,266
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
856
Citations

Publications

Publications (123)
Chapter
This paper reports on the industrial use of our formal-method based interlocking verification tool, called SafeCap, and on what we needed to change in SafeCap as a result of our experience in applying it to a large number of commercial signalling projects. The substantial efforts dedicated to tool improvement are caused by the novelty of the techno...
Article
Full-text available
An application of formal verification (using the proof assistant Isabelle/HOL) for ensuring the correctness of scientific data processing software in the crystallographic domain is presented. The proposed process consists of writing a pseudocode that describes an algorithm in a succinct but mathematically unambiguous way, then formulating or reusin...
Chapter
Full-text available
This industrial experience report discusses the problems we have been facing while using our formal verification technology, called SafeCap, in a substantial number of live signalling projects in UK mainline rail, and the solutions we are now developing to counter these problems. Symbolic execution and safety invariant verification are well-underst...
Article
Full-text available
SafeCap is a modern toolkit for modelling, simulation and formal verification of railway networks. This paper discusses the use of SafeCap for formal analysis and automated scalable safety verification of solid state interlocking (SSI) programs a technology at the heart of many railway signalling solutions around the world. The main driving force b...
Article
Full-text available
The increasing complexity of modern interlocking poses a major challenge to ensuring railway safety. This calls for application of formal methods for assurance and verification of their safety. We have developed an industry-strength toolset, called SafeCap, for formal verification of interlockings. Our aim was to overcome the main barriers in deplo...
Preprint
Full-text available
The increasing complexity of modern interlocking poses a major challenge to ensuring railway safety. This calls for application of formal methods for assurance and verification of their safety. We have developed an industry-strength toolset, called SafeCap, for formal verification of interlockings. Our aim was to overcome the main barriers in deplo...
Article
Industry applications of formal verification to signaling control tables require formulation of a large number of mathematical conjectures expressing verification rules. It is paramount to establish the validity and completeness of these conjectures. This article discusses a mutation-based validation technique that guides domain experts in the cons...
Chapter
SafeCap is a modern toolkit for modelling, simulation and formal verification of railway networks. This paper discusses the use of SafeCap for formal analysis and fully-automated scalable safety verification of solid state interlocking (SSI) programs – a technology at the heart of many railway signalling solutions. The focus of the work is on makin...
Article
In this paper we present our formalisation of a resilient goal-oriented multi-agent system and its essential properties. The formalisation covers the notions of system goals and agents, various formal structures (functions and relations) defining different interrelationships between these notions, as well as constraints on the system dynamics allow...
Conference Paper
The number of security attacks on the telecommunication networks is constantly increasing. To prevent them, the telecom sector is looking for new automated techniques facilitating a discovery of potential network vulnerabilities and rectification of them. In this paper, we propose an approach for identifying potential attack scenarios and defining...
Conference Paper
Modern industrial control systems become increasingly interconnected and rely on external networks to provide their services. Hence they become vulnerable to security attacks that might directly jeopardise their safety. The growing understanding that if the system is not secure then it is not safe calls for novel development and verification techni...
Chapter
The design by contract approach enables rigorous development of component-based software systems. In particular, it allows us to ensure component interoperability. However, defining the contracts themselves is often a challenging task, especially in the development of decentralised systems with complex component interdependencies. In this paper, we...
Conference Paper
Full-text available
Formal modelling and verification are widely used in the development of safety-critical systems. They aim at providing a mathematically-grounded argument about system safety. In particular, this argument can facilitate construction of a safety case – a structured safety assurance document required for certification of safety-critical systems. Howev...
Technical Report
Full-text available
Formal modelling is widely recognised to contribute to the rigour and comprehensiveness of requirements. At the same time, a formal specification does not offer the flexibility and legibility of informal requirements, expected by system designers and software engineers. In this paper we propose a method and a supporting platform for tightly integra...
Article
Certification of safety-critical software systems requires submission of safety assurance documents, e.g., in the form of safety cases. A safety case is a justification argument used to show that a system is safe for a particular application in a particular environment. Different argumentation strategies (informal and formal) are applied to determi...
Conference Paper
Full-text available
Modern CPS should process large amount of data with high speed and reliability. To ensure that the system can handle varying volumes of data, the system designers usually rely on the architectures with the dynamically scaling degree of parallelism. However, to guarantee resilience of data processing, we should also ensure system fault tolerance, i....
Conference Paper
Ensuring resilience of large data stores in the cloud is a challenging engineering issue. It requires the development techniques that allow the designers to predict the main resilience characteristics — fault tolerance and performance — at the early design stages. In this paper, we experiment with integrating Event-B modelling with discrete-event s...
Conference Paper
Ensuring resilience – the ability to remain dependable in dynamic environment – constitutes a major challenge for engineering systems-of-systems (SoS). In this paper, we take a mission-centric view on the behaviour of SoS and demonstrate how to formally reason about their dependability. We use Event-B as our modelling framework and demonstrate how...
Conference Paper
Multi-agent technology is a promising approach to development of complex decentralised systems that dynamically adapt to changing environmental conditions. The main challenge while designing such multi-agent systems is to ensure that reachability of the system-level goals emerges through collaboration of autonomous agents despite changing operating...
Conference Paper
MapReduce is a powerful distributed data processing model that is currently adopted in a wide range of domains to efficiently handle large volumes of data, i.e., cope with the big data surge. In this paper, we propose an approach to formal derivation of the MapReduce framework. Our approach relies on stepwise refinement in Event-B and, in particula...
Data
Full-text available
Nowadays, certification of safety-critical software systems requires submission of safety assurance documents, often in the form of safety cases. A safety case is a justification argument used to show that a system is safe for a particular application in a particular environment. Different argumentation strategies are applied to derive the evidence...
Technical Report
Full-text available
Certification of safety-critical software systems requires submission of safety assurance documents, e.g., in the form of safety cases. A safety case is a justification argument used to show that a system is safe for a particular application in a particular environment. Different argumentation strategies are applied to determine the evidence for a...
Article
Full-text available
Self-Organizing Multi-Agent Systems (SO-MAS) are defined as a set of autonomous entities called agents interacting together in order to achieve a given task. Generally, the development process of these systems is based on the bottom-up approach which focuses on the design of the entities individual behavior. The main question arising when developin...
Article
Wireless sensor–actor networks are a recent development of wireless networks where both ordinary sensor nodes and more sophisticated and powerful nodes, called actors, are present. In this paper we introduce several, increasingly more detailed, formal models for this type of wireless networks. These models formalise a recently introduced algorithm...
Article
Dependability is a property of a computer system to deliver services that can be justifiably trusted. Formal modelling and verification techniques are widely used for development of dependable computer-based systems to gain confidence in the correctness of system design. Such techniques include Event-B-a state-based formalism that enables developme...
Conference Paper
Reliable and highly performant handling of large data stores constitutes one of the major challenges of cloud computing. In this paper, we propose a formalisation of a cloud solution implemented by F-Secure – a provider of secure data storage services. The solution is based on massive replication and the write-ahead logging mechanism. To achieve hi...
Conference Paper
In this paper, we present a case study in modelling a resilient control system in Event-B. We demonstrate how to formally define the basic safety properties and fault tolerance mechanisms, as well as the system modes describing the system behaviour under different execution and fault conditions. Our formal development helps us to identify the diagn...
Conference Paper
Ensuring resilience of multi-robotic systems is a notoriously difficult task. Decentralised architectures and asynchronous communication require powerful modelling techniques to demonstrate system resilience. In this paper, resilience of a multi-robotic system is defined as the ability to achieve goals despite robot failures. We demonstrate how to...
Conference Paper
A large class of safety-critical control systems contains monitoring subsystems that display certain system parameters to (human) operators. Ensuring that the displayed data are sufficiently fresh and non-corrupted constitutes an important part of safety requirements. However, the monitoring subsystems are typically not a part of a safety kernel an...
Article
The greatest challenges in space projects are ensuring traceability of system requirements throughout the development process and guaranteeing that they have been properly implemented, and that the overall system therefore complies with the standards adopted in the sector. In addition, the software development process is often influenced by a numbe...
Conference Paper
Full-text available
In this paper we present an approach for modelling functional procedures (as they occur in imperative programming languages) in a weakest precondition framework. Functional procedures are modelled in their full generality; thus the body of a functional procedure can be built using standard specification syntax, including nondeterminism, sequential...
Data
Full-text available
In this paper, we present a case study in modelling a resilient control system in Event-B. We demonstrate how to formally define the basic safety properties and fault tolerance mechanisms, as well as the system modes describing the system behaviour under different execution and fault conditions. Our formal development helps us to identify the diagn...
Data
A large class of safety-critical control systems contains monitoring subsystems that display certain system parameters to (human) operators. Ensuring that the displayed data are sufficiently fresh and non-corrupted constitutes an important part of safety requirements. However, the monitoring subsystems are typically not a part of a safety kernel an...
Article
Full-text available
Multi-agent systems are increasingly used in critical applications. To ensure dependability of multi-agent systems, we need powerful development techniques that would allow us to master complexity inherent to such kind of systems and formally verify correctness and safety of collaborative agent activities. In this paper, we present a rigorous appro...
Article
Full-text available
The increase in design complexity emphasises the relevance of formal verification techniques for both software and hardware. Formal methods with their mathematical-based modelling can provide proofs of various properties for the designs, thus ensuring a certain degree of complexity control and enhancing the system confidence. There are numerous for...
Article
Full-text available
Designing fault tolerance mechanisms for multi-agent systems is a notoriously difficult task. In this paper we present an approach to formal development of a fault tolerant multi-agent system by refinement in Event-B. We demonstrate how to formally specify cooperative error recovery and dynamic reconfiguration in Event-B. Moreover, we discuss how t...
Conference Paper
Multi-robotic systems are typical examples of complex multi-agent systems. The robots --- autonomic agents --- cooperate with each other in order to achieve the system goals. While designing multi-robotic systems, we should ensure that these goals remain achievable despite robot failures, i.e., guarantee system fault tolerance. However, designing t...
Conference Paper
Modelling and refinement in Event-B provides a scalable support for systematic development of complex service-oriented systems. This is achieved by a gradual transformation of an abstract service specification into its detailed architecture. In this paper we aim at integrating quantitative assessment of essential quality of service attributes into...
Conference Paper
Goal-Oriented Development facilitates structuring complex requirements. To ensure resilience the designers should guarantee that the system achieves its goals despite changes, e.g., caused by failures of system components. In this paper we propose a formal goal-oriented approach to development of resilient MAS. We formalize the notion of goal and g...
Article
Full-text available
A large number of dependable embedded systems have stringent real-time requirements imposed on them. Analysis of their real-time behaviour is usually conducted at the implementation level. However, it is desirable to obtain an evaluation of real-time properties early at the development cycle, i.e., at the modelling stage. In this paper we present a...
Article
Multi-agent systems (MAS) are increasingly used in critical applications. To ensure dependability of MAS, we need powerful development techniques that would allow us to master complexity inherent to MAS and formally verify correctness and safety of collaborative agent activities. In this paper we present a development of hospital MAS by refinement...
Article
Modes are widely used to structure the behaviour of control systems. However, derivation and verification of a mode logic for complex systems is challenging due to a large number of modes and intricate mode transitions. In this paper, we propose an approach to deriving, formalising and verifying consistency of a mode logic for fault-tolerant contro...
Chapter
Telecommunication systems must have a high degree of availability, that is, a high probability of correct and timely provision of requested services. To achieve this, correctness of software for such systems should be ensured. Application of formal methods helps increase confidence in building correct software. However, to be used in practice, form...
Conference Paper
Modes are widely used to structure the behaviour of control systems. For many such systems, derivation and verification of a mode logic is challenging due to a large number of modes and complex mode transitions. In this paper we propose an approach to deriving, formalising and verifying consistency of a mode logic for fault tolerant control systems...
Conference Paper
Full-text available
Achieving high dependability of distributed systems remains a major challenge due to complexity arising from concurrency and communication. There are a number of formal approaches to verification of properties of distributed algorithms. However, there is still a lack of methods that enable a transition from a verified formal model of communication...
Chapter
Application of formal methods, in particular Event-B, helps us to verify the correctness of controlling software. However, to guarantee the dependability of software-intensive control systems, we also need to ensure that safety and fault tolerance requirements are adequately represented in a system specification. In this chapter we demonstrate how...
Conference Paper
Full-text available
Certification of safety-critical systems requires formal verification of system properties and behaviour as well as quantitative demonstration of safety. Usually, formal modelling frameworks do not include quantitative assessment of safety. This has a negative impact on productivity and predictability of system development. In this paper we present...
Article
In this chapter, we propose a formal approach to designing FPGA-based systems. In particular, we introduce a general pattern for specifying synchronous systems and components as well as their typical interconnections. The proposed methodology for developing FPGA-based systems is based on the notion of refinement in the Event-B formalism. System dev...
Article
Formal refinement-based approaches have proved their worth in verifying system correctness. Often, besides ensuring functional correctness, we also need to quantitatively demonstrate that the desired level of dependability is achieved. However, the existing refinement-based frameworks do not provide sufficient support for quantitative reasoning. In...
Conference Paper
Full-text available
Event-B provides us with a powerful framework for correct- by-construction system development. However, while developing dependable systems we should not only guarantee their functional correctness but also quantitatively assess their dependability attributes. In this paper we investigate how to conduct probabilistic assessment of reliability of co...
Conference Paper
To ensure dependability of on-board satellite systems, the designers should, in particular, guarantee correct implementation of the mode transition scheme, i.e., ensure that the states of the system components are consistent with the global system mode. However, there is still a lack of scalable approaches to formal verification of correctness of c...
Conference Paper
Full-text available
Space satellites are examples of complex embedded systems. Dynamic behaviour of such systems is typically described in terms of operational modes that correspond to the different stages of a mission and states of the components. Components are susceptible to various faults that complicate the mode transition scheme. Yet the success of a mission dep...
Article
Attitude & Orbit Control System (AOCS) refers to a wider class of control systems which are used to determine and control the attitude of the spacecraft while in orbit, based on the information obtained from various sensors. In this paper, we propose an approach to evaluate a typical (yet somewhat simplified) AOCS architecture using formal developm...
Conference Paper
Full-text available
Wireless sensor-actor networks are a recent development of wireless networks where both ordinary sensor nodes and more sophisticated and powerful nodes, called actors, are present. In this paper we formalize a recently introduced algorithm that recovers failed actor communication links via the existing sensor infrastructure. We prove via refinement...
Article
Wireless sensor-actor networks are a recent development of wireless networks where both ordinary sensor nodes and more sophisticated and powerful nodes, called actors, are present. The role of the actors is to take various decisions relevant for the network based on the data retrieved and transmitted by the sensors. In order to fulfill their role,...
Article
Full-text available
Formal methods, in particular the B Method and its extension Event-B, have proven their worth in the development of many complex software-intensive systems. However, while providing us with a powerful development platform, these frameworks poorly support quantitative assessment of dependability attributes. Yet, such an assessment would facilitate n...
Article
Full-text available
Formal methods, in particular the B Method and its extension Event-B, have demonstrated their value in the development of complex control systems. However, while providing us with a powerful development platform, these frameworks poorly support quantitative assessment of dependability attributes. Yet, by assessing dependability at the early design...
Article
Telecommunication systems must have a high degree of availability, that is, a high probability of correct and timely provision of requested services. To achieve this, correctness of software for such systems should be ensured. Application of formal methods helps increase confidence in building correct software. However, to be used in practice, form...
Conference Paper
Full-text available
Recently, Space Systems Finland has undertaken formal Event B devel- opment of a part of on-board software for the BepiColombo space mission. As a re- sult, lack of modularization mechanisms in Event B has been identified as a serious obstacle to scalability. One of the main benefits of modulari zation is that it allows us to decompose system model...
Article
Full-text available
This article presents a scenario-based testing approach, in which user-defined abstract testing scenarios of the SUT are automatically refined based on formal specifications of the system under test (SUT). The latter are specified in a stepwise manner using the Event-B formalism until a sufficiently refined specification is obtained, which is then...
Conference Paper
Full-text available
Formal modelling is indispensable for engineering highly dependable systems. However, a wider acceptance of formal methods is hindered by their in- sufficient usability and scalability. In this paper, we aim a t assisting developers in rigorous modelling and design by increasing automation of development steps. We introduce a notion of refinement p...
Article
In this paper we present an extension of the previously reported model-based testing approach that is based on formal models and user-provided testing scenarios. In this approach, the user provides a testing scenario on the level of an abstract model. When the abstract model is refined to add or modify features, the corresponding testing scenarios...
Article
Full-text available
Agent technology offers a number of advantages over traditional distributed systems, such as asynchronous communication, anonymity of individual agents and ability to change operational context. However, it is notoriously difficult to ensure dependability of agent systems. In this paper we present a formal approach for the top-down development of f...
Article
Full-text available
In this paper, we present a model-based testing approach based on user provided testing scenarios. In this approach, when a software model is refined to add or modify features, the corresponding testing scenarios are automatically refined to incorporate these changes. The test cases, to be applied on the system under test, are generated from these...
Article
Full-text available
Telecommunication systems should have a high degree of availability, i.e., high probability of correct provision of requested ser- vices. To achieve this, correctness of software for such systems and system fault tolerance should be ensured. In this paper we show how to formalise and extend Lyra - a top-down service-oriented method for development...
Article
Full-text available
Formal modelling is indispensable for engineering highly dependable systems. However, a wider acceptance of formal methods is hindered by their in- sufficient usability and scalability. In this paper, we aim a t assisting developers in rigorous modelling and design by increasing automation of development steps. We introduce a notion of refinement p...
Article
Telecommunication systems should have a high degree of availability, i.e., high probability of correct provision of requested services. To achieve this, correctness of software for such systems and system fault tolerance should be ensured. In our previous work we proposed an approach to formalisation and extension of Lyra – a top-down service-orien...
Article
Full-text available
Mobile agent systems often require sophisticated cooperation and coordination during error detection and recovery. In this paper we propose novel fault tolerance mechanisms that support co-operative exception handling in such systems. The paper demonstrates how mechanisms like these can be formally developed and analysed. We start with identifying...
Conference Paper
Full-text available
Building open distributed systems is an even more challenging task than building distributed systems, as their components are loosely synchronised, can move, become disconnected, and their behaviour may depend on the changing context. The approach we are putting forward relies on using a combination of formal methods applied for rigorous developmen...
Chapter
We describe an implementation of general (abstract) lattice theory in the HOL system and its use in transformational reasoning within concrete instances of lattices, using the window inference of HOL. The implementation is extensible; users can add new instances of lattices and all the existing transformation rules are then available for the added...
Conference Paper
Full-text available
Developing fault tolerant ambient systems requires many challenging factors to be considered due to the nature of such systems, which tend to contain a lot of mobile elements that change their behaviour depending on the surrounding environment, as well as the possibility of their disconnect ion and re-connection. It is therefore necessary to constr...
Conference Paper
Currently UML2 is widely used for modelling software-intensive systems. Model driven development of complex software typically starts from abstract, high-level UML2 models which specify the system from several different viewpoints. Abstract models are further refined into more detailed design models in successive development stages. While specifyin...
Chapter
Full-text available
Transient faults belong to a wide-spread class of faults typical for control systems. These are the faults that only appear for a short period of time and might reappear later. However, even by appearing for a short time, they might cause dangerous system errors. Hence, designing mechanisms for tolerating and recovering from the transient faults is...
Chapter
Full-text available
Telecommunication systems should have a high degree of availability, i.e., high probability of correct and timely provision of requested services. To achieve this, correctness of software for such systems and system fault tolerance should be ensured. Application of formal methods helps us to gain confidence in building correct software. However, to...
Chapter
Agent systems are examples of complex distributed systems. Though agents operate in unreliable communication environment, often such systems have high reliability requirements imposed on them. Therefore, we need methods which allow us not only to ensure system correctness but also to integrate design of fault tolerance mechanisms in the development...
Conference Paper
Full-text available
Usually complex systems are controlled by an operator co-operating with a computer-based controller. The controlling software runs in continuous interaction with the operator and constantly reacts on operator’s interruptions by dynamically adapting system behaviour. Simultaneously it catches the exceptions signalling about errors in the system comp...
Conference Paper
Full-text available
Telecommunicating systems should have a high degree of availability, i.e., high probability of correct and timely provision of requested services. To achieve this, correctness of software for such systems should be ensured. Application of formal methods helps us to gain confidence in building correct software. However, to be used in practice, the f...
Conference Paper
Full-text available
Application of formal methods helps us to gain confidence in building correct software. On the other hand, to guarantee dependability of the overall system we need to build fault tolerant software, i.e., software which is not only fault-free but also is able to cope with faults of other system components. Obviously, this goal is attainable only if...
Conference Paper
Full-text available
Dependable control systems are usually complex and prone to errors of various natures. Such systems are often built in a modular and layered fashion. To guarantee system dependability, we need to develop software that is not only fault-free but also is able to cope with faults of other system components. In this paper we propose a general formal sp...