Rainer Gerlich

Rainer Gerlich
BSSE

PhD

About

55
Publications
2,366
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
65
Citations

Publications

Publications (55)
Conference Paper
Full-text available
Various strategies for fault identification exist-e.g. based on formal analysis of code or on testing-of which each focuses on certain identification aspects and fault types. This paper characterises the strengths and weaknesses of methods-in theory and practice-focusing on application-independent identification strategies, and it suggests strategi...
Conference Paper
Full-text available
Automated software verification tools support developers in detecting faults that may lead to runtime errors. A fault in critical software that slips into the field, e.g., into a spacecraft, may have fatal consequences. However, there is an enormous variety of free and commercial tools available. Suppliers and customers of software need to have a c...
Poster
Full-text available
Verification of flight software is expensive, and there is a diverse ecosystem of methods available for suppliers and customers to choose and negotiate. Several commercial tools support certain verification activities. However – while this information is critical for planning a resilient and efficient software verification – it is unclear what thes...
Conference Paper
Full-text available
In a previous study six software verification tools have been applied to a representative space software package. The findings reported by each tool have been compared in order to derive footprints regarding fault identification. In a continuation three more tools were applied to the previously selected application software and to another applicati...
Conference Paper
Full-text available
Mit Softwareverifikationswerkzeugen sollen Fehler in Software gefunden werden. Doch gibt es nur spärliche Information über das, was die Werkzeuge wirklich leisten. Meistens liegt nur die Beschreibung des Herstellers vor, an der sich ein Anwender (grob) orientieren kann. So werden Werkzeuge eher nach Bedienerfreundlichkeit oder Verbreitung in der So...
Conference Paper
Full-text available
Six software verification tools have been applied to space flight software and the findings reported by each tool have been compared in order to derive footprints of the tools regarding capabilities of fault identification. Currently available results are provided in this paper: sensitivity and precision of individual tools and combinations of pair...
Conference Paper
Full-text available
Mastering the continuously increasing amount of software requires identification of more efficient strategies for software verification. Currently, fault coverage is only indirectly addressed, e.g. by code coverage. The idea as presented in this paper is to get a better understanding of fault coverage by a systematic classification of software faul...
Article
Full-text available
The importance of the quality of requirements for successful execution and completion of a project from a technical and contractual point of view is being recognized more and more. Many methods are targeted to improve the support for collecting requirements while still focusing on natural language. However, the ambiguities in the semantics of natur...
Article
Various strategies for fault identification exist - e.g. based on formal analysis of code or on testing - of which each focuses on certain identification aspects and fault types. This paper characterises the strengths and weaknesses of methods - in theory and practice - focusing on application-independent identification strategies, and it suggests...
Article
The interest for automatic code generation from models is increasing. A specification is expressed as model and verification and validation is performed in the application domain. Once the model is formally correct and complete, code can be generated automatically. The general belief is that this code should be correct as well. However, this might...
Article
Research has brought a number of different methods for automated test and test data generation in the last decades. These methods range from simple applications such as random testing, to complex analysis systems, such as constraint-based methods. While research on these methods has been extensive, industrial application to large-scale systems is s...
Article
Full-text available
As the test effort takes a significant part of the software development lifecycle, efficient test strategies are a precondition for reduction of development costs and time. In this respect two main issues exist: firstly, the tuning of the test track from test case identification to evaluation, secondly, the reduction of number of test cases to be p...
Article
Full-text available
The intention of this paper is to highlight the benefits of model exchange between different tools, methods and notations on one side, and to identify issues of proper modelling on the other side which have been detected during model transformation and code generation from models. Firstly, model transformation is applied to achieve diversification...
Chapter
The ESPRIT project 8451 Softpar has defined extensions to the HOOD design method to facilitate the design of applications for massively parallel environments. These extensions take into account different models of parallelism like distribution, functional parallelism, parallel processes and data parallelism. They consist in simplifying the Virtual...
Article
Full-text available
Statistical testing is of increasing interest because it allows full test automation – from test generation to evaluation -and hence reduces significantly the human test effort, while allowing a much broader test range. However, automatically generated tests based on a statistical approach have to cope with the "oracle problem" and the "small targe...
Article
Full-text available
The term "automation" is used in different meanings in context of software development. In our understanding "automated software production" covers what Edison identifies as "99% transpiration". Then only the "1% inspiration" is left to the engineer to provide the specification and to read the evaluation report on a system's properties for its vali...
Article
Full-text available
"ScaPable" is an acronym derived from "scalable" and "portable". The attribute "scalable" indicates that specific application software can automatically be built from scratch and verified without writing any statement in a programming language like C, thereby covering a large variety of embedded and/or distributed applications. The term "portable"...
Conference Paper
Performance engineering aims to demonstrate that the software being developed will meet the performance needs. The goal of robustness engineering is to prove that the system will work correctly in the presence or after occurence of faults or stress conditions. From this point of view robustness engineering complements performance engineering to cov...
Article
Full-text available
To meet the technical and managerial challanges of the MSL project it became necessary to find a highly efficient and flexible software development approach. This paper describes this generic approach chosen for MSL software development and the benefits gained by using tools for automatic software generation to an utmost extent. The outputs of the...
Article
Full-text available
Saving of development costs and time has been an issue in the past and still will be a future challenge. Amongst others the following key points will help to approach this goal: (1) early reduction of risks, (2) reuse and (3) automation. The organisation scheme described here harmonises risk reduction and reuse and allows for automation of developm...
Article
Full-text available
Chapter
Specification Description Language (SDL) provides powerful capabilities for verification and validation of a system's behavior and for automated code generation. This allows performing system validation at a higher level of abstraction and earlier in the development life cycle. Firstly, state explosion may prevent to get any benefit from exhaustive...
Article
Full-text available
During DASIA'96 the CIVE approach [1] was presented which is based on a computer-integrated life-cycle starting with system validation right from the beginning. Such early validation is performed by simulation considering functionality, behaviour and performance. The integration of the life cycle phases is achieved by continuous expansion of the si...
Conference Paper
Full-text available
SDL provides powerful capabilities for verification1 and v alidation2 of a system's behaviour and for automated code generation. This allows to perform system validation at a higher level of abstraction and earlier in the development life cycle. However, one needs to be carefully to really gain advantage of such capabilities, especially when applyi...
Article
One of the major challenges to be faced in the design of new-generation spacecrafts comes with the requirement to increase the capacity of autonomous operation, in particular in presence of abnormal events. Formal methods are becoming more accepted in the space industry as a possible way to manage induced systems complexity. The Data Management Sys...
Article
Up to now, quality of on-board software is achieved by tailoring the software for each application and by its final tuning to the needs of the environmental constraints like timing and sizing. A significant part of the effort has to be spent for testing at the end of the lifecycle. Hardware and software is specified separately and a system's capabi...
Conference Paper
Full-text available
For distributed and parallel computing the new version of HOOD, HOOD4 [1], brings a significant advantage: it decouples the logical design from the partitioning required to map software onto a net of processors. The HOOD Run-Time Support System (HRTS), introduced for HOOD4, will support an engineer to distribute the software. With the HOOD4 approac...
Conference Paper
Sufficient performance is an issue for program development. Program tuning becomes usually a task force as soon as better performance is needed, not before. For embedded systems with limited performance of CPU and size of memory good performance is even more a challenge. A systematic investigation on timing and sizing figures of Ada statements is p...
Article
Full-text available
The EaSyVaDe methodology aims to improve the development process for embedded systems like a Data Management System on-board of a spacecraft. Currently a rather long time is needed until a system is ready for operation. Future embedded systems will have to provide even more capabilities. This will make system development more complex and will incre...
Article
In the use of microprocessors, the software is the major link between the computer architecture and the application; if it does not produce good adaptation, full performance of specialized circuits cannot be achieved and the hardware will have to be added to. This article describes how the 8-bit structure, which has until now been regarded as a dra...
Article
Applications of the pulsed-ion-beam technique for the measurement of decay times of excited nuclear states or the measurement of time of flight of particle require a quite accurate knowledge of the incidence time of the charge centre of the ion pulse on the target (time-zero indicator).To reach accuracies better than about 1 ns with time-zero indic...
Article
Full-text available
Issues of portability, software reuse and maintenance are mostly considered as a matter of the software under development. This paper focuses on the impacts imposed by the software platforms on which the software is developed and executed, e.g. problems introduced by new tool versions or when moving to another tool or platform. Such problems arise...
Article
Full-text available
This paper describes why and how two different types of simulation need to be integrated: event-driven simulation (applied to the system's behaviour and asynchronous environmental parts) on one side and time-discrete or multi-rate simulation (applied to the system's control part and synchronous environmental parts) on the other side. This work has...
Article
Full-text available
Performance engineering aims to demonstrate that the software being developed will meet the performance needs. The goal of robustness engineering is to prove that the system can function correctly in the presence of faults or stress conditions. From this point of view robustness engineering comprises performance engineering as a specific case of no...
Article
Full-text available
GIFTBox (Generic Interfaces and Fault-Tolerant Boxes) is a scheme for description of heterogeneous and/or distributed systems in terms of generic interfaces and fault-tolerant modules (boxes). This scheme allows to construct a larger system by simple and clear rules out of generic elements ("atoms" and "binding" rules) and p rovides the ca pabiliti...
Article
A number of reports about malfunctions of hight-tech components in vehicles appeared recently. To a major part, such malfunctions are related to software. As the amount of software will steadily increase during the next years, software will dramaticially impact the quality of service in future. The competence to produce robust and dependable softwa...
Article
Full-text available
In 1992 ESA/ESTEC started activities which aimed to support system validation b y simulation already in an early development phase in o rder to reduce the development risks, time and costs. A first study called HRDMS (Highly Reliable Data Mangement System and Simulation) (1) concentrated on performance a spects of system validation. During this s t...
Article
Full-text available
At the beginning of system development system engineering has to ensure that the goals given by the customer will be met at the end of development. All system aspects have to be considered in a coherent manner. Properties and interfaces can be expressed in a manner human beings can understand in case of e.g. mechanical structures or electrical circ...
Article
Full-text available
During set up of the generic modelling environment EaSySim II it was recognised (as already described in [1]) that an unreasonable high number of system states was reported for a rather simple system (as described in [2] and Fig. 5-1 below) which prevented termination of state exploration. This was the starting point for a number of tests which dis...

Network

Cited By

Projects

Projects (8)
Project
The activity aims to find methods for verifying applications of artificial intelligence with robot components in modular, decentralised systems for the use in space. The project is carried out together with the partners FZI Research Center for Information Technology in Karlsruhe, Germany and the institute for aerospace informatics of the University of Würzburg, Germany, with FZI coordinating.
Project
The goal is to develop and evaluate methods for automated source-code-level testing of software deriving test data from requirements. Automatic derivation of test data requires formal input specifications, while currently, many specifications are still written in free-form text. Any new form of expression would have to satisfy the needs of the requirements engineers of being comprehensible, concise and flexible in expression, as well as the needs of the verification process of conveying a clear-cut and unique meaning accessible to software tools.
Project
While coverage is not the end-all of software testing, finding defects in code by testing is impossible without actually executing the code. Evolutionary algorithms may be a middle ground between stimulation with purely random data and algebraic methods for determining test inputs such as constraint-based test data generation. In a first step, the project aims to evaluate the feasibility of using genetic algorithms in generating test data for code decoding and validating telecommands inside space-borne software systems. Such code usually accepts the telecommands as otherwise untyped byte-streams, so that using random test data is usually inefficient and ineffective with regards to excercising non-trivial elements of the code.