Régine LaleauParis-Est Créteil University | UPEC · Faculty of Sciences and technologies
Régine Laleau
Professor
About
188
Publications
23,453
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,539
Citations
Publications
Publications (188)
Hybrid games are games played on a finite graph endowed with real variables which may model behaviors of discrete controllers of continuous systems. The synthesis problem for hybrid games is decidable for classical objectives (like LTL formulas) when the games are initialized singular, meaning that the slopes of the continuous variables are piecewi...
This paper introduces an Event-B formal model of the adaptive exterior light system for cars, a case study proposed in the context of the ABZ2020 conference. The system describes the different provided lights and the conditions under which they are switched on/off in order to improve the visibility of the driver without dazzling the oncoming ones....
Model Driven Engineering (MDE) is a software development methodology applied on complex systems, which are composed of many interacting components. This paper proposes a holistic approach based on MDE for modeling and formally verifying the high-level architectures of such systems, in particular railway systems. The approach contains a three-step p...
Hybrid systems are one of the most common mathematical models for Cyber-Physical Systems (CPSs). They combine discrete dynamics represented by state machines or finite automata with continuous behaviors represented by differential equations. The measurement of continuous behaviors is performed by sensors. When these sensors have a continuous access...
SysML, dedicated to system design, provides graphical models. One of the strengths of these graphical models is that they can be validated by domain experts. However, the semantics of SysML is given in natural language, which does not allow formal and rigorous reasoning necessary for critical systems for which safety and security are major concerns...
System engineering development processes rely on modelling activities that lead to different design models corresponding to different analyses of the system under consideration.
One way to build safe critical systems is to formally model the requirements formulated by stakeholders and to ensure their consistency with respect to domain properties. This paper describes a metamodel for a domain modeling language built from OWL and PLIB. The language is part of the SysML/KAOS requirements engineering method which also includes...
This paper presents a specification of the hybrid ERTMS/ETCS level 3 standard in the framework of the case study proposed for ABZ2018. The specification is based on methods and tools, developed in the ANR FORMOSE project, for the modeling and formal verification of critical and complex system requirements. The requirements are specified with SysML/...
This paper presents a formal model of the case study proposed for the ABZ2018 conference, which concerns the Hybrid ERTMS/ETCS Level 3 Standard. This standard allows trains to communicate with a train supervisor to report their integrity and positions, thanks to an onboard train integrity monitoring system. The supervisor assigns trains a movement...
This paper introduces an Event-B formal model of the adaptive exterior light system for cars, a case study proposed in the context of the ABZ2020 conference. The system describes the different provided lights and the conditions under which they are switched on/off in order to improve the visibility of the driver without dazzling the oncoming ones....
Hybrid systems are one of the most common mathematical models for Cyber-Physical Systems (CPSs). They combine discrete dynamics represented by state machines or finite automata with continuous behaviors represented by differential equations. The measurement of continuous behaviors is performed by sensors. When these sensors have a continuous access...
This paper describes a case study of the SysML/KAOS method for a road transportation system for the City of Montreal (VdM), the second-largest city in Canada. The transportation system was developed from unstructured requirements represented in textual and schematic documents. Therefore, the VdM wanted to investigate new ways of organising and anal...
This paper presents SGAC (Solution de Gestion Automatisée du Consentement / automated consent management solution), a new healthcare access control model and its support tool, which manages patient wishes regarding access to their electronic health records (EHR). This paper also presents the verification of access control policies for SGAC using tw...
This paper is related to the generalised/generic version of the SysML/KAOS domain metamodel and on translation rules between the new domain models and B System specifications.
By nature, Cyber-physical systems are very often subjected to uncertainty events that can occur in their environment. This paper presents the first results of our work on how to deal with environment uncertainty in goal-based requirements engineering. This work is motivated by the fact that current goal-based approaches do not natively allow for un...
By nature, Cyber-physical systems are very often submitted to uncertainty events that can occur in their environment. This paper presents the first results of our work on how to deal with environment uncertainty in goal-based requirements engineering. This work is motivated by the fact that current goal-based approaches do not natively allow for un...
The objective of this poster paper is to investigate on how to deal with environmental uncertainty in goal based requirements engineering. To do so, we explore the introduction of RELAX concepts into SysMLKaos. RELAX is a Requirements Engineering language for Dynamically Adaptive Systems while SysMLKaos is a Goal based Requirements Engineering appr...
This volume contains the joint proceedings of IMPEX 2017, the first workshop on Handling IMPlicit and EXplicit knowledge in formal system development and FM&MDD, the second workshop on Formal and Model-Driven Techniques for Developing Trustworthy Systems (FM&MDD) held together on November 16, 2017 in Xi'an, China, as part of ICFEM 2017, 19th Intern...
In this paper, we use a combination of the SysML/KAOS requirements engineering method, an extension of SysML, with concepts of the KAOS goal model, and of the B System formal method. Translation rules from a goal model to a B System specification have been defined. They allow to obtain a skeleton of the formal specification. To complete it, we have...
Nowadays, the usefulness of a formal language for ensuring the consistency of requirements is well established. The work presented here is part of the definition of a formally-grounded, model-based requirements engineering method for critical and complex systems. Requirements are captured through the SysML/KAOS method and the targeted formal specif...
A means of building safe critical systems consists of formally modeling the requirements formulated by stakeholders and ensuring their consistency with respect to application domain properties. This paper proposes a metamodel for an ontology modeling formalism based on OWL and PLIB. This modeling formalism is part of a method for modeling the domai...
Context: Nowadays, Information Systems (IS) are at the heart of most companies and constitute then a critical element that needs an adequate attention regarding security issues of sensitive data it manages.
Objective: This paper presents a formal approach for the development of a filter to secure access to sensitive resources of information systems...
When using formal methods, one of the main difficulties is to elaborate the initial formal specification from informal descriptions obtained during the requirements analysis phase. For that purpose, we propose a goal-based approach in which the building of an initial formal model (in Event-B) is driven by a goal-oriented requirements engineering mo...
In a traditional formal development process, e.g. using the B method, the informal user requirements are (manually) translated into a global abstract formal specification. This translation is especially difficult to achieve. The Event-B method was developed to incrementally and formally construct such a specification using stepwise refinement. Each...
In a traditional formal development process, e.g. using the B method, the informal user requirements are (manually) translated into a global abstract formal specification. This translation is especially difficult to achieve. The Event-B method was developed to incrementally and formally construct such a specification using stepwise refinement. Each...
This paper presents the specification of the hemodialysis case study, proposed by ABZ’16 conference. The specification was carried out by a coupling of Algebraic State-Transition Diagrams (astd) and B-like methods. astd are a graphical notation, based on automata and process algebra operators. They provide an easy-to-read specification of the dynam...
We validate the RBAC ANSI 2012 standard using the B method. Numerous problems are identified: logical errors, inconsistencies, ambiguities, typing errors, missing preconditions, invariant violation, inappropriate specification notation. A clean version of the standard written in the B notation is proposed. We argue that the ad hoc mathematical nota...
This article describes the Event-B modeling of a landing gear system of an aircraft whose complete description can be found in Boniol and Wiels (The Landing Gear System Case Study, ABZ Case Study, Communications in Computer Information Science, vol 433, Springer, Berlin, 2014). This real-life case study has been proposed by the ABZ’2014 track that...
Les systèmes d'information (SI) sont omniprésents. De nouveaux systèmes émergent sans cesse, destinés à accroître la compétitivité des entreprises. Ceux déjà existants sont en perpétuelle évolution afin de rester en phase avec les avancées technologiques et le comportement dynamique des organisations. Le contexte actuel dans lequel évoluent ces SI,...
We validate the RBAC ANSI 2012 standard using the B method. Numerous problems are identified: logical errors, inconsistencies, ambiguities, typing errors, missing preconditions, invariant violation, inappropriate specification notation. A clean version of the standard written in the B notation is proposed. We argue that the ad hoc mathematical nota...
Designing a security policy for an information system (IS) is a non-trivial task. Variants of the RBAC model can be used to express such policies as access-control rules associated to constraints. In this paper, we advocate that currently available tools do not take sufficiently into account the functional description of the application and its imp...
To develop quality software and systems, both functional and non-functional requirements need to be taken into account at the same level of abstraction; and must be traced throughout the development cycle. The concept of
goal
has been widely used
and
adopted to represent functional and non-functional requirements. However
the issue of the impact of...
When developing Self Adaptive Systems (SAS), their highly adaptiveness has to be taken into account as early as the requirements elicitation. Because such systems modify their behaviour at run-time in response to changing environmental conditions, Non Functional Requirements (NFR’s) play an important role. One has to identify as early as possible t...
Goals play an important role in requirements engineering process, and consequently in systems development process. Whereas specifications allow us to answer the question "WHAT the system does", goals allow us to address the "WHY, WHO, WHEN" ques- tions (5). Up to now, the main software development approaches using formal methods, such as Event-B, b...
To develop quality software and systems, both functional and non-functional requirements need to be taken into account at the highest level of abstraction. However the issue of relationships between non-functional requirements and functional requirements has been rarely addressed. In this article, we outline an extension of the SysML requirements m...
We provide a detailed description of refinement in Event-B, both as a contribution in itself and as a foundation for the approach to simultaneous animation of multiple levels of refinement that we propose. We present an algorithm for simultaneous multi-level ...
Controlling access to the Web services of public agencies and private corporations depends primarily on specifying and deploying functional security rules to satisfy strict regulations imposed by governments, particularly in the financial and health sectors. This paper focuses on one aspect of the SELKIS and EB3SEC projects related to the security...
Ambient Systems are highly adaptive. They modify their behavior at run-time in response to changing environ-mental conditions. For these systems, Non Functional Requirements (NFR's) play an important role, and one has to identify as early as possible the requirements that are adaptable. Because of the inherent uncertainty in these systems, goal bas...
astd is a formal and graphical language specifically defined for information system specification. Up to now, a specifier had to build an astd specification from scratch and there were no refinement techniques for stepwise construction. This paper aims at introducing refinement patterns for astd, which are inspired from real case studies. For each...
In the security domain, access control (AC) consists in specifying who can access to what and how, with the four well-known concepts of permission, prohibition, obligation and separation of duty. In this paper, we focus on role-based access control (RBAC) models and more precisely on the verification of formal RBAC models. We propose a solution for...
Combination of formal and semi-formal methods is more and more required to produce specifications that can be, on the one
hand, understood and thus validated by both designers and users and, on the other hand, precise enough to be verified by formal
methods. This motivates our aim to use these complementary paradigms in order to deal with security...
Information systems are widely used and help in the management of huge quantities of data. Generally, these data are valuable or sensitive, their access must be restricted to granted users. Security is a mandatory requirement for information systems. Several methods already exist to express access control policies, but few of them support all kinds...
Designing a security policy for an information system (IS) is a non-trivial task. Variants of the RBAC model can be used to express such policies as access-control rules associated to constraints. In this paper, we advocate that currently available tools do not take sufficiently into account the functional description of the application and its imp...
This paper presents a metamodel of a policy enforcement manager responsible for applying the rules defined in security policies with the aim to constraint the access to the functionalities and data of information systems. The metamodel is useful to derive platform-specific security models that provide the basis for the design and implementation of...
Information systems are widely used and help in the management of huge quantities of data. Generally, these data are valuable or sensitive, their access must be restricted to granted users. Security is a mandatory requirement for information systems. Several methods already exist to express access control policies, but few of them, like eb
3sec, su...
Controlling access to the Web services of public agencies and private corporations depends primarily on specifying and deploying functional security rules to satisfy strict regulations imposed by governments, particularly in the financial and health sectors. This paper focuses on one aspect of the SELKIS and EB3SEC projects related to the security...
With most of formal methods, an initial formal model can be refined in multiple steps, until the final refinement contains enough details for an implementation. Most of the time, this initial model is built from the description obtained by the requirements analysis. Unfortunately, this transition from the requirements phase to the formal specificat...
In this paper, we advocate a strong separation of four aspects of information systems: data, dynamic behavior, security data and access control behavior. We describe how to model each of these aspects using formal methods. An abstract specification of each part of an information system is defined. The presented approach can be used when building a...
Verification and validation of access-control policies for information systems is a difficult yet necessary task. In order to take advantage of the formal properties and tools of the B method, we introduce in this paper a metamodel of the B modeling of access control policies. This metamodel lead to the development of a formal prototype of an acces...
The general framework of our project aims to define a coupling between a requirements model expressed in SysML/KAOS and an abstract Event-B formal specification. The functional goals are the basis for the derivation of abstract Event-B specifications, while nonfunctional goals are injected into the obtained abstract Event-B models in order to compl...
Le projet TACOS (Trustworthy Assembling of Components: frOm requirements to Specifications) propose une approche par composants pour la spécification de systèmes sûrs, depuis l'expression des besoins jusqu'à une spécification formelle, en utilisant ou adaptant des langages et des outils existants. Le domaine d'application choisi est celui du transp...
The transition from the requirements phase to the formal specification phase is one of the most painful steps in software
development. Up to now, no well-defined process to build initial formal models has been proposed. We have proposed a method
in which initial formal models are built incrementally, driven by a goal-based approach. This paper aims...
Abstract Due to the enormous pressure towards deploying software as fast as possible, functional requirements have been the main focus of software development process at the expense of implementing non-functional requirements (NFRs) such as performance and security. Thus, in practice, NFRs have been observed to be frequently neglected or forgotten...
This article presents a set of translation rules to generate Event-B machines from process-algebra based specification languages such as astd. Illustrated by a case study, it details the rules and the process of the translation. The ultimate goal of this systematic translation is to take advantage of Rodin, the Event-B platform to perform proofs, a...
This article presents the method EB 3 SEC, extension of EB 3 , a formal method based on process algebra. It is designed to specify functional security policies for information systems. Three security levels can be specified, enabling us to define access control rules for elementary actions (SQL statements), services or transactions and also busines...
This article describes a work-in-progress in the framework of a research project aiming at combining requirements engineering
methods with formal methods. The main idea is to extend the SysML language with concepts of existing requirements engineering
methods. In this article we present extensions to SysML with concepts from the goal model of the K...
Overview of the method Specification of case 1 Specification of case 2 Validation The natural-language description of the specifications Conclusion