Silvia Bonfanti

Silvia Bonfanti
University of Bergamo | UNIBG · Department of Engineering

Doctor of Engineering

About

53
Publications
7,203
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
438
Citations

Publications

Publications (53)
Chapter
Full-text available
This tutorial paper introduces ASMETA, a comprehensive suite of integrated tools around the formal method Abstract State Machines to specify and analyze the executable behavior of discrete event systems. ASMETA supports the entire system development life-cycle, from the specification of the functional requirements to the implementation of the code,...
Conference Paper
Full-text available
Neural networks (NNs) play a crucial role in safety-critical fields, requiring robustness assurance. Bayesian Neural Networks (BNNs) address data uncertainty, providing probabilistic outputs. However, the literature on BNN robustness assessment is still limited, mainly focusing on adversarial examples, which are often impractical in real-world appl...
Article
Full-text available
Modern automotive systems with adaptive control features require rigorous analysis to guarantee correct operation. We report our experience in modeling the automotive case study from the ABZ2020 conference using the ASMETA toolset, based on the Abstract State Machine formal method. We adopted a seamless system engineering method: from an incrementa...
Article
Full-text available
This paper proposes an evaluation framework for autonomous systems, called LENS. It is an instrument to make an assessment of a system through the lens of abilities related to adaptation and smartness. The assessment can then help engineers understand in which direction it is worth investing to make their system smarter. It also helps to identify p...
Article
Modeling complex system requirements often requires specifying system components in separate models, which can be validated and verified in isolation from each other, and then integrating all components’ behavior in order to validate the operation of the whole system. If models are executable, as for state-based formal specifications, engines to or...
Chapter
With the increasing complexity and scale of software-intensive systems, model-based system development requires composable system models and composition operators.In line with such a vision, this paper describes our experience in modeling the behavior of the MVM-Adapt, an adaptive version of the Mechanical Ventilator Milano that has been designed,...
Chapter
Using architectural patterns is of paramount importance for guaranteeing the correct functionality, maintainability and modularity, especially for complex software systems. The model-view-controller (MVC) pattern is typically used in user interfaces (UIs), since it allows the separation between the internal representation of the information and the...
Chapter
The use of digital applications like in mobile phone or on the web to perform psychophysical measurements led to the introduction of algorithms to guide the users in test execution. In this paper we show four algorithms, two already well known: STRICTN and PEST, and a two that we propose: PESTN and BESTN. All the algorithms aim at estimating the le...
Article
In this paper, we present an approach to conformance testing based on abstract state machines (ASMs) that combines model refinement and test execution (RATE) and its application to three case studies. The RATE approach consists in generating test sequences from ASMs and checking the conformance between code and models in multiple iterations. The pr...
Chapter
Model-based simulation is nowadays an accepted practice for reliable prototyping of system behavior. To keep requirements complexity under control, system components are specified by separate models, validated and verified in isolation from the rest, but models have to be subsequently integrated and validated as a whole. For this reason, engines fo...
Article
Context During the first wave of the COVID-19 pandemic, an international and heterogeneous team of scientists collaborated on a social project to produce a mechanical ventilator for intensive care units (MVM). MVM has been conceived to be produced and used also in poor countries: it is open-source, no patents, cheap, and can be produced with materi...
Chapter
This paper presents an automatic test cases generation method from Abstract State Machine specifications. Starting from the ASMETA specification, the proposed approach applies the following steps: 1. Generation of abstract tests from a ASMETA model; 2. Optimization of the abstract tests; 3. Concretization of the abstract tests in GoogleTest; 4. Exe...
Preprint
Full-text available
Rigorous development processes aim to be effective in developing critical systems, especially if failures can have catastrophic consequences for humans and the environment. Such processes generally rely on formal methods, which can guarantee, thanks to their mathematical foundation, model preciseness, and properties assurance. However, they are rar...
Article
Full-text available
Purpose Stereopsis is a fundamental skill in human vision and visual actions. There are many ways to test and quantify stereoacuity: traditional paper and new digital applications are both valid ways to test the stereoacuity. The aim of this study is to compare the results obtained using standard tests and the new Stereoacuity Test App developed by...
Chapter
The use of models and formal analysis techniques at runtime is fundamental to address safety assurance during the system operational stage, when all relevant uncertainties and unknowns can be resolved. This paper presents a novel approach to runtime safety enforcement of software systems based on the MAPE-K control loop architecture for system moni...
Chapter
Safety-critical systems require development methods and processes that lead to provably correct systems in order to prevent catastrophic consequences due to system failure or unsafe operation. The use of models and formal analysis techniques is highly demanded both at design-time, to guarantee safety and other desired qualities already at the early...
Chapter
ASMs and the ASMETA framework can be used to model and analyze a variety of systems, and many of them rely on time constraints. In this paper, we present the ASMETA extension to deal with model time features.
Article
Full-text available
This paper presents the Mechanical Ventilator Milano (MVM), a novel intensive therapy mechanical ventilator designed for rapid, large-scale, low-cost production for the COVID-19 pandemic. Free of moving mechanical parts and requiring only a source of compressed oxygen and medical air to operate, the MVM is designed to support the long-term invasive...
Chapter
Even though the formal method community tends to overlook the problem, formal methods are sometimes difficult to use and not accessible to average users. On one hand, this is due to the intrinsic complexity of the methods and, therefore, some level of required expertise is unavoidable. On the other hand, however, the methods are sometimes hard to u...
Chapter
In the context of automotive domain, modern control systems are software-intensive and have adaptive features to provide safety and comfort. These software-based features demand software engineering approaches and formal methods that are able to guarantee correct operation, since malfunctions may cause harm/damage. Adaptive Exterior Light and the S...
Article
Full-text available
According to best practices of model‐driven engineering, the implementation of a system should be obtained from its model through a systematic model‐to‐code transformation. We present in this paper a methodology supported by the Asm2C++ tool, which allows the users to generate C++ code from abstract state machine models. Thanks to Asm2C++, the impl...
Chapter
In this paper we propose a new approach to conformance testing based on Abstract State Machine (ASM) model refinement. It consists in generating test sequences from ASM models and checking the conformance between code and models in multiple iterations. This process is applied at different models, starting from the more abstract model to the one tha...
Chapter
Full-text available
The development of medical devices is a safety-critical process, because a failure or a malfunction of the device can cause serious injuries to the patients whom use it. The application of a rigorous process for their development reduces the risk of failures since validation and verification activities can be performed in a objective, reproducible,...
Chapter
In this paper, we present the AsmetaVBDD tool that automatically translates the scenarios written in the AValLa language (used by the asmeta validator (AsmetaV)) into Behavior-Driven Development scenarios for C++.
Chapter
The automatic transformation of models to code is one of the most important cornerstones in the model-driven engineering paradigm. Starting from system models, users are able to automatically generate machine code in a seamless manner with an assurance of potential bug freeness of the generated code. Asm2C++ [4] is the tool that transforms Abstract...
Article
Full-text available
The use of formal methods is often recommended to guarantee the provision of necessary services and to assess the correctness of critical properties, such as functional safety, cybersecurity, and reliability, in medical and health care devices. In the past, several formal and rigorous methods have been proposed and consequently applied for trustwor...
Conference Paper
Amblyopia is the partial or complete loss of vision in one eye (called lazy eye). It can be prevented by adequate treatment during the first years of young age. However, the classical therapy of eye patching suffers from a low compliance that can harm the treatment. To increase compliance, we have devised a system based on the combined use of low c...
Conference Paper
This paper presents the female contribution on engineering a reference software architecture for ASMETA, a framework for an integrated use of tools developed around the Abstract State Machine formal method. Based on our experience in such a development project, we discuss how feminine mindset and skills can bring concrete advantages, but some disad...
Article
Medical devices are safety-critical systems since their malfunctions can seriously compromise human safety. Correct operation of a medical device depends upon the controlling software, whose development should adhere to certification standards. However, these standards provide general descriptions of common software engineering activities without a...
Conference Paper
This paper presents Asm2C++, a tool that automatically generates executable C++ code for Arduino from a formal specification given as Abstract State Machines (ASMs). The code generation process follows the model-driven engineering approach, where the code is obtained from a formal abstract model by applying certain transformation rules. The transla...
Conference Paper
Formal models are a rigorous way to specify informal system requirements. However, they are not widely used in practice, since they are considered difficult to develop and understand. Visualization is often considered a good means for people to communicate and to get a common understanding. We here make a proposal of a visual notation for Abstract...
Conference Paper
Medical devices are nowadays more and more software dependent, and software malfunctioning can lead to injuries or death for patients. Several standards have been proposed for the development and the validation of medical devices, but they establish general guidelines on the use of common software engineering activities without any indication regar...
Conference Paper
The paper presents our efforts in defining UASM, a unified syntax for Abstract State Machines (ASMs), based on the syntaxes of two of the main ASM frameworks, CoreASM and ASMETA, which have been adapted to accept UASM as input syntax of all their validation and verification tools.
Article
The strong growth of mobile devices of increasing quality and data transfer rates allows the introduction of these devices in diverse fields. In recent years, with the introduction of the “Smart factory” concept, the use of MIDs (Mobile Internet Devices) in manufacturing and assembly processes is increasingly common. The use of smart devices began...
Conference Paper
The paper presents the design and development of a mobile application realizing a video game that aims at treating amblyopia by using a Google Cardboard. Google Cardboard is a low cost device able to reproduce virtual reality by means of a smartphone. The proposed video game engaged the patient in a car racing game and it displays the same image to...
Conference Paper
The research paper concerns the development of a new mobile application emulating measurements of stereoacuity using Google Cardboard. Stereoacuity test is based on binocular vision that is the skill of human beings and most animals to recreate depth sense in visual scene. Google Cardboard is a very low cost device permitting to recreate depth sens...

Questions

Question (1)
Question
Hello!!!
During the COVID-19 pandemic, around the middle of March 2020, we have been developing a simplified mechanical lung ventilator, called MVM (Mechanical Ventilator Milano), to answer the high request of ventilators for Acute Respiratory Distress Syndrome (ARDS) in intensive care units. The ventilator is now produced and certified for use in the EU, USA, and Canada. In this experience, which - software side - involved more than 100 volunteer researchers towards software certification at the extreme of their strength, we collected a set of lessons learned.
From this experience, we now synthesized a set of guidelines that might help similar projects in the future. We then ask for your help in validating these guidelines. The survey is anonymous and it is available here: https://forms.gle/GxxSQmFpgAEaf5Dd7
Thanks for your support!

Network

Cited By