Víctor A. Braberman

Víctor A. Braberman
Universidad de Buenos Aires | UBA · Department of Computer Sciences (FCEN)

About

100
Publications
9,395
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,292
Citations

Publications

Publications (100)
Article
In order to manage evolving organisational practice and maintain compliance with changes in policies and regulations, businesses must be capable of dynamically reconfiguring their business processes. However, such dynamic reconfiguration is a complex, human-intensive and error prone task. Not only must new business process rules be devised but also...
Article
An important ability of self-adaptive systems is to be able to autonomously understand the environment in which they operate and use this knowledge to control the environment behaviour in such a way that system goals are achieved. How can this be achieved when the environment is unknown? Two phase solutions that require a full discovery of environm...
Preprint
Full-text available
A controller for a Discrete Event System must achieve its goals despite that its environment being capable of resolving race conditions between controlled and uncontrolled events.Assuming that the controller loses all races is sometimes unrealistic. In many cases, a realistic assumption is that the controller sometimes wins races and is fast enough...
Article
We show how reactive synthesis and automated planning can be leveraged effectively to find non-maximal solutions to deterministic supervisory control problems of discrete event systems. To do so, we propose efficient translations of the supervisory control problem into the reactive synthesis and planning frameworks. Notably, our translation methods...
Chapter
Organisations require that their business processes reflect their evolving practices by maintaining compliance with their policies, strategies and regulations. Designing workflows which satisfy these requirements is complex and error-prone. Business process reconfiguration is even more challenging as not only a new workflow must be devised but also...
Conference Paper
Full-text available
This paper reports on an approach for systematically generating test data from production databases for end user calculated field program via a novel combination of symbolic execution and database queries. We also discuss the opportunities and challenges that this specific domain poses for symbolic execution and shows how database queries can help...
Article
Discrete event controllers are at the heart of many software systems that require continuous operation. Changing these controllers at runtime to cope with changes in its execution environment or system requirements change is a challenging open problem. In this paper we address the problem of dynamic update of controllers in reactive systems. We pre...
Article
Full-text available
Software Model Checkers have shown outstanding performance improvements in recent times. Moreover, for specific use cases, formal verification techniques have shown to be highly effective, leading to a number of high-profile success stories. However, widespread adoption remains unlikely in the short term and one of the remaining obstacles in that d...
Article
Full-text available
Behavior needs to be understood from early stages of software development. In this context, incremental and declarative modeling seems an attractive approach for closely capturing and analyzing requirements without early operational commitment. A traditional choice for such a kind of modeling is a logic-based approach. Unfortunately, in many cases,...
Article
System specifications have long been expressed through automata-based languages, which allow for compositional construction of complex models and enable automated verification techniques such as model checking. Automata-based verification has been extensively used in the analysis of systems, where they are able to provide yes/no answers to queries...
Article
Full-text available
Verification techniques and software model checking in particular have gained considerable traction in industry, especially after a number of high-profile success stories tackling specific problems. However, widespread adoption remains distant and, among other causes, one obstacle is the huge number of systems that software model checkers cannot fu...
Article
Full-text available
This paper presents a Directed Controller Synthesis (DCS) technique for discrete event systems. The DCS method explores the solution space for reactive controllers guided by a domain-independent heuristic. The heuristic is derived from an efficient abstraction of the environment based on the componentized way in which complex environments are descr...
Conference Paper
The SEAMS 2016 call for papers defines self-adaptation as the ability of a system to adapt itself at runtime to preserve its operation in the presence of uncertain changes in its operating environment, resource variability, new user needs, intrusions, and faults [23].
Conference Paper
In many application domains, continuous operation is a desirable attribute for software-intensive systems. As the environment or system requirements change, so the system should change and adapt without stopping or unduly disturbing its operation. There is, therefore, a need for sound engineering techniques that can cope with dynamic change. In thi...
Article
College London and CONICET Model-based reliability estimation of systems can provide useful insights early in the development process. However, computational complexity of estimating metrics such as mean time to first failure (MTTF), turnaround time (TAT), or other domain-based quantitative measures can be prohibitive both in time, space and precis...
Article
The problem of automatically constructing a software component such that when executed in a given environment satisfies a goal, is recurrent in software engineering. Controller synthesis is a field which fits into this vision. In this paper we study controller synthesis for partially observable LTS models. We exploit the link between partially obse...
Article
Code artefacts that have non-trivial requirements with respect to the ordering in which their methods or procedures ought to be called are common and appear, for instance, in the form of API implementations and objects. Testing such code artefacts to gain confidence that they conform to their intended protocols is an important and challenging probl...
Conference Paper
Temporal logic based approaches that automatically generate controllers have been shown to be useful for mission level planning of motion, surveillance and navigation, among others. These approaches critically rely on the validity of the environment models used for synthesis. Yet simplifying assumptions are inevitable to reduce complexity and provi...
Article
Property specification is still one of the most challenging tasks for transference of software verification technology. The use of patterns has been proposed in order to hide the complicated handling of formal languages from the developer. However, this goal is not entirely satisfied. When validating the desired property the developer may have to d...
Article
Full-text available
An architectural approach to self-adaptive systems involves runtime change of system configuration (i.e., the system's components, their bindings and operational parameters) and behaviour update (i.e., component orchestration). Thus, dynamic reconfiguration and discrete event control theory are at the heart of architectural adaptation. Although con...
Article
Controller synthesis is a well studied problem that attempts to automatically generate an operational behaviour model of the system-to-be that satisfies a given goal when deployed in a given domain model that behaves according to specified assumptions. A limitation of many controller synthesis techniques is that they require complete descriptions o...
Article
Full-text available
This article presents a symbolic static analysis for computing parametric upper bounds of the number of simultaneously live objects of sequential Java-like programs. Inferring the peak amount of irreclaimable objects is the cornerstone for analyzing potential heap-memory consumption of stand-alone applications or libraries. The analysis builds meth...
Conference Paper
Full-text available
El equipo de LaFHIS es un grupo del Departamento de Computación de FCEyN, UBA especializado análisis de software. Actualmente, miembros del LaFHIS son parte constitutiva del nuevo Centro de Transferencia e Investigación en Ingeniería de Software (CETIS). En este artículo se reportan los pasos iniciales de colaboraciones del CETIS con dos compañías...
Article
Full-text available
Most approaches for adaptive systems rely on models, particularly behaviour or architecture models, which describe the system and the environment in which it operates. One of the difficulties in creating such models is uncertainty about the accuracy and completeness of the models. Engineers therefore make assumptions which may prove to be invalid a...
Article
Behaviour model construction remains a difficult and labour intensive task which hinders the adoption of model-based methods by practitioners. We believe one reason for this is the mismatch between traditional approaches and current software development process best practices which include iterative development, adoption of use-case and scenario-ba...
Article
Synthesis of operational behavior models from scenario-based specifications has been extensively studied. The focus has been mainly on either existential or universal interpretations. One noteworthy exception is Live Sequence Charts (LSCs), which provides expressive constructs for conditional universal scenarios and some limited support for noncond...
Article
Code artifacts that have nontrivial requirements with respect to the ordering in which their methods or procedures ought to be called are common and appear, for instance, in the form of API implementations and objects. This work addresses the problem of validating if API implementations provide their intended behavior when descriptions of this beha...
Conference Paper
Model-based reliability estimation of software systems can provide useful insights early in the development process. However, computational complexity of estimating reliability metrics such as mean time to first failure (MTTF) can be prohibitive both in time, space and precision. In this paper we present an alternative to exhaustive model explorati...
Conference Paper
Controller synthesis provides an automated means to produce architecture-level behaviour models that are enacted by a composition of lower-level software components, ensuring correct behaviour. Such controllers ensure that goals are satisfied for any model-consistent environment behaviour. This paper presents a tool for developing environment model...
Conference Paper
Code artefacts that have non-trivial requirements with respect to the ordering in which their methods or procedures ought to be called are common and appear, for instance, in the form of API implementations and objects. Testing such code artefacts to gain confidence in that they conform to their intended protocols is an important and challenging pr...
Article
We present SGR(1), a novel synthesis technique and methodological guidelines for automatically constructing event-based behavior models. Our approach works for an expressive subset of liveness properties, distinguishes between controlled and monitored actions, and differentiates system goals from environment assumptions. We show that assumptions mu...
Conference Paper
Full-text available
In order to capture all permissible implementations, partial models of component based systems are given as at the system level. However, iterative refinement by engineers is often more convenient at the component level. In this paper, we address the problem of decomposing partial behaviour models from a single monolithic model to a component-wise...
Conference Paper
Full-text available
Controller synthesis is a well studied problem that attempts to automatically generate an operational behaviour model of the system-to-be such that when deployed in a given domain model that behaves according to specified assumptions satisfies a given goal. A limitation of known controller synthesis techniques is that they require complete descript...
Conference Paper
Full-text available
Many software engineering artefacts, such as source code or specifications, define a set of operations and impose restrictions to the ordering on which they have to be invoked. Enabledness Preserving Abstractions (EPAs) are concise representations of the behaviour space for such artefacts. In this paper, we exemplify how EPAs might be used for vali...
Article
Full-text available
Pre/postcondition-based specifications are commonplace in a variety of software engineering activities that range from requirements through to design and implementation. The fragmented nature of these specifications can hinder validation as it is difficult to understand if the specifications for the various operations fit together well. In this pap...
Article
Full-text available
Space- and time-predictability are hard to achieve for object-oriented languages with automated dynamic-memory management. Although there has been significant work to design APIs, such as the Real-Time Specification for Java (RTSJ), and to implement garbage collectors to enable real-time performance, quantitative space analysis is still in its infa...
Article
Full-text available
In this work we present Contractor.NET, a Visual Studio extension that supports the construction of contract specifications with typestate information which can be used for verification of client code. Contractor.NET uses and extends Code Contracts to provide stronger contract specifications. It features a two step process. First, a class source co...
Conference Paper
Full-text available
We revisit synthesis of live controllers for event-based op- erational models. We remove one aspect of an idealised problem domain by allowing to integrate failures of con- troller actions in the environment model. Classical treat- ment of failures through strong fairness leads to a very high computational complexity and may be insucient for many i...
Conference Paper
Code artefacts that have non-trivial requirements with respect to the ordering in which their methods or procedures ought to be called are common and appear, for instance, in the form of API implementations and objects. This work addresses the problem of validating if API implementations provide their intended behaviour when descriptions of this be...
Article
Full-text available
Microsoft is producing interoperability documentation for Windows client–server and server–server protocols. The Protocol Engineering Team in the Windows organization is responsible for verifying the documentation to ensure that it is of the highest quality. Various test-driven methods are being applied including, when appropriate, a model-based ap...
Article
Full-text available
An essential operation in timed automata model checking is inclusion checking which decides whether a set of states, represented as a convex polyhedron, is included in another set. Several verication tools implement convex polyhedra as square matrixes called DBMs (short for Dierence Bound Matrix), where each row and column is associated to a clock...
Conference Paper
We present a novel technique for synthesising behaviour models that works for an expressive subset of liveness properties and conforms to the foundational requirements engineering World/Machine model, dealing explicitly with assumptions on environment behaviour and distinguishing controlled and monitored actions. This is the first technique that co...
Conference Paper
Full-text available
Property specification is still one of the most chal- lenging tasks for transference of software verification technology like model checking. The use of patterns has been proposed in order to hide the complicated handling of formal languages from the developer. However, this goal is not entirely satisfied. When validating the pattern the developer...
Article
Full-text available
System specifications have long been expressed through au-tomata based languages, enabling verification techniques such as model checking. These verification techniques can assess whether a property holds or not, given a system specifica-tion. However, model checking techniques suffer from the traditionally called state explosion problem, that is,...
Conference Paper
Full-text available
The common practice for verifying properties described as event occurrence patterns is to translate them into observer state machines. The resulting observer is then composed with (the components of) the system under analysis in order to verify a reachability property. Live Component Analysis is a “cone of influence” abstraction technique aiming at...
Conference Paper
Full-text available
Modal Transition Systems (MTS) are an extension of Labelled Transition Systems (LTS) that distinguish between required, proscribed and unknown behaviour and come equipped with a notion of refinement that supports incremental modelling where unknown behaviour is iteratively elaborated into required or proscribed behaviour. The original formulation o...
Conference Paper
Full-text available
The ScopedMemory class of the RTSJ enables the organiza- tion of objects into regions. This ensures time-predictable management of dynamic memory. Using scopes forces the programmer to reason in terms of locality, to comply with RTSJ restrictions. The programmer is also faced with the problem of providing upper-bounds for regions. Without appropria...
Conference Paper
Full-text available
Pre/post condition-based specifications are common-place in a variety of software engineering activities that range from requirements through to design and implementation. The fragmented nature of these specifications can hinder validation as it is difficult to understand if the specifications for the various operations fit together well. In this p...
Conference Paper
Full-text available
System specifications have long been expressed through automata-based languages, enabling verification techniques such as model checking. These verification techniques can assess whether a property holds or not, given a system specification. Quantitative model checking can provide additional information on the probability of these properties holdin...
Article
Full-text available
AADL is an aerospace standard for model-driven design of complex real-time embedded sys-tems. Currently, behavioral properties of AADL models can be specified inside the system description using AADL concepts or outside it using external textual languages, and verified using schedulability analysis or (Time Petri Net-based) model-checking tools. Th...
Conference Paper
Full-text available
This work presents a technique to compute symbolic polynomial approximations of the amount of dynamic memory required to safely execute a method without running out of memory, for Java- like imperative programs. We consider object allocations and deal- locations made by the method and the methods it transitively calls. More precisely, given an init...
Conference Paper
Full-text available
Scenario-based specifications are a popular means for describing intended system behaviour. We aim to facilitate early analysis of system behaviour and the development of behaviour models in conjunction with scenarios. In this paper we define a novel scenario-based specification language with an existential semantics and that supports conditional s...
Conference Paper
Full-text available
Difference Bound Matrices (DBMs) are the most commonly used data structure for model checking timed automata. Since long they are being used in successful tools like Kronos or UPPAAL. As DBMs represent convex polyhedra in an n-dimensional space, this paper explores the idea of using its hypervolume as the basis for two optimization techniques. One...
Conference Paper
Full-text available
We have devised a novel technique to automatically generate test cases for a software system, combining black-box model-based testing with white-box parameterized unit testing. The former pro- vides general guidance for the structure of the tests in the form of test sequences, as well as the oracle to check for conformance of an application under t...
Conference Paper
Full-text available
In this work we present an Eclipse plug-in for the VInTiMe (Verifier of INtegrated TImed ModEls)1 suite of tools that combines high-level expressive power, unassisted property- preserving model reduction and distributed model checking to describe and verify complex real-time system designs and their properties.
Article
Full-text available
Two base algorithms are known for reachability verification over timed automata. They are called forward and backwards, and traverse the automata edges using either successors or predecessors. Both usually work with a data structure called Difference Bound Matrices (DBMs). Although forward is better suited for on-the-fly construction of the model,...
Article
Full-text available
We present a static analysis for computing a parametric upper-bound of the amount of memory dynamically allocated by (Java-like) imperative object-oriented programs. We propose a general procedure for synthesizing non-linear formulas which conservatively estimate the quantity of memory explicitly allocated by a method as a function of its parameter...
Conference Paper
Full-text available
Software product lines or families represent an emerging par- adigm that is enabling companies to engineer applications with similar functionality and user requirements more effec- tively. Behaviour modelling at the architecture level has the potential for supporting behaviour analysis of entire prod- uct lines, as well as defining optional and var...
Article
Full-text available
A major obstacle in the technology transfer agenda of behavioral analysis and design methods is the need for logics or automata to express properties for control-intensive systems. Interaction-modeling notations may offer a replacement or a complement, with a practitioner-appealing and lightweight flavor, due partly to the sub specification of inte...
Article
Full-text available
In this work we present the on-the-fly workload prediction and redistribution techniques used in Zeus [Braberman, V., A. Olivero and F. Schapachnik, Zeus: A distributed timed model checker based on kronos, in: Workshop on Parallel and Distributed Model Checking, affiliated to CONCUR 2002 (13th International Conference on Concurrency Theory), ENTCS...
Article
Full-text available
In this work we present Zeus, a distributed timed model checker that evolves from the TCTL model checker Kronos [13] and that currently can handle backwards computation of reachability properties [2] over timed automata [3]. Zeus was developed following a software architecture-centric approach. Its conceptual architecture was conceived to be suffic...