The STATEMATE semantics of statecharts
ACM Transactions on Software Engineering and Methodology (TOSEM)
Modeling Reactive Systems with Statecharts: The Statemate Approach
Modeling Reactive Systems with Statecharts: The Statemate Approach
| Hi-index | 0.00 |
Often organizations need to combine multiple tools for effective software development. For instance, some organizations prefer STATEMATE [3] for specification due to its friendly visual notation and asynchronous semantics, whereas they prefer SCADE [6] for code generation due to it's certified and optimized code generator. For these organizations to make effective use of both these tools, the tools need to be integrated by defining a translation between the two notations. Unlike translation of Statecharts to C which is a high level notation to code level translation with same (control flow) semantics or graphical SCADE (Safe State Machine) to textual SCADE (Lustre)[4] which is between two models having same (data flow) semantics, STATEMATE and SCADE have high level specification notations with very different semantics. Hence naive translation is not possible. Additionally, these organizations also require a rigorous validation of the translation. Here, we describe a translation strategy and a rigorous validation process for key STATEMATE constructs to SCADE. The translation strategy helps to bridge the semantic gap between the tools. As the formal verification of a translator is difficult, we propose an automated testing technique for each individual translation based on classical comparison testing. We show how this technique can be used to achieve MC/DC coverage for each individual translation as required for certification (for example, RTCA's DO-178B [7]). The translation strategy and testing technique are implemented in a prototype translator