Vol.3 No.3 2010
28/60

Research paper : A methodology for improving reliability of complex systems (A. Katoh et al.)−213−Synthesiology - English edition Vol.3 No.3 (2010) individual problems. I think the solution to this is the bridge method, but if this is so, please explain this clearly (this is also relevant to discussion 3).Answer (Atsushi Katoh)I shall clarify the objective (goal) of the research. The objective of this research is to establish a methodology for decomposing a system specification into component specifications and interface specifications among components whose cooperating behavior is consistent with each component, which is not specific to particular technological systems. We will add this to chapter 2. The system design method with function “a” mentioned in chapter 3 includes SA/SD and architectural design methods. In the SA/SD method, the system design is done focusing on the data (such as business information) that are stable against the changes in the system environment. This enables the construction of a system with maintainability and expandability. However, because it is a method developed primarily for information systems, it is not very suitable for designing anything other than the information system. On the other hand, architectural design method has no procedures or tasks specifically defined for a certain designing, and therefore requires more efforts compared to specific design methods. However, architectural design method is a universal design method independent of some particular technological systems. Therefore, considering the research objective of developing a methodology not specific to particular technological systems, we selected architectural design method as the system design method with function “a”. The process of selecting architectural design method from the system design methods, and the advantages and disadvantages of the SA/SD and architectural design methods are revised in chapter 3.As you indicated, I do think there is a problem that this methodology will be difficult to apply to individual problems because it is not specific to any technological systems. For this methodology, the attributes and the model checking tools are selected according to the characteristics of the cooperative behavior in the applied system using the bridge method. The issues unique to the applied system for the cooperative behavior are handled in this manner. We will add these to subchapter 6.2.6 Bridge methodComment (Motoyuki Akamatsu)You mention that one of the outcomes of this research is that you clarified the fact that the bridge method is necessary. Please describe the research scenario for the bridge method, such as why the bridge method is necessary, what requirements it has to satisfy, and why you named it bridge method.Since architectural design method and model checking were developed based on two different ways of thinking, I assume that the outputs from architectural design method were insufficient for model checking, and I think it is natural that you needed a technology to convert each other to connect the two items with different concepts. Therefore, to clarify the originality of this method, please address whether this is simply a conversion method, or a method developed to verify the cooperative behavior.Answer (Atsushi Katoh)In this research, the system verification is conducted for the cooperative behavior by components at the phase of system design. Therefore, we focused on the cooperative behavior, and saw it was necessary to seamlessly connect the outputs of architectural design and the inputs of model checking. Therefore we developed the method to derive the component specifications and interface specifications among components related to the cooperative behavior, the properties to be satisfied by the cooperative behavior, and the model checking tool to be applied. This technology is called bridge method because it bridges architectural design method and model checking. I believe the bridge method is novel because it focuses on the cooperative behavior, and we clarified the specific method for synthesizing the system engineering standards such as IEEE 1220 and model checking. We will add these to subchapter 4.2.

元のページ 

page 28

※このページを正しく表示するにはFlashPlayer10.2以上が必要です