When using a formal method efficiently, does it become more natural to design generic, reusable components than when using non formal methods?

Main -> FAQ -> R-EA-1


 * Theme: Training Scope and Pace (TSP)
 * Role: High-Level Manager (HM)

Answer
Both formal methods and semi-formal methods have reuse mechanisms. They tend however to be of different nature and it is worth combining them:
 * semi-formal techniques are more pattern oriented and providing even domain-specific libraries of patterns (e.g. for business processes)
 * formal techniques tends to provide more verification oriented means of reuse such as generic refinements structures, modularisation/decomposition and specific proof strategies to ease their replay in a given domain

Being efficient in using a formalism in a given domain also requires some experience. One lesson learned from projects such as DEPLOY was that it took some time the the industrial partners to find the most reusable modelling techniques in a their domain.

Reuse at semi-formal, formal level, and combined
Combining both level is even more interesting because it gives:
 * a simple graphical representation, easing the comprehension and instantiation
 * a real semantics to the pattern and also the ability to prove it.

Within DEPLOY, this approach was enabled by the following mappings:
 * UML-B was developed since several year by University of Southampton . It supports both the mapping of class and state machines in a UML-like syntax (enabling the use of generic UML design patterns)
 * BPMN-like notation was developed by SAP . A number of patterns have been published (e.g. Business Patterns in UML, Event Processing patterns ). At formal level, SAP is using Event-B has underlying formalism.

Finding reusable modelling techniques in a given domain
In DEPLOY most partners, after an initial training phase, all the project partners faced the challenge to find a effective way to model in their domain. That process took on the average one year.
 * SSF experimented modelling of Space Systems on case studies (BepiColombo and AOCS, including a distributed variant of it) directly inspired by real problems and relying on a set of real requirements. A substantial effort was devoted to elaborate the know-how to efficiently model space systems using Event-B and Rodin. SSF was successful in building and verifying complex models although several trials and errors were necessary to discover "how to" proceed and models were restarted from scratch at least 3 times. The process was tightly linked with the work on improving methods and tools especially wrt modularisation.