**1. Introduction**

UML (OMG, 2011) is considered as a contemporary standard in information systems development. Being a graphical modeling language it offers a family of diagrams that may be used for specification and designing of information systems. Sequence diagrams, being a part of the family, are very often used to specify functional requirements of the developed systems and are typically associated with the use case realizations in the logical view of the system under development. They show how actors involved in the scenario representing a use case realization cooperate with system's objects. Therefore, the meaning of a sequence diagram is a set of scenarios, each describing interaction between objects of the designed system and its environment. Semantics of sequence diagrams is defined informally in plain language, and, additionally, the definition is limited to the interpretation of single diagrams. But in nontrivial cases a set of sequence diagrams is necessary to give a complete specification of the system's behavior, and therefore the interpretation of the set of such diagrams is needed. Since UML has informal semantics, a set of sequence diagrams brings some interpretation problems. The problem becomes even more difficult when the real-time systems are designed when numerous time constraints are associated with the diagrams.

Hence, the primary aim of the chapter is to give a precise interpretation of a set of sequence diagrams with time constraints. The formal interpretation is necessary to construct programming tools supporting validation of the systems' behavior specification, and possibly prototyping of the systems. The chapter demonstrates how the set of scenarios specifying system's behavior may be derived from the set of sequence diagrams, and how this set may be analyzed against its consistency and completeness.

Another aim of the chapter is to propose an approach to real-time systems specification. Real-time systems have some peculiarities. For example, a typical task for a real-time system is to track the events from its environment and then responding to them, within imposed time constraints, through the generation of new events targeted to the environment. To follow such schemata, we propose to extend the UML sequence diagrams with new kinds of stereotyped combined fragments.

A specific methodological aspect of real-time system specification is also considered. Namely, very often, in addition to an explicit description of the behavior of the system, additional properties such as safety and liveness, are taken into account. Usually, the

Specification and Validation of Real-Time Systems Using UML Sequence Diagrams 99

There are several languages that enable real-time systems specification, but we focus on UML, especially on UML sequence diagrams that are drawn from Message Sequence Charts (ITU-T, 2004; Cleaveland & Sengupta, 2006). UML 2.4 sequence diagrams provide

A sequence diagram represents an interaction – a set of communications among objects arranged visually in time order. The diagram shows the objects with their lifelines participating in an interaction, and the sequences of exchanged messages, but it does not show object relationships. So, the diagram forms an interaction that consists of objects' lifelines and messages exchanged between the lifelines. For each message there are two events:

The newest version of UML 2.4.1 enables explicit handling of real-time events on sequence diagrams. The basic mechanisms are: observation of current time, especially observation of time of an event occurrence, and observation of duration of message transmission. As in the previous versions of UML, time constraints may be specified – see Fig.1. The constraints may take into account times of sending and receiving a message, duration of a message

Sequence diagrams can exist in a descriptor form (describing all possible scenarios) and in an instance form (describing one actual scenario). The descriptor form uses combined fragments that are shown as nested regions within a sequence diagram. A combined fragment defines an expression of interaction fragments. A combined fragment is defined by an interaction operator and corresponding interaction operands. There are a number of combined fragments for representing contingent behavior, such as conditionals, loops, and so on. A combined fragment has a keyword, e.g., *alt*, *break*, *par*, *loop*, *seq*, *strict*, that specifies its type. Depending on the keyword, there are one or more embedded operands, each of which is a structured subfragment of the overall interaction. A combined fragment may also have zero or more gates, which specify the interface between the combined fragment and

mechanisms for specification of time properties (OMG, 2011).

transmission, times of occurring of selected events etc.

Fig. 1. Sequence diagram with time constraints

other parts of the interaction.

sending and receiving.

properties are expressed in modal logics. We propose to use sequence diagrams to express them, to obtain in this way uniformity of means for a system specification. For this purpose, the notion of monitoring scenarios is introduced. Monitoring scenarios are specified by sequence diagrams, and are used to define liveness and safety properties of the system's behavior.

In the chapter, the proposed semantics of extended sequence diagrams is explained, and an example of a simple system specification and its analysis are presented. The analysis is done by means of the prototype of a programming tool that enables analysis of system's behavior against consistency and completeness as well as checking its liveness and safety properties.

The chapter is organized as follows.

Section 2 presents how UML sequence diagrams are defined, and also introduces new kinds of combined fragments that are used to define extended sequence diagrams. A set of extended sequence diagrams is used to represent the behavior of a real-time system.

Section 3 outlines our approach to specification of the real-time systems. The approach uses class diagrams to represent the structural aspect, and a set of sequence diagrams to represent the behavioral aspect of the specified system. A specific feature of the approach is a possibility to extend the behavior specification with additional monitoring diagrams – sequence diagrams – representing forbidden and expected behaviors. In this way we introduce some redundancy to the behavior specification, which enables checking safety and liveness of system's behavior. The approach is illustrated by a simple example.

In Section 4, an informal semantics of real-time system specification is explained; a notion of the graph of possible scenarios is defined. The graph is derived from the set of extended sequence diagrams, and defines a set of possible scenarios representing system's behavior.

System's specification requires validation with respect to consistency, definiteness and completeness. These properties are defined and discussed in Section 5.

Section 6 is the main section of the chapter. It formalizes semantics of a set of extended sequence diagrams. First, it defines a set of basic notions, and next it formally presents construction of the graph of possible scenarios which are semantics of a set of sequence diagrams.

Section 7 ends the chapter with concluding remarks.
