24 research outputs found
From Verified Models to Verifiable Code
Declarative specifications of digital systems often contain parts that can be automatically translated into executable code. Automated code generation may reduce or eliminate the kinds of errors typically introduced through manual code writing. For this approach to be effective, the generated code should be reasonably efficient and, more importantly, verifiable. This paper presents a prototype code generator for the Prototype Verification System (PVS) that translates a subset of PVS functional specifications into an intermediate language and subsequently to multiple target programming languages. Several case studies are presented to illustrate the tool's functionality. The generated code can be analyzed by software verification tools such as verification condition generators, static analyzers, and software model-checkers to increase the confidence that the generated code is correct
Linear Parametric Model Checking of Timed Automata
We present an extension of the model checker Uppaal capable of synthesizing linear parameter constraints for the correctness ofparametric timed automata. The symbolic representation of the (parametric) state-space is shown to be correct. A second contribution of thispaper is the identification of a subclass of parametric timed automata(L/U automata), for which the emptiness problem is decidable, contraryto the full class where it is know to be undecidable. Also we present anumber of lemmas enabling the verification effort to be reduced for L/Uautomata in some cases. We illustrate our approach by deriving linearparameter constraints for a number of well-known case studies from theliterature (exhibiting a flaw in a published paper)
Model checking timed safety instrumented systems
Defects in safety-critical software systems can cause large economical and other losses. Often these systems are far too complex to be tested extensively. In this work a formal verification technique called model checking is utilized. In the technique, a mathematical model is created that captures the essential behaviour of the system. The specifications of the system are stated in some formal language, usually temporal logic. The behaviour of the model can then be checked exhaustively against a given specification.
This report studies the Falcon arc protection system engineered by UTU Oy, which is controlled by a single programmable logic controller (PLC). Two separate models of the arc protection system are created. Both models consist of a network of timed automata. In the first model, the controller operates in discrete time steps at a specific rate. In the second model, the controller operates at varying frequency in continuous time. Five system specifications were formulated in timed computation tree logic (TCTL). Using the model checking tool Uppaal both models were verified against all five specifications.
The processing times of the verification are measured and presented. The discrete-time model has to be abstracted a lot before it can be verified in a reasonable time. The continuous-time model, however, covered more behaviour than the system to be modelled, and could still be verified in a moderate time period. In that sense, the continuous-time model is better than the discrete-time model.
The main contributions of this report are the model checking of a safety instrumented system controlled by a PLC, and the techniques used to describe various TCTL specifications in Uppaal. The conclusion of the work is that model checking of timed systems can be used in the verification of safety instrumented systems
Formal modelling and analysis of broadcasting embedded control systems
PhD ThesisEmbedded systems are real-time, communicating systems, and the effective
modelling and analysis of these aspects of their behaviour is regarded as essential
for acquiring confidence in their correct operation. In practice, it is important
to minimise the burden of model construction and to automate the analysis,
if possible. Among the most promising techniques for real-time systems are
reachability analysis and model-checking of networks of timed automata. We
identify two obstacles to the application of these techniques to a large class of
distributed embedded systems: firstly, the language of timed automata is too
low-level for straightforward model construction, and secondly, the synchronous,
handshake communication mechanism of the timed automata model does not fit
well with the asynchronous, broadcast mechanism employed in many distributed
embedded systems. As a result, the task of model construction can be unduly
onerous.
This dissertation proposes an expressive language for the construction of
models of real-time, broadcasting control systems, and demonstrates how effi-
cient analysis techniques can be applied to them.
The dissertation is concerned in particular with the Controller Area Network
(CAN) protocol which is emerging as a de facto standard in the automotive
industry. An abstract formal model of CAN is developed. This model is adopted
as the communication primitive in a new language, bCANDLE, which includes
value passing, broadcast communication, message priorities and explicit time.
A high-level language, CANDLE, is introduced and its semantics defined by
translation to bCANDLE. We show how realistic CAN systems can be described
in CANDLE and how a timed transition model of a system can be extracted for
analysis. Finally, it is shown how efficient methods of analysis, such as 'on-the-
fly' and symbolic techniques, can be applied to these models. The dissertation
contributes to the practical application of formal methods within the domain
of broadcasting, embedded control systemsSchool of Computing and Mathematics at the University of Northumbri