SMT-Based Bounded Model Checking of Fixed-Point Digital Controllers

Digital controllers have several advantages with respect to their flexibility and design's simplicity. However, they are subject to problems that are not faced by analog controllers. In particular, these problems are related to the finite word-length implementation that might lead to overflows, limit cycles, and time constraints in fixed-point processors. This paper proposes a new method to detect design's errors in digital controllers using a state-of-the art bounded model checker based on satisfiability modulo theories. The experiments with digital controllers for a ball and beam plant demonstrate that the proposed method can be very effective in finding errors in digital controllers than other existing approaches based on traditional simulations tools

Reachability Analysis of Time Basic Petri Nets: a Time Coverage Approach

We introduce a technique for reachability analysis of Time-Basic (TB) Petri nets, a powerful formalism for real- time systems where time constraints are expressed as intervals, representing possible transition firing times, whose bounds are functions of marking's time description. The technique consists of building a symbolic reachability graph relying on a sort of time coverage, and overcomes the limitations of the only available analyzer for TB nets, based in turn on a time-bounded inspection of a (possibly infinite) reachability-tree. The graph construction algorithm has been automated by a tool-set, briefly described in the paper together with its main functionality and analysis capability. A running example is used throughout the paper to sketch the symbolic graph construction. A use case describing a small real system - that the running example is an excerpt from - has been employed to benchmark the technique and the tool-set. The main outcome of this test are also presented in the paper. Ongoing work, in the perspective of integrating with a model-checking engine, is shortly discussed.Comment: 8 pages, submitted to conference for publicatio

Analysing oscillatory trends of discrete-state stochastic processes through HASL statistical model checking

The application of formal methods to the analysis of stochastic oscillators has been at the focus of several research works in recent times. In this paper we provide insights on the application of an expressive temporal logic formalism, namely the Hybrid Automata Stochastic Logic (HASL), to that issue. We show how one can take advantage of the expressive power of the HASL logic to define and assess relevant characteristics of (stochastic) oscillators

Schedulability analysis of timed CSP models using the PAT model checker

Timed CSP can be used to model and analyse real-time and concurrent behaviour of embedded control systems. Practical CSP implementations combine the CSP model of a real-time control system with prioritized scheduling to achieve efficient and orderly use of limited resources. Schedulability analysis of a timed CSP model of a system with respect to a scheduling scheme and a particular execution platform is important to ensure that the system design satisfies its timing requirements. In this paper, we propose a framework to analyse schedulability of CSP-based designs for non-preemptive fixed-priority multiprocessor scheduling. The framework is based on the PAT model checker and the analysis is done with dense-time model checking on timed CSP models. We also provide a schedulability analysis workflow to construct and analyse, using the proposed framework, a timed CSP model with scheduling from an initial untimed CSP model without scheduling. We demonstrate our schedulability analysis workflow on a case study of control software design for a mobile robot. The proposed approach provides non-pessimistic schedulability results

Statistical Model Checking of e-Motions Domain-Specific Modeling Languages

Domain experts may use novel tools that allow them to de- sign and model their systems in a notation very close to the domain problem. However, the use of tools for the statistical analysis of stochas- tic systems requires software engineers to carefully specify such systems in low level and specific languages. In this work we line up both sce- narios, specific domain modeling and statistical analysis. Specifically, we have extended the e-Motions system, a framework to develop real-time domain-specific languages where the behavior is specified in a natural way by in-place transformation rules, to support the statistical analysis of systems defined using it. We discuss how restricted e-Motions sys- tems are used to produce Maude corresponding specifications, using a model transformation from e-Motions to Maude, which comply with the restrictions of the VeStA tool, and which can therefore be used to per- form statistical analysis on the stochastic systems thus generated. We illustrate our approach with a very simple messaging distributed system.Universidad de Málaga Campus de Excelencia Internacional Andalucía Tech. Research Project TIN2014-52034-R an

Existence of periodic solutions of the FitzHugh-Nagumo equations for an explicit range of the small parameter

The FitzHugh-Nagumo model describing propagation of nerve impulses in axon is given by fast-slow reaction-diffusion equations, with dependence on a parameter $\epsilon$ representing the ratio of time scales. It is well known that for all sufficiently small $\epsilon>0$ the system possesses a periodic traveling wave. With aid of computer-assisted rigorous computations, we prove the existence of this periodic orbit in the traveling wave equation for an explicit range $\epsilon \in (0, 0.0015]$. Our approach is based on a novel method of combination of topological techniques of covering relations and isolating segments, for which we provide a self-contained theory. We show that the range of existence is wide enough, so the upper bound can be reached by standard validated continuation procedures. In particular, for the range $\epsilon \in [1.5 \times 10^{-4}, 0.0015]$ we perform a rigorous continuation based on covering relations and not specifically tailored to the fast-slow setting. Moreover, we confirm that for $\epsilon=0.0015$ the classical interval Newton-Moore method applied to a sequence of Poincar\'e maps already succeeds. Techniques described in this paper can be adapted to other fast-slow systems of similar structure

SOTER: A Runtime Assurance Framework for Programming Safe Robotics Systems

The recent drive towards achieving greater autonomy and intelligence in robotics has led to high levels of complexity. Autonomous robots increasingly depend on third party off-the-shelf components and complex machine-learning techniques. This trend makes it challenging to provide strong design-time certification of correct operation. To address these challenges, we present SOTER, a robotics programming framework with two key components: (1) a programming language for implementing and testing high-level reactive robotics software and (2) an integrated runtime assurance (RTA) system that helps enable the use of uncertified components, while still providing safety guarantees. SOTER provides language primitives to declaratively construct a RTA module consisting of an advanced, high-performance controller (uncertified), a safe, lower-performance controller (certified), and the desired safety specification. The framework provides a formal guarantee that a well-formed RTA module always satisfies the safety specification, without completely sacrificing performance by using higher performance uncertified components whenever safe. SOTER allows the complex robotics software stack to be constructed as a composition of RTA modules, where each uncertified component is protected using a RTA module. To demonstrate the efficacy of our framework, we consider a real-world case-study of building a safe drone surveillance system. Our experiments both in simulation and on actual drones show that the SOTER-enabled RTA ensures the safety of the system, including when untrusted third-party components have bugs or deviate from the desired behavior