Combined use of formal methods for reliability assurance of software for safety-critical systems

This doctoral thesis was conducted under a convention for the joint supervision of thesis at Aalto University (Finland) and ITMO University (Russia)Mission-critical systems play an important role in our lives by regulating the production processes of consumer goods and controlling transportation and power plants. Recently, these systems have become more complex due to the advent of Industry 4.0, which has brought about the Internet of Things as well as smart homes and factories. At the same time, automation systems must be correct to fulfill their purpose and safe to interact with humans and prevent disasters from happening. To successfully ensure reliability (correctness and safety), in addition to conventional approaches of testing and simulation, formal methods should be applied. These methods, including model checking and formal model synthesis, increase the safety of systems by means of exhaustive analysis. This thesis considers combined use of three different types of formal methods: verification, synthesis and testing, and as a result it proposes several automated formal reliability assurance approaches for control software. Specifically, it examines three sub-areas of combined use of formal methods. Firstly, the thesis proposes model checking based methods to generate finite-state models of plants and control software. Secondly, it considers the use of generated models in open-loop and closed-loop model checking of automation systems. Thirdly, it explores how model checking can be used to test closed-loop systems. The following key results were obtained: (1) two SAT solver based methods were developed to generate plant and controller finite-state models with the minimum possible number of states; (2) new practical plant model generation methods were developed that are more scalable than the ones known before and support plant modularity; (3) a comprehensive verification methodology was proposed to verify manually created formal models by comparing them with formally synthesized models; and (4) a closed-loop verification approach was proposed that combines testing and model checking. From a practical point of view, these results extend the capabilities of modern formal methods to assure the reliability of mission-critical systems. In addition, the approaches proposed in the thesis increase the level of automation of this process. The practical applicability of the developed approaches was shown, in particular for verification of nuclear instrumentation and control systems