1,474,777 research outputs found
Correct-by-Construction Approach for Self-Evolvable Robots
The paper presents a new formal way of modeling and designing reconfigurable
robots, in which case the robots are allowed to reconfigure not only
structurally but also functionally. We call such kind of robots
"self-evolvable", which have the potential to be more flexible to be used in a
wider range of tasks, in a wider range of environments, and with a wider range
of users. To accommodate such a concept, i.e., allowing a self-evovable robot
to be configured and reconfigured, we present a series of formal constructs,
e.g., structural reconfigurable grammar and functional reconfigurable grammar.
Furthermore, we present a correct-by-construction strategy, which, given the
description of a workspace, the formula specifying a task, and a set of
available modules, is capable of constructing during the design phase a robot
that is guaranteed to perform the task satisfactorily. We use a planar
multi-link manipulator as an example throughout the paper to demonstrate the
proposed modeling and designing procedures.Comment: The paper has 17 pages and 4 figure
A formal approach for correct-by-construction system substitution
The substitution of a system with another one may occur in several situations
like system adaptation, system failure management, system resilience, system
reconfiguration, etc. It consists in replacing a running system by another one
when given conditions hold. This contribution summarizes our proposal to define
a formal setting for proving the correctness of system substitution. It relies
on refinement and on the Event-B method.Comment: EDCC-2014, Student-Forum, System Substitution, state rRecovery,
correct-bycorrection, Event-B, refinemen
Correct-by-construction microarchitectural pipelining
This paper presents a method for correct-by-construction microarchitectural pipelining that handles cyclic systems with dependencies between iterations. Our method combines previously known bypass and retiming transformations with a few transformations valid only for elastic systems with early evaluation (namely, empty FIFO insertion, FIFO capacity sizing, insertion of anti-tokens, and introducing early evaluation multiplexors). By converting the design to a synchronous elastic form and then applying this extended set of transformations, one can pipeline a functional specification with an automatically generated distributed controller that implements stalling logic resolving data hazards off the critical path of the design. We have developed an interactive toolkit for exploring elastic microarchitectural transformations. The method is illustrated by pipelining a few simple examples of instruction set architecture ISA specifications.Peer ReviewedPostprint (published version
Flexible Correct-by-Construction Programming
Correctness-by-Construction (CbC) is an incremental program construction
process to construct functionally correct programs. The programs are
constructed stepwise along with a specification that is inherently guaranteed
to be satisfied. CbC is complex to use without specialized tool support, since
it needs a set of predefined refinement rules of fixed granularity which are
additional rules on top of the programming language. Each refinement rule
introduces a specific programming statement and developers cannot depart from
these rules to construct programs. CbC allows to develop software in a
structured and incremental way to ensure correctness, but the limited
flexibility is a disadvantage of CbC. In this work, we compare classic CbC with
CbC-Block and TraitCbC. Both approaches CbC-Block and TraitCbC, are related to
CbC, but they have new language constructs that enable a more flexible software
construction approach. We provide for both approaches a programming guideline,
which similar to CbC, leads to well-structured programs. CbC-Block extends CbC
by adding a refinement rule to insert any block of statements. Therefore, we
introduce CbC-Block as an extension of CbC. TraitCbC implements
correctness-by-construction on the basis of traits with specified methods. We
formally introduce TraitCbC and prove soundness of the construction strategy.
All three development approaches are qualitatively compared regarding their
programming constructs, tool support, and usability to assess which is best
suited for certain tasks and developers.Comment: arXiv admin note: substantial text overlap with arXiv:2204.0564
An Iterative Abstraction Algorithm for Reactive Correct-by-Construction Controller Synthesis
In this paper, we consider the problem of synthesizing
correct-by-construction controllers for discrete-time dynamical systems. A
commonly adopted approach in the literature is to abstract the dynamical system
into a Finite Transition System (FTS) and thus convert the problem into a two
player game between the environment and the system on the FTS. The controller
design problem can then be solved using synthesis tools for general linear
temporal logic or generalized reactivity(1) specifications. In this article, we
propose a new abstraction algorithm. Instead of generating a single FTS to
represent the system, we generate two FTSs, which are under- and
over-approximations of the original dynamical system. We further develop an
iterative abstraction scheme by exploiting the concept of winning sets, i.e.,
the sets of states for which there exists a winning strategy for the system.
Finally, the efficiency of the new abstraction algorithm is illustrated by
numerical examples.Comment: A shorter version has been accepted for publication in the 54th IEEE
Conference on Decision and Control (held Tuesday through Friday, December
15-18, 2015 at the Osaka International Convention Center, Osaka, Japan
A Coq-based synthesis of Scala programs which are correct-by-construction
The present paper introduces Scala-of-Coq, a new compiler that allows a
Coq-based synthesis of Scala programs which are "correct-by-construction". A
typical workflow features a user implementing a Coq functional program, proving
this program's correctness with regards to its specification and making use of
Scala-of-Coq to synthesize a Scala program that can seamlessly be integrated
into an existing industrial Scala or Java application.Comment: 2 pages, accepted version of the paper as submitted to FTfJP 2017
(Formal Techniques for Java-like Programs), June 18-23, 2017, Barcelona ,
Spai
Investigating correct-by-construction attack-tolerant systems
Attack-tolerant distributed systems change their protocols on-the-fly in response to apparent attacks from the environment;
they substitute functionally equivalent versions possibly more resistant to detected threats. Alternative protocols can be packaged together as a single adaptive protocol or variants from a formal protocol library can be sent to threatened groups
of processes. We are experimenting with libraries of attack-tolerant protocols that are correct-by-construction and testing
them in environments that simulate specified threats, including constructive versions of the famous FLP imaginary adversary against fault-tolerant consensus. We expect that all variants of tolerant protocols are automatically generated and accompanied
by machine checked proofs that the generated code satisfies formal properties.DARP
Synthesis of correct-by-construction behavior trees
In this paper we study the problem of synthesizing correct-by-construction Behavior Trees (BTs) controlling agents in adversarial environments. The proposed approach combines the modularity and reactivity of BTs with the formal guarantees of Linear Temporal Logic (LTL) methods. Given a set of admissible environment specifications, an agent model in form of a Finite Transition System and the desired task in form of an LTL formula, we synthesize a BT in polynomial time, that is guaranteed to correctly execute the desired task. To illustrate the approach, we present three examples of increasing complexity
- …