96,430 research outputs found
PALS-Based Analysis of an Airplane Multirate Control System in Real-Time Maude
Distributed cyber-physical systems (DCPS) are pervasive in areas such as
aeronautics and ground transportation systems, including the case of
distributed hybrid systems. DCPS design and verification is quite challenging
because of asynchronous communication, network delays, and clock skews.
Furthermore, their model checking verification typically becomes unfeasible due
to the huge state space explosion caused by the system's concurrency. The PALS
("physically asynchronous, logically synchronous") methodology has been
proposed to reduce the design and verification of a DCPS to the much simpler
task of designing and verifying its underlying synchronous version. The
original PALS methodology assumes a single logical period, but Multirate PALS
extends it to deal with multirate DCPS in which components may operate with
different logical periods. This paper shows how Multirate PALS can be applied
to formally verify a nontrivial multirate DCPS. We use Real-Time Maude to
formally specify a multirate distributed hybrid system consisting of an
airplane maneuvered by a pilot who turns the airplane according to a specified
angle through a distributed control system. Our formal analysis revealed that
the original design was ineffective in achieving a smooth turning maneuver, and
led to a redesign of the system that satisfies the desired correctness
properties. This shows that the Multirate PALS methodology is not only
effective for formal DCPS verification, but can also be used effectively in the
DCPS design process, even before properties are verified.Comment: In Proceedings FTSCS 2012, arXiv:1212.657
QuantUM: Quantitative Safety Analysis of UML Models
When developing a safety-critical system it is essential to obtain an
assessment of different design alternatives. In particular, an early safety
assessment of the architectural design of a system is desirable. In spite of
the plethora of available formal quantitative analysis methods it is still
difficult for software and system architects to integrate these techniques into
their every day work. This is mainly due to the lack of methods that can be
directly applied to architecture level models, for instance given as UML
diagrams. Also, it is necessary that the description methods used do not
require a profound knowledge of formal methods. Our approach bridges this gap
and improves the integration of quantitative safety analysis methods into the
development process. All inputs of the analysis are specified at the level of a
UML model. This model is then automatically translated into the analysis model,
and the results of the analysis are consequently represented on the level of
the UML model. Thus the analysis model and the formal methods used during the
analysis are hidden from the user. We illustrate the usefulness of our approach
using an industrial strength case study.Comment: In Proceedings QAPL 2011, arXiv:1107.074
Integrating model checking with HiP-HOPS in model-based safety analysis
The ability to perform an effective and robust safety analysis on the design of modern safety–critical systems is crucial. Model-based safety analysis (MBSA) has been introduced in recent years to support the assessment of complex system design by focusing on the system model as the central artefact, and by automating the synthesis and analysis of failure-extended models. Model checking and failure logic synthesis and analysis (FLSA) are two prominent MBSA paradigms. Extensive research has placed emphasis on the development of these techniques, but discussion on their integration remains limited. In this paper, we propose a technique in which model checking and Hierarchically Performed Hazard Origin and Propagation Studies (HiP-HOPS) – an advanced FLSA technique – can be applied synergistically with benefit for the MBSA process. The application of the technique is illustrated through an example of a brake-by-wire system
Machine Hyperconsciousness
Individual animal consciousness appears limited to a single giant component of interacting cognitive modules, instantiating a shifting, highly tunable, Global Workspace. Human institutions, by contrast, can support several, often many, such giant components simultaneously, although they generally function far more slowly than the minds of the individuals who compose them. Machines having multiple global workspaces -- hyperconscious machines -- should, however, be able to operate at the few hundred milliseconds characteistic of individual consciousness. Such multitasking -- machine or institutional -- while clearly limiting the phenomenon of inattentional blindness, does not eliminate it, and introduces characteristic failure modes involving the distortion of information sent between global workspaces. This suggests that machines explicitly designed along these principles, while highly efficient at certain sets of tasks, remain subject to canonical and idiosyncratic failure patterns analogous to, but more complicated than, those explored in Wallace (2006a). By contrast, institutions, facing similar challenges, are usually deeply embedded in a highly stabilizing cultural matrix of law, custom, and tradition which has evolved over many centuries. Parallel development of analogous engineering strategies, directed toward ensuring an 'ethical' device, would seem requisite to the sucessful application of any form of hyperconscious machine technology
A Holistic Approach in Embedded System Development
We present pState, a tool for developing "complex" embedded systems by
integrating validation into the design process. The goal is to reduce
validation time. To this end, qualitative and quantitative properties are
specified in system models expressed as pCharts, an extended version of
hierarchical state machines. These properties are specified in an intuitive way
such that they can be written by engineers who are domain experts, without
needing to be familiar with temporal logic. From the system model, executable
code that preserves the verified properties is generated. The design is
documented on the model and the documentation is passed as comments into the
generated code. On the series of examples we illustrate how models and
properties are specified using pState.Comment: In Proceedings F-IDE 2015, arXiv:1508.0338
Extending the Real-Time Maude Semantics of Ptolemy to Hierarchical DE Models
This paper extends our Real-Time Maude formalization of the semantics of flat
Ptolemy II discrete-event (DE) models to hierarchical models, including modal
models. This is a challenging task that requires combining synchronous
fixed-point computations with hierarchical structure. The synthesis of a
Real-Time Maude verification model from a Ptolemy II DE model, and the formal
verification of the synthesized model in Real-Time Maude, have been integrated
into Ptolemy II, enabling a model-engineering process that combines the
convenience of Ptolemy II DE modeling and simulation with formal verification
in Real-Time Maude.Comment: In Proceedings RTRTS 2010, arXiv:1009.398
Property specification and static verification of UML models
We present a static verification tool (SVT), a system that performs static verification on UML models composed of UML class and state machine diagrams. Additionally, the SVT allows the user to add extra behavior specification in the form of guards and effects by defining a small action language. UML models are checked against properties written in a special-purpose property language that allows the user to specify linear temporal logic formulas that explicitly reason about UML components. Thus, the SVT provides a strong foundation for the design of reliable systems and a step towards model-driven security
- …