21 research outputs found
Tightening the contract refinements of a system architecture
Contract-based design is an emerging paradigm for correct-by-construction hierarchical systems: components are associated with assumptions and guarantees expressed as formal properties; the architecture is analyzed by verifying that each contract of composite components is correctly refined by the contracts of its subcomponents. The approach is very efficient, because the overall correctness proof is decomposed into proofs local to each component. However, the process for the contract specification and refinement is quite expensive because the requirements are formalized into formal properties, where part of the complexity is delegated to the designer, who has the burden of specifying the contracts. Typical problems include understanding which contracts are necessary, and how they can be simplified without breaking the correctness of the refinement and other refinements in case some subcontracts are shared. In this paper, we tackle these problems by proposing a technique to understand and simplify the contract refinements of a system architecture during the development process for the contract specification and refinement. The technique, called tightening, is based on parameter synthesis. The idea is to generate a set of parametric proof obligations, where each parameter evaluation corresponds to a variant of the original(s) contract refinement(s), and to search for tighter variants of the contracts that still ensure the correctness of the refinement(s). We cast this approach in the OCRA framework, where contracts are expressed with LTL formulas, and we evaluate its performance and effectiveness on a number of benchmarks.Fil: Cimatti, Alessandro. Fondazione Bruno Kessler; ItaliaFil: Demasi, Ramiro Adrian. Fondazione Bruno Kessler; Italia. Universidad Nacional de Córdoba. Facultad de Matemática, Astronomía y Física. Sección Ciencias de la Computación; ArgentinaFil: Tonetta, Stefano. Fondazione Bruno Kessler; Itali
The xSAP Safety Analysis Platform
This paper describes the xSAP safety analysis platform. xSAP provides several
model-based safety analysis features for finite- and infinite-state synchronous
transition systems. In particular, it supports library-based definition of
fault modes, an automatic model extension facility, generation of safety
analysis artifacts such as Dynamic Fault Trees (DFTs) and Failure Mode and
Effects Analysis (FMEA) tables. Moreover, it supports probabilistic evaluation
of Fault Trees, failure propagation analysis using Timed Failure Propagation
Graphs (TFPGs), and Common Cause Analysis (CCA). xSAP has been used in several
industrial projects as verification back-end, and is currently being evaluated
in a joint R&D Project involving FBK and The Boeing Company
A Cloud-Based Collaboration Platform for Model-Based Design of Cyber-Physical Systems
Businesses, particularly small and medium-sized enterprises, aiming to start
up in Model-Based Design (MBD) face difficult choices from a wide range of
methods, notations and tools before making the significant investments in
planning, procurement and training necessary to deploy new approaches
successfully. In the development of Cyber-Physical Systems (CPSs) this is
exacerbated by the diversity of formalisms covering computation, physical and
human processes. In this paper, we propose the use of a cloud-enabled and open
collaboration platform that allows businesses to offer models, tools and other
assets, and permits others to access these on a pay-per-use basis as a means of
lowering barriers to the adoption of MBD technology, and to promote
experimentation in a sandbox environment
Being correct is not enough: efficient verification using robust linear temporal logic
While most approaches in formal methods address system correctness, ensuring
robustness has remained a challenge. In this paper we present and study the
logic rLTL which provides a means to formally reason about both correctness and
robustness in system design. Furthermore, we identify a large fragment of rLTL
for which the verification problem can be efficiently solved, i.e.,
verification can be done by using an automaton, recognizing the behaviors
described by the rLTL formula , of size at most , where is the length of . This
result improves upon the previously known bound of
for rLTL verification and is closer to
the LTL bound of . The usefulness of
this fragment is demonstrated by a number of case studies showing its practical
significance in terms of expressiveness, the ability to describe robustness,
and the fine-grained information that rLTL brings to the process of system
verification. Moreover, these advantages come at a low computational overhead
with respect to LTL verification.Comment: arXiv admin note: text overlap with arXiv:1510.08970. v2 notes: Proof
on the complexity of translating rLTL formulae to LTL formulae via the
rewriting approach. New case study on the scalability of rLTL formulae in the
proposed fragment. Accepted to appear in ACM Transactions on Computational
Logi
Safe and Optimal Techniques Enabling Recovery, Integrity, and Assurance
There is a trend in the aviation industry to go from federated to integrated computing systems. Combining a number of traditional stand-alone federated systems into an integrated common platform (called Integrated Modular Avionics, IMA) has the benefit of increased power efficiency, reduced support hardware, and reduced cabling. However, changing from federated to integrated has a significant impact on the system architecture and hence the process of how avionic systems are to be analyzed. Traditional approaches to safety analysis become inefficient when functional boundaries can no longer be assumed for failure independence and fault isolation. In this report, we describe a tool that we developed to accelerate the safety engineer's ability to perform safety analysis of IMA systems through modeling, as well as optimize the system engineer's ability to develop a system through architecture synthesis. This work was the result of a three-year research effort called SOTERIA (Safe and Optimal Techniques Enabling Recovery, Integrity, and Assurance). We developed a compositional modeling language that supports rapid development, modification, and evaluation of architectures. The modeling language is structured such that the end-user defines a library of components with information on component reliability, connectivity, and fault propagation logic. The system model is built by instantiating the components from the library, connecting the components, and identifying the top-level faults of interest. Our tool is compositional in that the end-user only needs to define safety aspects at the component level. The tool takes the model and automatically synthesizes both the qualitative and quantitative safety analyses. We go further by allowing users to describe system information such as components to use in an architecture and their connection compatibility and automatically synthesize an architecture that meets the top-level probability target adhering to end-user specified constraints. This capability allows users to rapidly explore a design space.
More Scalable LTL Model Checking via Discovering Design-Space Dependencies (D3)
Modern system design often requires comparing several models over a large design space. Different models arise out of a need to weigh different design choices, to check core capabilities of versions with varying features, or to analyze a future version against previous ones. Model checking can compare different models; however, applying model checking off-the-shelf may not scale due to the large size of the design space for today’s complex systems. We exploit relationships between different models of the same (or related) systems to optimize the model-checking search. Our algorithm, D3 , preprocesses the design space and checks fewer model-checking instances, e.g., using nuXmv. It automatically prunes the search space by reducing both the number of models to check, and the number of LTL properties that need to be checked for each model in order to provide the complete model-checking verdict for every individual model-property pair. We formalize heuristics that improve the performance of D3 . We demonstrate the scalability of D3 by extensive experimental evaluation, e.g., by checking 1,620 real-life models for NASA’s NextGen air traffic control system. Compared to checking each model-property pair individually, D3 is up to 9.4 × faster
Tехнічні засоби діагностування та контролю бортових систем інформаційного обміну на літаку
Робота публікується згідно наказу ректора від 27.05.2021 р. №311/од "Про розміщення кваліфікаційних робіт вищої освіти в репозиторії НАУ". Керівник дипломної роботи: доцент кафедри авіоніки, Слободян Олександр ПетровичТехнічний прогрес в авіаційній та будь-якій іншій галузі тісно пов'язаний з
автоматизацією технологічних процесів. Сьогодні Автоматизація
технологічних процесів використовується для підвищення характеристик
надійності, довговічності, екологічності, ресурсозбереження і, найголовніше,
економічності і простоти експлуатації. Завдяки швидкому розвитку
комп'ютерних технологій і мікропроцесорів у нас є можливість
використовувати більш досконалі і складні методи моніторингу та
управління системами авіаційної промисловості і будь-якими іншими.
Мікропроцесорні та електронні обчислювальні пристрої, з'єднані
обчислювальними і керуючими мережами з використанням загальних баз
даних, мають стандарти, що дозволяють модифікувати і інтегрувати нові
пристрої, що, в свою чергу, дозволяє інтегрувати і вдосконалювати
виробничі процеси і управляти ними.
Проектування системи розподіленої інтегрованої модульної авіоніки
(DIMA) з використанням розподіленої інтегрованої технології, змішаного
планування критичних завдань, резервний планування в режимі реального
часу і механізму зв'язку, який запускається за часом, значно підвищує
надійність, безпеку і продуктивність інтегрованої електронної системи в
режимі реального часу. DIMA являє собою тенденцію розвитку майбутніх
систем авіоніки. У цій статті вивчаються і обговорюються архітектурні
характеристики DIMA. Потім він детально вивчає та аналізує розвиток
ключових технологій в системі DIMA. Нарешті, в ньому розглядається
тенденція розвитку технології DIMA