26,072 research outputs found
PALS-Based Analysis of an Airplane Multirate Control System in Real-Time Maude
Distributed cyber-physical systems (DCPS) are pervasive in areas such as
aeronautics and ground transportation systems, including the case of
distributed hybrid systems. DCPS design and verification is quite challenging
because of asynchronous communication, network delays, and clock skews.
Furthermore, their model checking verification typically becomes unfeasible due
to the huge state space explosion caused by the system's concurrency. The PALS
("physically asynchronous, logically synchronous") methodology has been
proposed to reduce the design and verification of a DCPS to the much simpler
task of designing and verifying its underlying synchronous version. The
original PALS methodology assumes a single logical period, but Multirate PALS
extends it to deal with multirate DCPS in which components may operate with
different logical periods. This paper shows how Multirate PALS can be applied
to formally verify a nontrivial multirate DCPS. We use Real-Time Maude to
formally specify a multirate distributed hybrid system consisting of an
airplane maneuvered by a pilot who turns the airplane according to a specified
angle through a distributed control system. Our formal analysis revealed that
the original design was ineffective in achieving a smooth turning maneuver, and
led to a redesign of the system that satisfies the desired correctness
properties. This shows that the Multirate PALS methodology is not only
effective for formal DCPS verification, but can also be used effectively in the
DCPS design process, even before properties are verified.Comment: In Proceedings FTSCS 2012, arXiv:1212.657
Synthesizing a Lego Forklift Controller in GR(1): A Case Study
Reactive synthesis is an automated procedure to obtain a
correct-by-construction reactive system from a given specification. GR(1) is a
well-known fragment of linear temporal logic (LTL) where synthesis is possible
using a polynomial symbolic algorithm. We conducted a case study to learn about
the challenges that software engineers may face when using GR(1) synthesis for
the development of a reactive robotic system. In the case study we developed
two variants of a forklift controller, deployed on a Lego robot. The case study
employs LTL specification patterns as an extension of the GR(1) specification
language, an examination of two specification variants for execution
scheduling, traceability from the synthesized controller to constraints in the
specification, and generated counter strategies to support understanding
reasons for unrealizability. We present the specifications we developed, our
observations, and challenges faced during the case study.Comment: In Proceedings SYNT 2015, arXiv:1602.0078
Design of asynchronous supervisors
One of the main drawbacks while implementing the interaction between a plant
and a supervisor, synthesised by the supervisory control theory of
\citeauthor{RW:1987}, is the inexact synchronisation. \citeauthor{balemiphdt}
was the first to consider this problem, and the solutions given in his PhD
thesis were in the domain of automata theory. Our goal is to address the issue
of inexact synchronisation in a process algebra setting, because we get
concepts like modularity and abstraction for free, which are useful to further
analyze the synthesised system. In this paper, we propose four methods to check
a closed loop system in an asynchronous setting such that it is branching
bisimilar to the modified (asynchronous) closed loop system. We modify a given
closed loop system by introducing buffers either in the plant models, the
supervisor models, or the output channels of both supervisor and plant models,
or in the input channels of both supervisor and plant models. A notion of
desynchronisable closed loop system is introduced, which is a class of
synchronous closed loop systems such that they are branching bisimilar to their
corresponding asynchronous versions. Finally we study different case studies in
an asynchronous setting and then try to summarise the observations (or
conditions) which will be helpful in order to formulate a theory of
desynchronisable closed loop systems
Structured representation for requirements and specifications
This document was generated in support of NASA contract NAS1-18586, Design and Validation of Digital Flight Control Systems suitable for Fly-By-Wire Applications, Task Assignment 2. Task 2 is associated with a formal representation of requirements and specifications. In particular, this document contains results associated with the development of a Wide-Spectrum Requirements Specification Language (WSRSL) that can be used to express system requirements and specifications in both stylized and formal forms. Included with this development are prototype tools to support the specification language. In addition a preliminary requirements specification methodology based on the WSRSL has been developed. Lastly, the methodology has been applied to an Advanced Subsonic Civil Transport Flight Control System
Early aspects: aspect-oriented requirements engineering and architecture design
This paper reports on the third Early Aspects: Aspect-Oriented Requirements Engineering and Architecture Design Workshop, which has been held in Lancaster, UK, on March 21, 2004. The workshop included a presentation session and working sessions in which the particular topics on early aspects were discussed. The primary goal of the workshop was to focus on challenges to defining methodical software development processes for aspects from early on in the software life cycle and explore the potential of proposed methods and techniques to scale up to industrial applications
Reusing Test-Cases on Different Levels of Abstraction in a Model Based Development Tool
Seamless model based development aims to use models during all phases of the
development process of a system. During the development process in a
component-based approach, components of a system are described at qualitatively
differing abstraction levels: during requirements engineering component models
are rather abstract high-level and underspecified, while during implementation
the component models are rather concrete and fully specified in order to enable
code generation. An important issue that arises is assuring that the concrete
models correspond to abstract models. In this paper, we propose a method to
assure that concrete models for system components refine more abstract models
for the same components. In particular we advocate a framework for reusing
testcases at different abstraction levels. Our approach, even if it cannot
completely prove the refinement, can be used to ensure confidence in the
development process. In particular we are targeting the refinement of
requirements which are represented as very abstract models. Besides a formal
model of our approach, we discuss our experiences with the development of an
Adaptive Cruise Control (ACC) system in a model driven development process.
This uses extensions which we implemented for our model-based development tool
and which are briefly presented in this paper.Comment: In Proceedings MBT 2012, arXiv:1202.582
- âŠ