Formalization and Validation of Safety-Critical Requirements

The validation of requirements is a fundamental step in the development process of safety-critical systems. In safety critical applications such as aerospace, avionics and railways, the use of formal methods is of paramount importance both for requirements and for design validation. Nevertheless, while for the verification of the design, many formal techniques have been conceived and applied, the research on formal methods for requirements validation is not yet mature. The main obstacles are that, on the one hand, the correctness of requirements is not formally defined; on the other hand that the formalization and the validation of the requirements usually demands a strong involvement of domain experts. We report on a methodology and a series of techniques that we developed for the formalization and validation of high-level requirements for safety-critical applications. The main ingredients are a very expressive formal language and automatic satisfiability procedures. The language combines first-order, temporal, and hybrid logic. The satisfiability procedures are based on model checking and satisfiability modulo theory. We applied this technology within an industrial project to the validation of railways requirements

Discontinuous PWM Modulation for Active Power Filters Operating in Disturbed Environments

Active power filters (APFs) are power converters able to compensate for the distorted current components injected into the mains by non-linear loads. To reduce the APF switching losses and thus to allow using higher switching frequencies, discontinuous pulse-width modulation (DPWM) techniques have been developed in the literature. However, the DPWM techniques applied to APFs are highly sensitive to the high frequency disturbances on the power lines. Therefore, this paper proposes a dedicated discontinuous modulation technique for APFs installed in disturbed environments, able to minimize the switching losses for any operating condition. The proposed solution has been experimentally validated on a 100 kVA 2-level APF inverter compensating a regenerative system used for the final functional test of industrial inverters at the end of the production line

Power Decoupling Method for Grid Inertial Support Provided by Ultra-Fast Bidirectional Chargers

The Active Front-End (AFE) converter unit of ultra-fast battery chargers can contribute to the inertial frequency response by embedding the Virtual Synchronous Machine (VSM) control algorithm. However, the injection of inertial active power involves a non-negligible reactive power contribution due to the active-reactive power coupling, thus increasing the current output of the converter. Therefore, this paper proposes an active-reactive power decoupling solution to minimize the AFE current rating for frequency support

From Informal Safety-Critical Requirements to Property-Driven Formal Validation

Most of the efforts in formal methods have historically been devoted to comparing a design against a set of requirements. The validation of the requirements themselves, however, has often been disregarded, and it can be considered a largely open problem, which poses several challenges. The first challenge is given by the fact that requirements are often written in natural language, and may thus contain a high degree of ambiguity. Despite the progresses in Natural Language Processing techniques, the task of understanding a set of requirements cannot be automatized, and must be carried out by domain experts, who are typically not familiar with formal languages. Furthermore, in order to retain a direct connection with the informal requirements, the formalization cannot follow standard model-based approaches. The second challenge lies in the formal validation of requirements. On one hand, it is not even clear which are the correctness criteria or the high-level properties that the requirements must fulfill. On the other hand, the expressivity of the language used in the formalization may go beyond the theoretical and/or practical capacity of state-of-the-art formal verification. In order to solve these issues, we propose a new methodology that comprises of a chain of steps, each supported by a specific tool. The main steps are the following. First, the informal requirements are split into basic fragments, which are classified into categories, and dependency and generalization relationships among them are identified. Second, the fragments are modeled using a visual language such as UML. The UML diagrams are both syntactically restricted (in order to guarantee a formal semantics), and enriched with a highly controlled natural language (to allow for modeling static and temporal constraints). Third, an automatic formal analysis phase iterates over the modeled requirements, by combining several, complementary techniques: checking consistency; verifying whether the requirements entail some desirable properties; verify whether the requirements are consistent with selected scenarios; diagnosing inconsistencies by identifying inconsistent cores; identifying vacuous requirements; constructing multiple explanations by enabling the fault-tree analysis related to particular fault models; verifying whether the specification is realizable

Validating Domains and Plans for Temporal Planning via Encoding into Infinite-State Linear Temporal Logic

Temporal planning is an active research area of Artificial Intelligence because of its many applications ranging from roboticsto logistics and beyond. Traditionally, authors focused on theautomatic synthesis of plans given a formal representation of thedomain and of the problem. However, the effectiveness of suchtechniques is limited by the complexity of the modeling phase: it ishard to produce a correct model for the planning problem at hand. In this paper, we present a technique to simplify the creation ofcorrect models by leveraging formal-verification tools for automaticvalidation. We start by using the ANML language, a very expressivelanguage for temporal planning problems that has been recentlypresented. We chose ANML because of its usability andreadability. Then, we present a sound-and-complete, formal encodingof the language into Linear Temporal Logic over predicates withinfinite-state variables. Thanks to this reduction, we enable theformal verification of several relevant properties over the planningproblem, providing useful feedback to the modeler

Symbolic Model Checking and Safety Assessment of Altarica models

Altarica is a language used to describe critical systems. In this paper we present a novel approach to the analysis of Altarica models, based on a translation into an extended version of NuSMV. This approach opens up the possibility to carry out functional verification and safety assessment with symbolic techniques. An experimental evaluation on a set of industrial case studies demonstrates the advantages of the approach over currently available tools.

Synthetic Crysotile Nano-Crystals as a Reference Standard to Investigate Surface-Induce Serum Albumin Structural Modifications

Geoinspired synthetic chrysotile, which represents an ideal asbestos reference standard, has been utilized to investigate homomolecular exchange of bovine serum albumin (BSA), the major plasma protein, between the adsorbed and dissolved state at the interface between asbestos fibers and biological medium. FTIR spectroscopy has been used to quantify BSA structural modifications due to surface adhesion on chrysotile fibers as a function of the surface coating extent. Circular dichroism spectroscopy has been used to investigate the adsorption/desorption equilibrium through analysis of the BSA structural perturbations after protein desorption from chrysotile surface. Data results show clearly that in the solid state BSA modifications are driven by surface interaction with the substrate, following a bimodal adsorption evidenced by two different binding constants. On the other hand, BSA desorbed in solution is able to rearrange, in the lack of substrate, although keeping irreversible modifications with respect to the native species. The lack of regaining its native structure certainly affects albumin interaction with biological environment. The present investigation on the stoichiometric synthetic geoinspired chrysotile nanocrystals is the first approach toward a deeper attempt to use standard synthetic chrysotile reference samples in mimicking the behavior of asbestos fibers and allows to better understand their interaction with a biological environment