Co-simulation of Event-B and Ptolemy II Models via FMI

In the framework of model-based design formal modelling, verification and simulation of safety-critical systems are supported by several methods and tools. Interfacing these tools often becomes challenging for heterogeneous systems. The FMI standard enables integration of different simulation tools through artefacts called Functional Mockup Units (FMU) [1]. The FMI standard is mainly based on the concept of scalability of the simulation as it deals with heterogeneous cyber-physical systems. The combination of discrete behaviour and continuous-time environment is a common case study in hybrid simulation. Moreover, another aspect of the FMI is to enhance the capability of the tools. Thus, a collaborative simulation between the Rodin [2] and Ptolemy [3] is leveraged by both platforms. While Event-B is enhanced by new models of computation of Ptolemy,Ptolemy leverages the expressivity and properties validation (theorem/invariant proofs) implemented by Event-B. The main rationale of the co-simulation between Event-B and Ptolemy relies on the intention of dissimilarity and complementarity of the modelling viewpoints. Event-B provides formal modelling by specifying conditions, actions and properties that manage discrete event behaviour, whereas Ptolemy gives a structural viewpoint in terms of actors, components or functions with relation to concerned behaviour. Thus, the association of Ptolemy and Event-B puts together structural and formal aspects.This paper focuses on the collaborative simulation of models supported by both Ptolemy II and Event-B. The ongoing work consists of the design of a diagrammatic co-simulation surface and its application to a controller case study

Animation of UML-B State-machines

Animation is important because it allows the modeller to validate that a model behaves as intended. Visualisation of animations assists the modeller in making this assessment. UML-B is a visual 'front-end' to the Event-B notation and includes a state-machine diagram editor. Here we describe a new plug-in which, using the Pro-B model checker as animation engine, provides animation of UML-B state-machine diagrams. Multiple diagrams can be animated simultaneously so that the behaviour of refinements and/or nested state-machines can be explored

Integrating Formal Verification and Simulation of Hybrid Systems

An increasing number of today's systems can be characterised as cyber-physical, or hybrid systems that combine the concurrent continuous environment and discrete computational logic. In order to develop such systems as safe and reliable one needs to be able to model and verify them from the early stages of the development process. Current modelling technologies allow us to specify the abstractions of these systems in terms of the procedural or declarative modelling languages and visual notations, and to simulate their behaviour over a period of time for analysis. Other means of modelling are formal methods, which define systems in terms of logics and enable rigorous analysis of system properties. While the first class of technologies provides a natural notation for describing physical processes, but lacks the formal proof, the second class relies on mathematical abstractions to rationalise and automate the complex task of formal verification. The benefits of both technologies can be significantly enhanced by a collaborative methodology. Due to the complexity of the considered systems and the formal proof process it is critical that such a methodology is based on a top-down development process that fully supports abstraction and refinement. We develop this idea into a tool extension for the state of the art Rodin platform for system-level formal modelling and analysis in the Event-B language. The developed tool enables integration of the physical simulation with refinement-based formal verification in Event-B, thus enhancing the capabilities of Rodin with the simulation-based validation that supports refinement. The tool utilises the Functional Mock-up Interface (FMI) standard for industrial-grade model exchange and co-simulation and is based on a co-simulation principle between the discrete models in Event-B and continuous physical models of FMI. It provides a graphical environment for model import, composition and co-simulation, and implements a generic simulation algorithm for discrete-continuous co-simulation