Rigorous Design of FDIR Systems with BIP

The correct design of autonomous systems is a challenge, due to the uncertainties arising at execution time. A special case of uncertainties are the faults and failures that break the system’s requirements. Dealing with such situations requires to design fault detection, isolation and recovery (FDIR) components. The aim of FDIR components is to detect when a fault has occurred and to apply a recovery strategy that brings the system into a mode where the requirements are satisfied. In this paper we describe an approach based on the Behavior, Interaction, Priority (BIP) tools for the rigorous design of FDIR components. This approach leverages the scalability of statistical model-checking tool BIP-SMC to check for requirement satisfaction, and the code generation feature of the BIP compiler. Moreover, the generated code is executable with the BIP engine(s) and easily integrated with the original system. The approach has been used in the H2020 ESROCOS and ERGO projects for the development of (autonomous) robotics control systems, which have been validated through field trials

Model-based validation of CANopen systems

International audienceCANopen is an increasingly popular protocol for the design of networked embedded systems. Nonetheless, the large variety of communication and network management functionalities supported in CANopen can increase significantly systems complexity and in turn, the needs for system validation at design time. We present hereafter a rigorous method based on formal modeling and verification techniques, allowing to provide a comprehensive analysis of CANopen systems. Our method uses BIP, a formal framework for modeling, analysis and implementation of real-time, heterogeneous, component-based systems and the associated BIP tools for simulation, performance evaluation and statistical model-checking

Compositional Verification for Timed Systems Based on Automatic Invariant Generation

We propose a method for compositional verification to address the state space explosion problem inherent to model-checking timed systems with a large number of components. The main challenge is to obtain pertinent global timing constraints from the timings in the components alone. To this end, we make use of auxiliary clocks to automatically generate new invariants which capture the constraints induced by the synchronisations between components. The method has been implemented in the RTD-Finder tool and successfully experimented on several benchmarks

Algèbre linéaire pour invariants polynomiaux

Nous présentons dans ce papier une nouvelle technique de génération d'invariants dans le contexte d'un certain type de boucles polynomiales. Notre méthode a l'avantage d'être plus rapide que les méthodes existantes pour des boucles équivalentes et plus simple à implanter car elle repose sur des algorithmes d'algèbre linéaire de complexité polynomiale. Un outil implémentant cette méthode est en cours de développement dans Frama-C, une plate-forme open-source, extensible et collaborative dédiée à l'analyse de programmes C

Mixed Critical Earliest Deadline First

International audienceUsing the advances of the modern microelectronics technology, the safety-critical systems, such as avionics, can reduce their costs by integrating multiple tasks on one device. This makes such systems essentially mixed-critical, as this brings together different tasks whose safety assurance requirements may differ significantly. In the context of mixed-critical scheduling theory, we studied the dual criticality problem of scheduling a finite set of hard real-time jobs. In this work we propose an algorithm which is proved to dominate OCBP, a state-of-the art algorithm for this problem that is optimal over fixed job priority algorithms. We show through empirical studies that our algorithm can reduce the set of non-schedulable instances by a factor of two or, under certain assumptions, by a factor of four, when compared to OCBP

A model-based design flow for CAN-based systems

International audienceThis paper introduces a novel approach for systematical development of CAN-based systems with guaranteed functional correctness and optimal performance. This approach relies on formal methods for faithful modeling and analysis of such systems, whilst taking into consideration the effects of critical parameters, such as bit stuffing and buffer utilization. As a proof of concept, the approach has been applied on existing benchmarks simulating realistic automotive networks. The results are similar to ones obtained using domain-specific tools e.g. NETCARBENCH. Moreover, this work creates new perspectives and reveals potential application for the generation of optimal device configurations for the recently developed CAN FD protocol

Optimized Distributed Implementation of Multiparty Interactions with Observation

International audienceUsing high level coordination primitives allows enhanced expressiveness of component-based frameworks to cope with the inherent complexity of present-day systems designs. Nonetheless, their distributed implementation raises multiple issues, regarding both the correctness and the runtime performance of the final implementation. We propose a novel approach for distributed implementation of multiparty interactions subject to scheduling constraints expressed by priorities. We rely on new composition operators and semantics that combine multiparty interactions with observation. We show that this model provides a natural encoding for priorities and moreover, can be used as an intermediate step towards provably correct and optimized distributed implementations

Modeling Mixed-critical Systems in Real-time BIP

International audienceThe proliferation of multi- and manycores creates an important design problem: the design and verification for mixed-criticality constraints in timing and safety, taking into account the resource sharing and hardware faults. In our work, we aim to contribute towards the solution of these problems by using a formal design language - the real time BIP, to model both hardware and software, functionality and scheduling. In this paper we present the initial experiments of modeling mixed-criticality systems in BIP