Control engineers make extensive use of diagrammatic notations; control law diagrams are used in industry every day. Techniques and tools for analysis of these diagrams or their models are plentiful; verification of code created to implement them, however, is a challenge that has been taken up by few. Our work is based on industrial tools that produce partial Z and CSP models of discrete-time Simulink diagrams, and on Circus, a notation that combines Z, CSP, and a refinement calculus. We present a strategy to translate Simulink diagrams to Circus, and a strategy to prove that a parallel Ada implementation refines the specification of a diagram; we rely on a Circus semantics for the program. By using a combined notation, we provide a specification that considers both functional and behavioural aspects of a larger set of diagrams, and support verification of a larger number of implementations. We can handle, for instance, arbitrarily large data types and dynamic scheduling.