Formal Specification and Automated Verification of Safety-Critical Requirements of a Railway Vehicle with Frama-C/Jessie

Hartig, Kerstin; Gerlach, Jens; Soto, Juan Pablo; Busse, Jürgen

doi:10.1007/978-3-642-14261-1_15

Cited by 3 publications

(4 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…With the above notation, and using the ACSL keyword exists for the existential quantifier, the input-output invariant (17) can be annotated in code as shown in (18). For example, for the controller Σ specified (9), Listing 3 illustrates the verif_driver function with the input-output invariant annotations that allow for transfer function inaccuracies.…”

Section: Inexact Controller Implementationsmentioning

confidence: 99%

“…Also, in [19], the authors introduce PVS linear algebra libraries that can be used for verification of stability of a closed-loop system controlled by a software implementation in C. Finally, Frama-C [9] and ACSL [6] have been widely used for software verification. For example, for verification of a subset of the standard C library [8], safety-critical software in the railway domain [18], and the Xen kernel [25]). In addition, [12,21] present methods for dynamic analysis in Frama-C, and in [19] the authors present the use of Frama-C for verification of control software.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Automatic verification of linear controller software

Pajić¹,

Park²,

Lee³

2015

2015 International Conference on Embedded Software (EMSOFT)

View full text Add to dashboard Cite

We consider the problem of verification of software implementations of linear time-invariant controllers. Commonly, different implementations use different representations of the controller's state, for example due to optimizations in a third-party code generator. To accommodate this variation, we exploit input-output controller specification captured by the controller's transfer function and show how to automatically verify correctness of C code controller implementations using a Frama-C/Why3/Z3 toolchain. Scalability of the approach is evaluated using randomly generated controller specifications of realistic size.

show abstract

Section: Inexact Controller Implementationsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Automatic verification of linear controller software

Pajić¹,

Park²,

Lee³

2015

2015 International Conference on Embedded Software (EMSOFT)

View full text Add to dashboard Cite

show abstract

“…They acknowledge that their tool works for a restricted class of programs and properties. VeriFast and Frama-C are another two static analysis tools that have been applied to large programs (Hartig et al, 2010;Philippaerts et al, 2014). Although all…”

Section: Web Voting Systemmentioning

confidence: 99%

Formal and semi-formal verification of a web voting system

Cristiá

Frydman

2015

International Journal of Web Information Systems

View full text Add to dashboard Cite

Purpose – This paper aims to present the verification process conducted to assess the functional correctness of the voting system. Consejo Nacional de Investigaciones Científicas y Técnicas (CONICET) is the most important research institution in Argentina. It depends directly from Argentina’s President but its internal authorities are elected by around 8,000 research across the country. During 2011, the CONICET developed a Web voting system to replace the traditional mail-based process. In 2012 and 2014, CONICET conducted two Web election with no complaints from candidates and voters. Before moving the system into production, CONICET asked the authors to conduct a functional and security assessment of it. Design/methodology/approach – This process is the result of integrating formal, semi-formal and informal verification activities from formal proof to code inspection and model-based testing. Findings – Given the resources and time available, a reasonable level of confidence on the correctness of the application could be transmitted to senior management. Research limitations/implications – A formal specification of the requirements must be developed. Originality/value – Formal methods and semi-formal activities are seldom applied to Web applications.

show abstract

“…In this paper, we extend our previous work [7] on formally verifying various safety-relevant functionalities in railway software by the results of a case study [8] where we compare our unit proofs with traditional unit tests. The software modules themselves have been written in C, while the requirements have been formalized through ACSL [9], the ANSI/ISO C Specification Language.…”

Section: Introductionmentioning

confidence: 96%