Refinement and Proof Based Development of Systems Characterized by Continuous Functions

Babin, Guillaume; Aït‐Ameur, Yamine; Nakajima, Shinichi; Pantel, Marc

doi:10.1007/978-3-319-25942-0_4

Cited by 10 publications

(20 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Finally, we would like to point out that in this paper, we essentially have presented a verification method based on model checking to design time-delay continuous systems modeled by a simple class of DDEs. This method may also be used in interactive proofs and stepwise refinement of hybrid systems featuring delayed feedback, akin to the methods developed for traditional hybrid systems [2,5].…”

Section: Discussionmentioning

confidence: 99%

Model Checking Delay Differential Equations Against Metric Interval Temporal Logic

Mosaad¹,

Fränzle²,

Xue³

2017

SACS

View full text Add to dashboard Cite

Delay differential equations (DDEs) play an important role in the modeling of dynamic processes. Delays arise in contemporary control schemes like networked distributed control and can cause deterioration of control performance, invalidating both stability and safety properties. This induces an interest in DDE especially in the area of modeling and verification of embedded control. In this article, we present an approach aiming at automatic safety verification of a simple class of DDEs against requirements expressed in a linear-time temporal logic. As requirements specification language, we exploit metric interval temporal logic (MITL) with a continuous-time semantics evaluating signals over metric spaces. We employ an over-approximation method based on interval Taylor series to enclose the solution of the DDE and thereby reduce the continuous-time verification problem for MITL formulae to a discrete-time problem over sequences of Taylor coefficients. We encode sufficient conditions for satisfaction as SMT formulae over polynomial arithmetic and use the iSAT3 SMT solver in its bounded model-checking mode for discharging the resulting proof obligations, thus proving satisfaction of time-bounded MITL specifications by the trajectories induced by a DDE. In contrast to our preliminary work in [44], we can verify arbitrary time-bounded MITL formulae, including nesting of modalities, rather than just invariance properties.

show abstract

Section: Discussionmentioning

confidence: 99%

Model Checking Delay Differential Equations Against Metric Interval Temporal Logic

Mosaad¹,

Fränzle²,

Xue³

2017

SACS

View full text Add to dashboard Cite

show abstract

“…In our earlier work, we proposed both a correct by construction system substitution mechanism [8,9] and a strategy to derive discrete controllers from continuous specifications [6]. In [8,9], we defined the reconfiguration mechanism to maintain a safety property for a system (defined as a state-transitions system) during failure or to switch from one supporting system to another.…”

Section: Introductionmentioning

confidence: 99%

“…But it is not applicable straightforwardly for hybrid systems which need to handle continuous features. In [6], we presented the formal development of a continuous controller that is refined by a discrete one preserving the continuous functional behavior and the required safety properties. This work helped us formulating more general strategies, that we aim to develop in this paper, for the development of system substitution for hybrid systems using formal techniques.…”

Section: Introductionmentioning

confidence: 99%

“…This last situation corresponds to the reparation case. They correspond to a direct reuse of the development of a correct discretization of a continuous function proposed in [6].…”

Section: First Refinement: Introduction Of the Safety Envelopementioning

confidence: 99%

“…The control CTRL events observe the value p c (now) to decide whether specific actions on the mode md c variable are performed or not. Listing 1.7 shows an extract of this machine and a detailed description of this refinement is given in [1,6]. [6].…”

Section: First Refinement: Introduction Of the Safety Envelopementioning

confidence: 99%

See 2 more Smart Citations

A System Substitution Mechanism for Hybrid Systems in Event-B

Babin

Aït‐Ameur

Singh

et al. 2016

Formal Methods and Software Engineering

Self Cite

View full text Add to dashboard Cite

Changes like failure or loss of QoS are key aspects of hybrid systems that must be handled during their design. Preserving the system state is a common requirement that can be ensured by reconfiguration relying on system substitution. The specification and design of these systems usually rely on continuous functions whereas their implementation is discrete. Moreover, the associated safety properties are characterized by a safety envelope defining safe system states. This paper presents a novel approach for formalizing the system substitution mechanism for hybrid systems, in which the system substitution maintains a safety envelope of the given hybrid system during system failure or switching from one supporting system to another. Proving the correctness of the discrete implementation of the defined reconfiguration mechanism for hybrid systems is a challenging problem. In this purpose, we propose to combine system substitution and incremental system modeling to ensure correct discretization. We rely on the Event-B method and the Rodin Platform with the Theory plug-in to develop the system models and carry out the proofs on dense real numbers.

show abstract