Formal Validation of Hierarchical State Machines against Expectations

This paper explains some analyses that can be performed on a hierarchical finite state machine to validate that it performs as intended. Such a hierarchical state machine has transitions between states, triggered by conditions over inputs, with outputs determined per state in terms of inputs. Intentions are captured per state as expectations on input values. These expectations are expressed using the same condition language as transition triggers, extended to constrain rates of change as well as ranges. The analyses determine whether the expectations are consistent and whether the state machine conforms to the expectations. For the analyses to find no problems, the explicit expectations on the root state would be at least as strong as the implicit expectations of the state machine. One way of using the analyses is to reveal these implicit expectations. The analyses have been automated for statecharts built with the MathWorks' Stateflow tool.

[1]  John A. McDermid,et al.  Practical Formal Specification for Embedded Control Systems , 2004 .

[2]  Andy Galloway,et al.  Proving Properties of Stateflow Models Using ISO Standard Z and CADiZ , 2005, ZB.

[3]  강문설 [서평]「The Unified Modeling Language User Guide」 , 1999 .

[4]  Hoyt Lougee,et al.  SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICATION , 2001 .

[5]  Paul Strooper Proceedings of the 2005 Australian Software Engineering Conference , 2004 .

[6]  Fausto Giunchiglia,et al.  NUSMV: A New Symbolic Model Verifier , 1999, CAV.

[7]  David Lorge Parnas,et al.  Tabular Representation of Relations , 1992 .

[8]  Robert E. Shostak,et al.  On the SUP-INF Method for Proving Presburger Formulas , 1977, JACM.

[9]  John A. McDermid,et al.  CADi: An architecture for Z tools and its implementation , 1995, Softw. Pract. Exp..

[10]  John A. Clark,et al.  Towards industrially applicable formal methods: three small steps, and one giant leap , 1998, Proceedings Second International Conference on Formal Engineering Methods (Cat.No.98EX241).

[11]  Rance Cleaveland,et al.  Automated validation of software models , 2001, Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001).

[12]  John A. McDermid,et al.  Formal Methods: Use and Relevance for the Development of Safety-Critical Systems , 1992, Comput. J..

[13]  Nancy G. Leveson,et al.  Requirements Specification for Process-Control Systems , 1994, IEEE Trans. Software Eng..

[14]  Andy Galloway,et al.  Generalised Substitution Language and Differentials , 2002, ZB.

[15]  Ian Toyn,et al.  A tactic language for reasoning about Z specifications , 1998, FM-Trends 1998.

[16]  David Harel,et al.  Statecharts: A Visual Formalism for Complex Systems , 1987, Sci. Comput. Program..

[17]  John A. McDermid,et al.  Experiences with the Application of Discrete Formal Methods to the Development of Engine Control Software , 1998 .

[18]  Amnon Naamad,et al.  The STATEMATE semantics of statecharts , 1996, TSEM.