Formal Techniques for Safety-Critical Systems: 7th International Workshop, FTSCS 2019, Shenzhen, China, November 9, 2019, Revised Selected Papers

Due to major breakthroughs in software and engineering technologies, embedded systems are increasingly being utilized in areas ranging from aerospace and next-generation transportation systems, to smart grid and smart cities, to health care systems, and broadly speaking to what is known as Cyber-Physical Systems (CPS). A CPS is primarily composed of several electronic, communication and controller modules and some actuators and sensors. The mix of heterogeneous underlying smart technologies poses a number of technical challenges to the design and more severely to the verification of such complex infrastructure. In fact, a CPS shall adhere to strict safety, reliability, performance and security requirements, where one needs to capture both physical and random aspects of the various CPS modules and then analyze their interrelationship across interlinked continuous and discrete dynamics. Oftentimes however, system bugs remain uncaught during the analysis and in turn cause unwanted scenarios that may have serious consequences in safety-critical applications. In this paper, we introduce some of the challenges surrounding the design and verification of contemporary CPS with the advent of smart technologies. In particular, we survey recent developments in the use of theorem proving, a formal method, for the modeling, analysis and verification of CPS, and overview some real world CPS case studies from the automotive, avionics and healthtech domains from system level to physical components.

[1]  Fabio Paternò,et al.  ConcurTaskTrees: A Diagrammatic Notation for Specifying Task Models , 1997, INTERACT.

[2]  Klaus Schneider,et al.  Multithreaded code from synchronous programs: Extracting independent threads for OpenMP , 2010, 2010 Design, Automation & Test in Europe Conference & Exhibition (DATE 2010).

[3]  Hugo Daniel Macedo,et al.  Compositional Model Checking of Interlocking Systems for Lines with Multiple Stations , 2017, NFM.

[4]  Arnaud Dieumegard,et al.  Formal development process of safety-critical embedded human machine interface systems , 2017, 2017 International Symposium on Theoretical Aspects of Software Engineering (TASE).

[5]  Kim G. Larsen,et al.  A Tutorial on Uppaal , 2004, SFM.

[6]  Jungwon Lee,et al.  Fused DNN: A Deep Neural Network Fusion Approach to Fast and Robust Pedestrian Detection , 2016, 2017 IEEE Winter Conference on Applications of Computer Vision (WACV).

[7]  Michael D. Harrison,et al.  Verification of User Interface Software: The Example of Use-Related Safety Requirements and Programmable Medical Devices , 2017, IEEE Transactions on Human-Machine Systems.

[8]  Bengt Jonsson,et al.  A logic for reasoning about time and reliability , 1990, Formal Aspects of Computing.

[9]  Umair Siddique,et al.  Formal Analysis of Optical Systems , 2014, Math. Comput. Sci..

[10]  Tim Dwyer,et al.  Scalable, Versatile and Simple Constrained Graph Layout , 2009, Comput. Graph. Forum.

[11]  Paul Curzon,et al.  Human-Computer Interaction and the Formal Certification and Assurance of Medical Devices: The CHI+MED Project , 2014, CAV 2014.

[12]  Sandeep K. Shukla,et al.  Generating Multi-Threaded code from Polychronous Specifications , 2009, Electron. Notes Theor. Comput. Sci..

[13]  Yuan Dong,et al.  A formally verified transformation to unify multiple nested clocks for a Lustre-like language , 2018, Science China Information Sciences.

[14]  T. Ferrell,et al.  RTCA DO-178C/EUROCAE ED-12C and the Technical Supplements , 2014 .

[15]  Alessio Lomuscio,et al.  The complexity of model checking concurrent programs against CTLK specifications , 2006, AAMAS '06.

[16]  Yvon Savaria,et al.  Delay bound analysis for heterogeneous multicore systems using network calculus , 2018, 2018 13th IEEE Conference on Industrial Electronics and Applications (ICIEA).

[17]  Mathijs F. G. Lucassen,et al.  Serious Games and Gamification for Mental Health: Current Status and Promising Directions , 2017, Frontiers in psychiatry.

[18]  Stefania Gnesi,et al.  Proving Safety Properties for Embedded Control Systems , 1996, EDCC.

[19]  James Phillip SAT-based Model Checking and its applications to Train Control Software , 2010 .

[20]  Mizuhito Ogawa,et al.  Formal Semantics Extraction from Natural Language Specifications for ARM , 2019, FM.

[21]  Alessio Ferrari,et al.  Model Checking Interlocking Control Tables , 2010, FORMS/FORMAT.

[22]  Anton Setzer Automated verification of safety properties in railway interlocking systems defined with ladder logic , 2008 .

[23]  Mohammad Reza Nami,et al.  Multi-Agent Systems: A Survey , 2010, PDPTA.

[24]  Frédéric Boussinot,et al.  The ESTEREL language , 1991, Proc. IEEE.

[25]  Fabien Belmonte,et al.  Interlocking Formal Verification at Alstom Signalling , 2019, RSSRail.

[26]  Faron Moller,et al.  Verification of Solid State Interlocking Programs , 2013, SEFM Workshops.

[27]  Chao Liu,et al.  Behavior Modeling on ARINC653 to Support the Temporal Verification of Conformed Application Design , 2019, IEEE Access.

[28]  Michael Burch,et al.  A Taxonomy and Survey of Dynamic Graph Visualization , 2017, Comput. Graph. Forum.

[29]  Brad A. Myers,et al.  Why are Human-Computer interfaces Difficult to Design and Implement? , 1993 .

[30]  Luca Chittaro,et al.  Evaluation of a 3D serious game for advanced life support retraining , 2013, Int. J. Medical Informatics.

[31]  Wang Yi,et al.  Uppaal in a nutshell , 1997, International Journal on Software Tools for Technology Transfer.

[32]  Guillaume Bonfante,et al.  CoDisasm: Medium Scale Concatic Disassembly of Self-Modifying Binaries with Overlapping Instructions , 2015, CCS.

[33]  Daniel W. Archambault,et al.  On the effective visualisation of dynamic attribute cascades , 2016, Inf. Vis..

[34]  Francois Bremond,et al.  Late Fusion of Multiple Convolutional Layers for Pedestrian Detection , 2018, 2018 15th IEEE International Conference on Advanced Video and Signal Based Surveillance (AVSS).

[35]  Eric Barboni,et al.  High-Fidelity Prototyping of Interactive Systems Can Be Formal Too , 2009, HCI.

[36]  Michael D. Harrison,et al.  Systematic Analysis of Control Panel Interfaces Using Formal Tools , 2008, DSV-IS.

[37]  Martina Seidl,et al.  Non-CNF QBF Solving with QCIR , 2016, AAAI Workshop: Beyond NP.

[38]  Benjamin Niedermann,et al.  A Survey on Computing Schematic Network Maps: The Challenge to Interactivity , 2022, ArXiv.

[39]  Marc Pouzet,et al.  Automatic Parallelization from Lustre Models in Avionics , 2018 .

[40]  Christopher Krügel,et al.  SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[41]  Qing Lei,et al.  A Comprehensive Survey of Vision-Based Human Action Recognition Methods , 2019, Sensors.

[42]  Klaus Havelund,et al.  Model Checking Programs , 2004, Automated Software Engineering.

[43]  David Harel,et al.  Drawing graphs nicely using simulated annealing , 1996, TOGS.

[44]  Edward R. Tufte,et al.  Envisioning Information , 1990 .

[45]  David Brumley,et al.  Unleashing Mayhem on Binary Code , 2012, 2012 IEEE Symposium on Security and Privacy.

[46]  Cindy Eisner,et al.  Using Symbolic Model Checking to Verify the Railway Stations of Hoorn-Kersenboogerd and Heerhugowaard , 1999, CHARME.

[47]  Thai Son Hoang,et al.  Rodin: an open toolset for modelling and reasoning in Event-B , 2010, International Journal on Software Tools for Technology Transfer.

[48]  Timothy Bourke,et al.  A formally verified compiler for Lustre , 2017, PLDI.

[49]  Ian Briggs,et al.  Rigorous floating-point mixed-precision tuning , 2017, POPL.

[50]  Xinyu Yang,et al.  Performance Analysis on Transmission Estimation for Avionics Real-Time System Using Optimized Network Calculus , 2019 .

[51]  Thomas Kirste,et al.  Checking Models for Activity Recognition , 2015, ICAART.

[52]  Alexander Wolff,et al.  Drawing Subway Maps: A Survey , 2007, Informatik - Forschung und Entwicklung.

[53]  Diane J. Cook,et al.  Human Activity Recognition and Pattern Discovery , 2010, IEEE Pervasive Computing.

[54]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[55]  W. Fokkink,et al.  Veriflcation of Interlockings: from Control Tables to Ladder Logic Diagrams , 1998 .

[56]  Tamara Munzner,et al.  Cerebral: Visualizing Multiple Experimental Conditions on a Graph with Biological Context , 2008, IEEE Transactions on Visualization and Computer Graphics.

[57]  Klaus Schneider,et al.  Multithreaded Code from Synchronous Programs: Generating Software Pipelines for OpenMP , 2010, MBMV.

[58]  Christel Baier,et al.  Principles of model checking , 2008 .

[59]  Barbara Tversky,et al.  Animation: can it facilitate? , 2002, Int. J. Hum. Comput. Stud..

[60]  Ioannis A. Kakadiaris,et al.  A Review of Human Activity Recognition Methods , 2015, Front. Robot. AI.

[61]  Reynald Affeldt,et al.  Formal foundations of 3D geometry to model robot manipulators , 2017, CPP.

[62]  Marco Winckler,et al.  Bridging the gap between a behavioural formal description technique and a user interface description language: Enhancing ICO with a graphical user interface markup language , 2014, Sci. Comput. Program..

[63]  Osman Hasan,et al.  Formalization of Fault Trees in Higher-Order Logic: A Deep Embedding Approach , 2016, SETTA.

[64]  Abdelouahed Gherbi,et al.  A Modeling and Verification Approach to the Design of Distributed IMA Architectures Using TTEthernet , 2016, ANT/SEIT.

[65]  Gérard Berry Synchronous Design and Verification of Critical Embedded Systems Using SCADE and Esterel , 2007, FMICS.

[66]  Alberto L. Sangiovanni-Vincentelli,et al.  Data-Driven Probabilistic Modeling and Verification of Human Driver Behavior , 2014, AAAI Spring Symposia.

[67]  Sofiène Tahar,et al.  An approach for lifetime reliability analysis using theorem proving , 2014, J. Comput. Syst. Sci..

[68]  Neeraj Kumar Singh,et al.  Refinement Based Formal Development of Human-Machine Interface , 2018, STAF Workshops.

[69]  Corina S. Pasareanu,et al.  JPF-SE: A Symbolic Execution Extension to Java PathFinder , 2007, TACAS.

[70]  Mickaël Baron,et al.  Étude et comparaison de scénarios de développements formels d'interfaces multi-modales fondés sur la preuve et le raffinement. , 2006 .

[71]  Daijin Kim,et al.  A Depth Video-based Human Detection and Activity Recognition using Multi-features and Embedded Hidden Markov Models for Health Care Monitoring Systems , 2017, Int. J. Interact. Multim. Artif. Intell..

[72]  Markus Roggenbach,et al.  Encapsulating Formal Methods within Domain Specific Languages: A Solution for Verifying Railway Scheme Plans , 2014, Math. Comput. Sci..

[73]  Dawson R. Engler,et al.  KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs , 2008, OSDI.

[74]  Gian Luca Foresti,et al.  A Network of Audio and Video Sensors for Monitoring Large Environments , 2012, Handbook of Soft Computing for Video Surveillance.

[75]  Sofiène Tahar,et al.  Formalization of Complex Vectors in Higher-Order Logic , 2014, CICM.

[76]  Matthieu Martel,et al.  Salsa: An Automatic Tool to Improve the Numerical Accuracy of Programs , 2018, AFM@NFM.

[77]  Michael J. Butler,et al.  ProB: A Model Checker for B , 2003, FME.

[78]  Yamine Aït Ameur,et al.  Cooperation of Formal Methods in an Engineering Based Software Development Process , 2000, IFM.

[79]  Alessio Lomuscio,et al.  MCMAS: A Model Checker for the Verification of Multi-Agent Systems , 2009, CAV.

[80]  Bronis R. de Supinski,et al.  Abstract: Automatically Adapting Programs for Mixed-Precision Floating-Point Computation , 2013, 2012 SC Companion: High Performance Computing, Networking Storage and Analysis.

[81]  Bruno d'Ausbourg Using Model Checking for the Automatic Validation of User Interface Systems , 1998, DSV-IS.

[82]  Stefania Gnesi,et al.  Model-Based Development and Formal Methods in the Railway Industry , 2013, IEEE Software.

[83]  Ankur Taly,et al.  Static Analysis by Policy Iteration on Relational Domains , 2007, ESOP.

[84]  Philippe A. Palanque,et al.  A Tool Suite for Integrating Task and System Models through Scenarios , 2001, DSV-IS.

[85]  Viktor Kuncak,et al.  Sound compilation of reals , 2013, POPL.

[86]  Philippe A. Palanque,et al.  A tool-supported design framework for safety critical interactive systems , 2003, Interact. Comput..

[87]  Philippe A. Palanque,et al.  Petri net based Design of User-driven Interfaces Using the Interactive Cooperative Objects Formalism , 1994, DSV-IS.

[88]  J. F. Groote,et al.  The safety guaranteeing system at station Hoorn-Kersenboogerd , 1994, COMPASS '95 Proceedings of the Tenth Annual Conference on Computer Assurance Systems Integrity, Software Safety and Process Security'.

[89]  Luca Chittaro,et al.  Turning the Classic Snake Mobile Game into a Location-Based Exergame that Encourages Walking , 2012, PERSUASIVE.

[90]  Jean-Michel Muller,et al.  On the definition of ulp(x) , 2005 .

[91]  Terence Parr,et al.  The Definitive ANTLR 4 Reference , 2013 .

[92]  Makoto Mizukawa,et al.  Human behavior recognition via top-view vision for intelligent space , 2010, ICCAS 2010.

[93]  Ganesh Gopalakrishnan,et al.  Rigorous Estimation of Floating-Point Round-off Errors with Symbolic Taylor Expansions , 2015, FM.

[94]  C. Motamed,et al.  A temporal belief-based hidden markov model for human action recognition in medical videos , 2015, Pattern Recognition and Image Analysis.

[95]  Marta Z. Kwiatkowska,et al.  PRISM 4.0: Verification of Probabilistic Real-Time Systems , 2011, CAV.

[96]  Jean-Michel Muller,et al.  Handbook of Floating-Point Arithmetic (2nd Ed.) , 2018 .

[97]  Anne Elisabeth Haxthausen,et al.  Applied Bounded Model Checking for Interlocking System Designs , 2013, SEFM Workshops.

[98]  Jun Sun,et al.  PAT: Towards Flexible Verification under Fairness , 2009, CAV.

[99]  Nikolaj Bjørner,et al.  Satisfiability modulo theories , 2011, Commun. ACM.

[100]  Hongchun Wang,et al.  A Review on Key Technologies of the Distributed Integrated Modular Avionics System , 2018, Int. J. Wirel. Inf. Networks.

[101]  James Demmel,et al.  Floating-Point Precision Tuning Using Blame Analysis , 2016, 2016 IEEE/ACM 38th International Conference on Software Engineering (ICSE).

[102]  Martin Nöllenburg,et al.  A Survey on Automated Metro Map Layout Methods , 2012 .

[103]  Lilly Suriani Affendey,et al.  Systematic Review and Classification on Video Surveillance Systems , 2013 .

[104]  C.D. Nugent,et al.  Temporal Logic Bounded Model-Checking for recognition of activities of daily living , 2010, Proceedings of the 10th IEEE International Conference on Information Technology and Applications in Biomedicine.

[105]  Daniel W. Archambault,et al.  Can animation support the visualisation of dynamic graphs? , 2016, Inf. Sci..

[106]  James Demmel,et al.  Precimonious: Tuning assistant for floating-point precision , 2013, 2013 SC - International Conference for High Performance Computing, Networking, Storage and Analysis (SC).

[107]  Thomas A. Henzinger,et al.  Reactive Modules , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[108]  Francis Jambon,et al.  Using the B Formal Approach for Incremental Specification Design of Interactiv Systems , 1998, EHCI.

[109]  Satoru Kawai,et al.  An Algorithm for Drawing General Undirected Graphs , 1989, Inf. Process. Lett..

[110]  Marc Pouzet,et al.  Scade 6: From a Kahn Semantics to a Kahn Implementation for Multicore , 2018, 2018 Forum on Specification & Design Languages (FDL).

[111]  Kim Marriott,et al.  IPSep-CoLa: An Incremental Procedure for Separation Constraint Layout of Graphs , 2006, IEEE Transactions on Visualization and Computer Graphics.

[112]  Armin Biere,et al.  Symbolic Model Checking without BDDs , 1999, TACAS.

[113]  Peter H. Feiler,et al.  Model-Based Engineering with AADL: An Introduction to the SAE Architecture Analysis & Design Language , 2012 .

[114]  Pascal Raymond,et al.  The synchronous data flow programming language LUSTRE , 1991, Proc. IEEE.

[115]  Philippe Robert,et al.  Assistance for Older Adults in Serious Game Using an Interactive System , 2015, GALA.

[116]  Leander Tentrup Non-prenex QBF Solving Using Abstraction , 2016, SAT.

[117]  C.B. Watkins Integrated Modular Avionics: Managing the Allocation of Shared Intersystem Resources , 2006, 2006 ieee/aiaa 25TH Digital Avionics Systems Conference.

[118]  Mahbub Hassan A performance model of pedestrian dead reckoning with activity-based location updates , 2012, 2012 18th IEEE International Conference on Networks (ICON).

[119]  V. Lakshmi Narasimhan,et al.  Design of an introductory medical gaming environment for diagnosis and management of Parkinson's disease , 2010, Trendz in Information Sciences & Computing(TISC2010).

[120]  Siddhartha Kumar Khaitan,et al.  Design Techniques and Applications of Cyberphysical Systems: A Survey , 2015, IEEE Systems Journal.

[121]  Matthieu Martel,et al.  Floating-Point Format Inference in Mixed-Precision , 2017, NFM.

[122]  Philippe A. Palanque,et al.  Validating interactive system design through the verification of formal task and system models , 1995, EHCI.

[123]  Thierry Gautier,et al.  Code generation strategies in the Polychrony environment , 2009 .

[124]  Florian Krebs A Translation Framework from RVC-CAL Dataflow Programs to OpenCL/SYCL based Implementations , 2019 .

[125]  Osman Hasan,et al.  Towards Formal Fault Tree Analysis Using Theorem Proving , 2015, CICM.

[126]  Rene L. Cruz,et al.  A calculus for network delay, Part I: Network elements in isolation , 1991, IEEE Trans. Inf. Theory.

[127]  Guy Durrieu,et al.  Deriving a Formal Model of an Interactive System from its UIL Description in order to Verify and Test its Behaviour , 1996, DSV-IS.

[128]  Thomas W. Reps,et al.  Directed Proof Generation for Machine Code , 2010, CAV.

[129]  Stéphane Chatty,et al.  Verification of properties of interactive components from their executable code , 2015, EICS.

[130]  Zvonimir Rakamaric,et al.  JDart: A Dynamic Symbolic Analysis Framework , 2016, TACAS.

[131]  Ellen J. Bass,et al.  A Systematic Approach to Model Checking Human–Automation Interaction Using Task Analytic Models , 2011, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[132]  Ulrik Brandes,et al.  Using Graph Layout to Visualize Train Interconnection Data , 1998, Graph Drawing.

[133]  Nguyen Minh Hai,et al.  Obfuscation Code Localization Based on CFG Generation of Malware , 2015, FPS.

[134]  Ben Shneiderman,et al.  Designing the User Interface: Strategies for Effective Human-Computer Interaction , 1998 .

[135]  Francis Jambon From Formal Specifications to Secure Implementations , 2002, CADUI.

[136]  Markus Roggenbach,et al.  OnTrack: An Open Tooling Environment for Railway Verification , 2013, NASA Formal Methods.

[137]  Enrico Vicario,et al.  Using Temporal Logic and Model Checking in Automated Recognition of Human Activities for Ambient-Assisted Living , 2013, IEEE Transactions on Human-Machine Systems.

[138]  Michael Wooldridge,et al.  Tractable multiagent planning for epistemic goals , 2002, AAMAS '02.

[139]  Florian Krebs,et al.  Generating Efficient Parallel Code from the RVC-CAL Dataflow Language , 2019, 2019 22nd Euromicro Conference on Digital System Design (DSD).

[140]  Lothar Thiele,et al.  DOL-BIP-Critical: a tool chain for rigorous design and implementation of mixed-criticality multi-core systems , 2018, Des. Autom. Embed. Syst..

[141]  Marta Z. Kwiatkowska,et al.  Stochastic Model Checking , 2007, SFM.

[142]  Mamoun Filali,et al.  Towards a simple and safe Objective Caml compiling framework for the synchronous language SIGNAL , 2017, Frontiers of Computer Science.

[143]  Sofiène Tahar,et al.  Formal Dependability Modeling and Analysis: A Survey , 2016, CICM.

[144]  Armin Biere Lingeling, Plingeling, PicoSAT and PrecoSAT at SAT Race 2010 , 2010 .

[145]  Zhenyu Chen,et al.  QBF-Based Symbolic Model Checking for Knowledge and Time , 2007, TAMC.

[146]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[147]  Christian Fraboul,et al.  Work in progress paper: pessimism analysis of network calculus approach on AFDX networks , 2017, 2017 12th IEEE International Symposium on Industrial Embedded Systems (SIES).

[148]  Jürgen Teich,et al.  Using design space exploration for finding schedules with guaranteed reaction times of synchronous programs on multi-core architecture , 2017, J. Syst. Archit..

[149]  Nachum Dershowitz,et al.  Bounded Model Checking with QBF , 2005, SAT.