A framework for formal verification of systems of synchronous components

Large asynchronous systems composed from synchronous components (so called GALS—globally asynchronous, locally synchronous—systems) pose a challenge to formal verification. We present an approach which abstracts components with contracts capturing the behavior in a rely-guarantee style logic. Formal verification of global system properties is then done transforming a network of contracts to PROMELA/SPIN. Synchronous components are implemented in SCADE, and contract validation is done by transforming the contracts into synchronous observers and using the SCADE Design Verifier for formal verification. We also discuss first experiences from an ongoing industrial case study applying our approach.

[1]  Ingolf Krüger,et al.  A Verification Approach for GALS Integration of Synchronous Components , 2005, FMGALS@MEMOCODE.

[2]  Charles André,et al.  Semantics of S . S . M . ( Safe State Machine ) , 2003 .

[3]  Paul Gastin,et al.  Fast LTL to Büchi Automata Translation , 2001, CAV.

[4]  Sandeep K. Shukla,et al.  Modeling and validating globally asynchronous design in synchronous frameworks , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[5]  Nicolas Halbwachs,et al.  Synchronous Observers and the Verification of Reactive Systems , 1993, AMAST.

[6]  Cliff B. Jones,et al.  Specification and Design of (Parallel) Programs , 1983, IFIP Congress.

[7]  Nicolas Halbwachs,et al.  Validation of Synchronous Reactive Systems: From Formal Verification to Automatic Testing , 1999, ASIAN.

[8]  Darren D. Cofer,et al.  Formal Verification of an Avionics Sensor Voter Using SCADE , 2004, FORMATS/FTRTFT.

[9]  Florence Maraninchi,et al.  Contract-Based Coordination of Hardware Components for the Development of Embedded Software , 2009, COORDINATION.

[10]  Thomas A. Henzinger,et al.  Reactive Modules , 1999, Formal Methods Syst. Des..

[11]  Hubert Garavel,et al.  Verification of GALS Systems by Combining Synchronous Languages and Process Calculi , 2009, SPIN.

[12]  R. K. Shyamasundar,et al.  Multiclock Esterel: a reactive framework for asynchronous design , 2000, Proceedings 14th International Parallel and Distributed Processing Symposium. IPDPS 2000.

[13]  Jean-Christophe Le Lann,et al.  POLYCHRONY for System Design , 2003, J. Circuits Syst. Comput..

[14]  Benoît Caillaud,et al.  Correct-by-construction asynchronous implementation of modular synchronous specifications , 2005, Fifth International Conference on Application of Concurrency to System Design (ACSD'05).

[15]  Nicolas Halbwachs,et al.  Virtual execution of AADL models via a translation into synchronous programs , 2007, EMSOFT '07.

[16]  Philippe Baufreton,et al.  SACRES: A Step Ahead in the Development of Critical Avoinics Applications (Abstract) , 1999, HSCC.

[17]  Daniel Marcos Chapiro,et al.  Globally-asynchronous locally-synchronous systems , 1985 .

[18]  Holger Giese,et al.  Towards the compositional verification of real-time UML designs , 2003, ESEC/FSE-11.

[19]  Vijay D'Silva,et al.  A Toolset for Modelling and Verification of GALS Systems , 2004, CAV.

[20]  Nicolas Halbwachs,et al.  Simulation and Verification of Asynchronous Systems by means of a Synchronous Model , 2006, ACSD.

[21]  Holger Giese,et al.  Separation of non-orthogonal concerns in software architecture and design , 2006, Software & Systems Modeling.