The formal design of distributed controllers with dSL and Spin

We study the formal verification of programs written in dSL, an extension of the standard ST language used to program industrial controllers. It proposes a trade off between industrial and formal verification worlds. The main advantage of dSL is to provide a transparent code distribution through low level communication mechanisms. The behavior of the synthesized distributed system can therefore be formally modeled, easily monitored and formally verified. The verification of a dSL program, realized with the Spin tool, is eased by the definition of a lattice of models linked with a simulation relation preserving next-free LTL formulae. We show that, although dSL is an industrial programming language, it gives the possibility to verify systems designed with it. We illustrate the benefit of our approach with a simple control system of two canal locks.

[1]  Thierry Massart,et al.  A Calculus to Define Correct Tranformations of LOTOS Specifications , 1991, FORTE.

[2]  Madhavan Mukund,et al.  Synthesizing Distributed Transition Systems from Global Specification , 1999, FSTTCS.

[3]  Thierry Massart,et al.  From Static Code Distribution to More Shrinkage for the Multiterminal Cut , 2005, WEA.

[4]  Rémi Morin,et al.  Decompositions of Asynchronous Systems , 1998, CONCUR.

[5]  B. Shirazi,et al.  Design Issues of Process Migration Facilities in Distributed Systems , 1995 .

[6]  BerryGérard,et al.  The ESTEREL synchronous programming language , 1992 .

[7]  Christine Morin,et al.  A Survey of Recoverable Distributed Shared Memory Systems , 1995 .

[8]  Nicolas Halbwachs,et al.  LUSTRE: A declarative language for programming synchronous systems* , 1987 .

[9]  K. Mani Chandy,et al.  Parallel program design - a foundation , 1988 .

[10]  Cédric Meuter,et al.  dSL: An Environment with Automatic Code Distribution for Industrial Control Systems , 2003, OPODIS.

[11]  Hai Jiang,et al.  On Improving Thread Migration: Safety and Performance , 2002, HiPC.

[12]  Robin Milner,et al.  On relating synchrony and asynchrony , 1980 .

[13]  Anoop Gupta,et al.  Cache-coherent distributed shared memory: perspectives on its development and future challenges , 1999, Proc. IEEE.

[14]  Alain Girault,et al.  Sur la répartition de programmes synchrones , 1994 .

[15]  Jean-Raymond Abrial,et al.  The B-book - assigning programs to meanings , 1996 .

[16]  Wei Wei,et al.  A Scalable Incomplete Test for the Boundedness of UML RT Models , 2004, TACAS.

[17]  Gérard Berry,et al.  The Esterel Synchronous Programming Language: Design, Semantics, Implementation , 1992, Sci. Comput. Program..

[18]  Mihalis Yannakakis,et al.  The Complexity of Multiterminal Cuts , 1994, SIAM J. Comput..

[19]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[20]  Thierry Gautier,et al.  Programming real-time applications with SIGNAL , 1991, Proc. IEEE.

[21]  Albert Benveniste,et al.  The synchronous approach to reactive and real-time systems , 1991 .

[22]  Gérard Berry,et al.  Real Time Programming: Special Purpose or General Purpose Languages , 1989, IFIP Congress.

[23]  Ed Brinksma,et al.  Functionality Decomposition by Compositional Correstness Preserving Transformation , 1993, CAV.

[24]  Shin Nakajima,et al.  The SPIN Model Checker : Primer and Reference Manual , 2004 .

[25]  Bill Nitzberg,et al.  Distributed shared memory: a survey of issues and algorithms , 1991, Computer.

[26]  Anca Muscholl,et al.  Synthesis of Distributed Algorithms Using Asynchronous Automata , 2003, CONCUR.

[27]  P. Aubry Mises en oeuvre distribuees de programmes synchrones , 1997 .