On the Formal Verification of Systems of Synchronous Software Components

Large asynchronous systems composed from synchronous components (so called GALS--globally asynchronous, locally synchronous--systems) pose a challenge to formal verification. We present an approach which abstracts components with contracts capturing the behavior by a mixture of temporal logic formulas and non-deterministic state machines. Formal verification of global system properties is then done transforming a network of contracts to model checking tools such as Promela/SPIN or UPPAAL. Synchronous components are implemented in Scade, and contract validation is done using the Scade Design Verifier for formal verification. We also discuss first experiences from an ongoing industrial case study applying our approach.

[1]  Nicolas Halbwachs,et al.  Validation of Synchronous Reactive Systems: From Formal Verification to Automatic Testing , 1999, ASIAN.

[2]  Edmund M. Clarke,et al.  Counterexample-guided abstraction refinement , 2003, 10th International Symposium on Temporal Representation and Reasoning, 2003 and Fourth International Conference on Temporal Logic. Proceedings..

[3]  Darren D. Cofer,et al.  Formal Verification of an Avionics Sensor Voter Using SCADE , 2004, FORMATS/FTRTFT.

[4]  Florence Maraninchi,et al.  Contract-Based Coordination of Hardware Components for the Development of Embedded Software , 2009, COORDINATION.

[5]  Jean-Christophe Le Lann,et al.  POLYCHRONY for System Design , 2003, J. Circuits Syst. Comput..

[6]  Andreas Podelski,et al.  ACSAR: Software Model Checking with Transfinite Refinement , 2007, SPIN.

[7]  Yassine Lakhnech,et al.  Formal Techniques, Modelling and Analysis of Timed and Fault-Tolerant Systems , 2004, Lecture Notes in Computer Science.

[8]  Stefan Milius,et al.  A framework for formal verification of systems of synchronous components , 2012, MBEES.

[9]  Cliff B. Jones,et al.  Specification and Design of (Parallel) Programs , 1983, IFIP Congress.

[10]  Rajeev Alur,et al.  Model-Checking in Dense Real-time , 1993, Inf. Comput..

[11]  Ingolf Krüger,et al.  A Verification Approach for GALS Integration of Synchronous Components , 2005, FMGALS@MEMOCODE.

[12]  Paul Gastin,et al.  Fast LTL to Büchi Automata Translation , 2001, CAV.

[13]  Sandeep K. Shukla,et al.  Modeling and validating globally asynchronous design in synchronous frameworks , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[14]  Rajeev Alur,et al.  MOCHA: Exploiting Modularity in Model Checking , 2000, CAV 2000.

[15]  Farhad Arbab,et al.  Coordination Models and Languages , 1998, Adv. Comput..

[16]  Hubert Garavel,et al.  Verification of GALS Systems by Combining Synchronous Languages and Process Calculi , 2009, SPIN.

[17]  P. S. Thiagarajan,et al.  Advances in Computing Science — ASIAN’99 , 1999, Lecture Notes in Computer Science.

[18]  Nicolas Halbwachs,et al.  Synchronous Observers and the Verification of Reactive Systems , 1993, AMAST.

[19]  S. Ramesh Communicating Reactive State Machines: Design, Model and Implementation , 1998 .

[20]  Philippe Baufreton,et al.  SACRES: A Step Ahead in the Development of Critical Avoinics Applications (Abstract) , 1999, HSCC.

[21]  Daniel Marcos Chapiro,et al.  Globally-asynchronous locally-synchronous systems , 1985 .

[22]  Holger Giese,et al.  Towards the compositional verification of real-time UML designs , 2003, ESEC/FSE-11.

[23]  Vijay D'Silva,et al.  A Toolset for Modelling and Verification of GALS Systems , 2004, CAV.

[24]  Nicolas Halbwachs,et al.  Simulation and Verification of Asynchronous Systems by means of a Synchronous Model , 2006, ACSD.

[25]  Holger Giese,et al.  Separation of non-orthogonal concerns in software architecture and design , 2006, Software & Systems Modeling.

[26]  Cesare Tinelli,et al.  PKind: A parallel k-induction based model checker , 2011, PDMC.

[27]  Nicolas Halbwachs,et al.  Virtual execution of AADL models via a translation into synchronous programs , 2007, EMSOFT '07.

[28]  Thomas A. Henzinger,et al.  Hybrid Systems: Computation and Control , 1998, Lecture Notes in Computer Science.

[29]  Thomas A. Henzinger,et al.  Reactive Modules , 1999, Formal Methods Syst. Des..

[30]  Charles André,et al.  Semantics of S . S . M . ( Safe State Machine ) , 2003 .

[31]  R. K. Shyamasundar,et al.  Multiclock Esterel: a reactive framework for asynchronous design , 2000, Proceedings 14th International Parallel and Distributed Processing Symposium. IPDPS 2000.

[32]  Robin Milner,et al.  Calculi for Synchrony and Asynchrony , 1983, Theor. Comput. Sci..