Stateflow/sup TM/ is a MATLAB/Simulink toolbox that supports the development of executable specifications for discrete-state functions. It also supports general flowcharting of program functions. This paper describes a MATLAB program, sf2smv 2.0, that generates input for a symbolic model checking program, SMV, to verify properties of Stateflow/sup TM/ diagrams in Simulink. The SMV modules are constructed to reflect precisely the execution semantics in the simulation of Stateflow/sup TM/ diagrams. This extends previous work that created verification files that reflected an idealized version of the Stateflow/sup TM/ semantics. This paper describes how the principal Stateflow/sup TM/ execution rules are translated into SMV modules. Examples are used to illustrate the transformation procedures and their application to verify properties of executable specifications for control features in automotive powertrain control applications.
[1]
David Harel,et al.
Statecharts: A Visual Formalism for Complex Systems
,
1987,
Sci. Comput. Program..
[2]
S. Toeppe,et al.
Specification and testing of automotive powertrain control system software using CACSD tools
,
1998,
17th DASC. AIAA/IEEE/SAE. Digital Avionics Systems Conference. Proceedings (Cat. No.98CH36267).
[3]
Kenneth L. McMillan,et al.
Symbolic model checking: an approach to the state explosion problem
,
1992
.
[4]
Edmund M. Clarke,et al.
Symbolic model checking for sequential circuit verification
,
1993,
IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..
[5]
Derek J. Hatley,et al.
Strategies for Real-Time System Specification
,
1987
.