Verifying the adaptation behavior of embedded systems

Many complex embedded systems dynamically adapt their components, services, algorithms, and parameters to the environment. This leads to new classes of design errors, since adaptation has become an increasingly complex part of the systems' behavior. In particular, as adaptations often continuously trigger further adaptations in other components, inconsistent and unstable configurations may be reached. Formal verification, which is routinely applied in safety-critical applications, must therefore consider not only temporal and functional properties of a system, but also its ability to dynamically adapt itself according to external and internal stimuli.In this paper, we describe how the adaptation behavior of embedded systems can be modeled, specified, and verified at design time. The systems are thereby given at a high level of abstraction, where adaptation is triggered by the quality of data values. This allows to extract the relevant information in a form that can be directly used for verification. Moreover, we demonstrate how state-of-the-art model checkers can be used to formally reason about the resulting system description.

[1]  Pierre Sens,et al.  DARX - a framework for the fault-tolerant support of agent software , 2003, 14th International Symposium on Software Reliability Engineering, 2003. ISSRE 2003..

[2]  Klaus Schneider,et al.  Verification of Reactive Systems: Formal Methods and Algorithms , 2003 .

[3]  Stephan Merz,et al.  Model Checking , 2000 .

[4]  Edmund M. Clarke,et al.  Formal Methods: State of the Art and Future Directions Working Group Members , 1996 .

[5]  Mario Trapp,et al.  Service-based Development of Dynamically Reconfiguring Embedded Systems , 2003, Applied Informatics.

[6]  Tobias Schüle,et al.  Bounded model checking of infinite state systems: exploiting the automata hierarchy , 2004, Proceedings. Second ACM and IEEE International Conference on Formal Methods and Models for Co-Design, 2004. MEMOCODE '04..

[7]  Randal E. Bryant,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 1986, IEEE Transactions on Computers.

[8]  Leon J. Osterweil,et al.  Containment units: a hierarchically composable architecture for adaptive systems , 2002, SIGSOFT '02/FSE-10.

[9]  Tobias Schüle,et al.  A Verified Compiler for Synchronous Programs with Local Declarations , 2006, SLAP@ETAPS.

[10]  Stephen A. Edwards,et al.  The synchronous languages 12 years later , 2003, Proc. IEEE.

[11]  Kenneth L. McMillan,et al.  The SMV System , 1993 .

[12]  Edmund M. Clarke,et al.  Symbolic Model Checking: 10^20 States and Beyond , 1990, Inf. Comput..

[13]  Philip Koopman,et al.  A Product Family Approach to Graceful Degradation , 2000, DIPES.

[14]  Klaus Schneider,et al.  Averest: Specification, Verification, and Implementation of Reactive Systems , 2005 .

[15]  Pradeep K. Khosla,et al.  Port-Based Adaptable Agent Architecture , 2000, IWSAS.

[16]  Tobias Schüle,et al.  A Framework for Verifying and Implementing Embedded Systems , 2006, MBMV.

[17]  Stephen A. Edwards,et al.  The Synchronous Languages Twelve Years Later , 1997 .

[18]  Tobias Schüle,et al.  Bounded model checking of infinite state systems , 2007, Formal Methods Syst. Des..

[19]  Scott Hauck,et al.  Reconfigurable computing: a survey of systems and software , 2002, CSUR.

[20]  Scott Hauck,et al.  The roles of FPGAs in reprogrammable systems , 1998, Proc. IEEE.

[21]  Tobias Schüle,et al.  Causality analysis of synchronous programs with delayed actions , 2004, CASES '04.

[22]  Mario Trapp Modeling the adaptation behavior of adaptive embedded systems , 2005 .

[23]  Nicolas Halbwachs,et al.  Synchronous Programming of Reactive Systems , 1992, CAV.

[24]  Mario Trapp,et al.  On the Modeling of Adaptive Systems , 1999 .

[25]  Krithi Ramamritham,et al.  Adaptive fault tolerance and graceful degradation under dynamic hard real-time scheduling , 1997, Proceedings Real-Time Systems Symposium.

[26]  Olaf Spinczyk,et al.  On adaptable middleware product lines , 2004, Adaptive and Reflective Middleware.

[27]  Klaus Schneider,et al.  Embedding imperative synchronous languages in interactive theorem provers , 2001, Proceedings Second International Conference on Application of Concurrency to System Design.

[28]  Charles P. Shelton,et al.  A framework for scalable analysis and design of system-wide graceful degradation in distributed embedded systems , 2003, Proceedings of the Eighth International Workshop on Object-Oriented Real-Time Dependable Systems, 2003. (WORDS 2003)..