论文信息 - Using concurrency and formal methods for the design of safe process control

Using concurrency and formal methods for the design of safe process control

This paper reports an experience with the modeling, verification and concurrent implementation of a medium-sized process control problem. The case study was proposed by Forschungszentrum Informatik, Karlsruhe in 1993 in order to promote the usage of formal methods in industry. It concerns an industrial robotics application that processes metal plates. A top-down design approach is followed where successive CCS and Promela specification levels of decreasing abstraction are considered, each layer little by little allows verification of parts of the security requirements thus providing a mean for coping with state explosion. The level refinements are checked with the Concurrency Workbench a CCS-based tool. Safety and liveness requirements are expressed in linear temporal logic and checked with SPIN. From the ultimate specification, two different implementations are derived. The first one is in Synchronous C++, a concurrent extension of C++ and the second in Regis/Darwin. This application shows that formal methods are quite appropriate for developing control process problem from scratch and with requirements to be checked in mind. It appeared clearly that the specification phase was very important for obtaining a satisfactory specification from which a well behaved implementation was derived easily in a few days.

Thierry Cattel

[1] Zohar Manna,et al. The Temporal Logic of Reactive and Concurrent Systems , 1991, Springer New York.

[2] Gerard J. Holzmann,et al. Design and validation of computer protocols , 1991 .

[3] Nicolas Halbwachs,et al. Synchronous Programming of Reactive Systems , 1992, CAV.

[4] Gerard J. Holzmann,et al. Design and Validation of Protocols: A Tutorial , 1993, Comput. Networks ISDN Syst..

[5] Rance Cleaveland,et al. The concurrency workbench: a semantics-based tool for the verification of concurrent systems , 1993, TOPL.

[6] Naranker Dulay,et al. Specifying Distributed Software Architectures , 1995, ESEC.

[7] John K. Ousterhout,et al. Tcl and the Tk Toolkit , 1994 .

[8] T. Cattel. Modelling and verification of a multiprocessor realtime OS kernel , 1995 .

[9] Claus Lewerentz,et al. Formal Development of Reactive Systems: Case Study Production Cell , 1995 .

[10] C. Petitpierre,et al. Active objects: a paradigm for communications and event driven systems , 1994, 1994 IEEE GLOBECOM. Communications: The Global Bridge.

[11] Naranker Dulay,et al. The Software Architect's Assistant-a visual environment for distributed programming , 1995, Proceedings of the Twenty-Eighth Annual Hawaii International Conference on System Sciences.

[12] Robin Milner,et al. Communication and concurrency , 1989, PHI Series in computer science.