Formal Methods for the Analysis of Critical Control Systems Models: Combining Non-Linear and Linear Analyses

Adrien Champion; Rémi Delmas; Michael Dierkes; Pierre-loic Garoche; Romain Jobredeaux; Pierre Roux

doi:10.4271/2013-01-2109

Critical control systems are often built as a combination of a control core with safety mechanisms allowing to recover from failures. For example a PID controller used with triplicated inputs. Typically those systems would be designed at the model level in a synchronous language like Lustre or Simulink, and their code automatically generated from those models.

In previous SAE symposium, we addressed the formal analysis of such systems - focusing on the safety parts - using a combination of formal techniques, ie. k-induction and abstract interpretation.

The approach developed here extends the analysis of the system to the control core. We present a new analysis framework combining the analysis of open-loop stable controller with those safety constructs. We introduce the basic analysis approaches: abstract interpretation synthesizing quadratic invariants and backward analysis based on quantifier elimination. Then we apply it on a simple but representative example that no other available state-of-the-art technique is able to analyze.

This contribution is another step towards early use of formal methods for critical embedded software such as the ones of the aerospace industry.

Standards

SAE Mobilus®

Publications

News

Events

Professional Development

A World in Motion (PreK-12)

Participate with SAE

SAE Membership

Donate

Formal Methods for the Analysis of Critical Control Systems Models: Combining Non-Linear and Linear Analyses 2013-01-2109

SAE MOBILUS