Toward a validation process for model based safety analysis

2001

Of special interest in formal verification are safety properties, which assert that the system always stays within some allowed region. Proof rules for the verification of safety properties have been developed in the proof-based approach to verification, making verification of safety properties simpler than verification of general properties. In this paper we consider model checking of safety properties. A computation that violates a general linear property reaches a bad cycle, which witnesses the violation of the property.

2005

Safety analysis techniques have traditionally been performed manually by the safety engineers. Since these analyses are based on an informal model of the system, it is unlikely that these analyses will be complete, consistent, and error-free. Using precise formal models of the system as the basis of the analysis may help reduce errors and provide a more thorough analysis. Further, these models allow automated analysis, which may reduce the manual effort required. The process of creating system models suitable for safety analysis closely parallels the model-based development process that is increasingly used for critical system and software development. By leveraging the existing tools and techniques, we can create formal safety models using tools that are familiar to engineers and we can use the static analysis infrastructure available for these tools. This paper reports our initial experience in using model-based safety analysis on an example system taken from the ARP Safety Assessment guidelines document.

Lecture Notes in Computer Science, 1995

In this paper, slrucmred methods are integrated with formal verification methods based on temporal logic. The goal is to use an operational method (SA/RT) for the system behavionral specification, and to complement this with safety properties expressed in a declarative style using temporal logic (CTL). These properties are checked against the operational specification using a model checker (SMV). In order to formally analyze the system properties, syntax and semantics based on a transition system are given. The model is composed of interleaving concurrent processes communicated by shared variables. Also, some extensions are incorporated into the operational formalism, such as shared variables communication and synchronous communication between processes., F'wst at all, the size of the model is reduced, and then translated into the model checker input language. The approach is illustrated with a real example in which we verify a global property by means of the composition of properties that have been checked separately for the essential and the implementation model.

International Journal on Software Tools for Technology Transfer, 2015

The paper presents an approach for rigorous development of safety-critical systems based on the Abstract State Machine formal method. The development process starts from a high level formal view of the system and, through renement, derives more detailed models till the desired level of specication. Along the process, dierent validation and verication activities are available, as simulation, model review, and model checking. Moreover, each renement step can be proved correct using an SMT-based approach. As last step of the renement process, a Java implementation can be developed and linked to the formal specication. The correctness of the implementation w.r.t its formal specication can be proved by means of model-based testing and runtime verication. The process is exemplied by using a Landing Gear System as case study.

2005

System safety analysis techniques are well established and are used extensively during the design of safety-critical systems. Despite this, most of the techniques are highly subjective and dependent on the skill of the practitioner. Since these analyses are usually based on an informal system model, it is unlikely that they will be complete, consistent, and error free. In fact, the lack of precise models of the system architecture and its failure modes often forces the safety analysts to devote much of their effort to finding undocumented details of the system behavior and embedding this information in the safety artifacts such as the fault trees.

Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2014

Ensuring safety-critical software safety requires strict verification of the conformance between safety requirements and programs. Formal verification techniques, such as model checking and theorem proving, can be used to partially realize this objective. DO-178C, a standard for airborne systems, allows formal verification techniques to replace certain forms of testing. My research is concerned with applying model checking to verify the conformance between safety requirements and programs. First, a formal language for specifying software safety requirements which are relevant to event sequences is introduced. Second, the traceability information models between formalized safety requirements and programs are built. Third, the checking of a program against a safety requirement is decomposed into smaller model checking problems by utilizing traceability information model between them.

Reliability Engineering & System …, 2007

Global Journal of Research In Engineering, 2017

Safe operation of a critical embedded system requires reliable information about the state of the system and signal condition of the system. Validity of sensors which measure the process variables are of great importance. Signal validation comprises of detection, isolation and characterization of faulty signals. Signals that are validated are critical for their increased availability in the system. Model-Based Engineering (MBE) approach provides means of modeling, analyzing, and validating the signals for critical embedded system design, and development. The abstract nature of the models provides mechanisms to analyze verify and validate the system functionality, at a much early stage in their development process.

1999

This report describes a formal approach to verification and validation of safety requirements for embedded software, by application to a simple control-logic case study. The logic is formally specified in Z. System safety properties are formalised by defining an abstract model of the system’s physical behaviour in Z, including its hazardous states and dominant sensor failures. The Possum specification-animation tool is then used to check that the logic meets its safety requirements. Finally, the logic is implemented in SPARK Ada and SPARK Examiner is used to formally verify the implementation meets its specification. Design safety validation and source code verification are completely automated, removing the need for

J. Univers. Comput. Sci., 2013

In the context of safety requirement engineering, model transformation is a task of interest. Indeed, it allows us to keep all the requirements while switching from one point of view to another. The presented work assumes that a valid solution has been found and proposes an approach in order to build a valid implementation. As some fine dynamic properties are integrated into the specification, high-level Petri nets are used to specify and verify the solution. Then, considering an industrial railway context, the transformation of the Petri net model in order to provide an input to a B process is considered. This last consideration leads to a proposition of a systematic direct transformation of the Petri net model into abstract B machines. The approach is illustrated by a theoretical railway example. The limitations of this approach are discussed at the end of the paper and some prospects are detailed.