A contract-based semantics and refinement for hybrid Simulink block diagrams

Abstract

Simulink is widely used for modelling, simulating, and analysing cyber–physical systems (CPS). However, for safety-critical CPS, Simulink is insufficient to ensure safety since it lacks an official formal semantics to support compositional reasoning and verification. In this paper, we present a contract-based semantic model for hybrid Simulink block diagrams, including both discrete-time and continuous-time blocks. In our semantic formalisation, the semantics of a block is defined as a contract, and we define five operations on contracts, which are sequential composition, parallel composition, feedback composition, variable renaming, and variable hiding. We then develop a refinement calculus for hybrid Simulink block diagrams. Finally, we use a water tank system and a vehicle speed control system as case studies to demonstrate our approach.