Abstract
This study addresses the problem of assuring provably safe and correct behaviour of safety-critical complex hybrid systems (CHS) throughout their life-cycles when physical system dynamics tend to change due to natural causes. Model-based development methods are needed that integrate formal specification, verification, implementation level testing and runtime validation. Scalability limitations of available algorithms/methods dictate a modular approach, but this poses conflicting issues of compositionality, falsetransitivity, soundness and completeness. In this paper a compositional solution approach based on the decomposition and hybridisation of statechart models (into hybrid automata - HA) is demonstrated. Specifically, a compositional formal verification methodology developed earlier for discrete event dynamic systems (DEDS) was elevated to hybrid dynamics, successfully overcoming the risk of false transitivity common to direct abstraction methods of continuous state-space. It was then used to develop a scalable strategy to generate sound and complete (relative to coverage criteria) tests, and configure corresponding compositional HiL tests for different abstraction and functional levels. The same decomposition was used to derive compositional runtime validation tests based on discrete invariants and differential invariants. The study formally proves that (1) the proposed HA based formal verification method is compositional, sound and complete relative to first-order logic of differential equations, (2) the modular tests are compositional and (3) the HA based test generation method is compositional, sound and complete relative to first-order logic of differential equations. To reduce complexity compositionality is rendered parallel than sequential to perform the simpler tasks concurrently. The claims have been validated experimentally on a full scale experimental rig.
Highlights
This study addresses the problem of assuring provably safe and correct behaviour of safety-critical complex hybrid systems (CHS) throughout their life-cycles when physical system dynamics tend to change due to natural causes
The underlying problem addressed is assurance of provably safe and correct behaviour according to requirement specifications, in real-scale non-terminating safety-critical complex hybrid systems (CHS) throughout their life-cycles when physical system dynamics and the environment tend to change due to natural causes
In this paper we demonstrate our compositional approach to formal verification and test design, which supports parallel composition of sequential hybrid automata (HA): statecharts (Harel, 1987) modelling discrete-event dynamics of a hybrid system are decomposed into a set of automata communicating through port-structures using a decomposition we introduced previously
Summary
The underlying problem addressed is assurance of provably safe and correct behaviour according to requirement specifications, in real-scale non-terminating (repeatedly looping) safety-critical complex hybrid systems (CHS) throughout their life-cycles when physical system dynamics and the environment tend to change due to natural causes. Verification of nontrivial behavioural specifications (based on temporal and differential dynamic logics) using model checking has been made possible by providing them with transition structures through the abstraction of the state-space into affine partitions (based on observational equivalence relations -bisimilarity-) This becomes states of timed or hybrid automata with discrete transitions defined for affine boundaries (Belta, 2017; Sloth & Wisnieski, 2011), albeit with a risk of over-approximation and false-transitivity. In this paper we demonstrate our compositional approach to formal verification and test design, which supports parallel composition of sequential HA: statecharts (Harel, 1987) modelling discrete-event dynamics of a hybrid system are decomposed into a set of automata (language generators) communicating through port-structures using a decomposition we introduced previously De Matos (2015) and Nielsen (2014) help comparing a strict formal modelbased development and a combination of formal and traditional unit-test based methods
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
