Background

In the context of embedded software design, one challenge is to mediate the gap between design facilitation and verification complication. We found that existing theories and practices in verification are powerful, but when applying formal techniques, it would greatly release the burden of system designers if detailed and complex mathematical models used for verification are hidden; construction of such models may be time consuming and error prone.

Goals and Achievements

We provide an automatic mapping from higher level components (actors) commonly used to lower level mathematical models; the conversion preserves behavior semantics. With this methodology, the productivity of designers as well as the correctness of designs can be maintained simultaneously.

Automatic conversion from FSMActors to Kripke Structures in the SR domain

FSMActors can be viewed as extended state machines, which enable the existence of inner variables. We are to convert multiple FSMActors in the SR (Synchronous Reactive) domain into Kripke structures accepted by model checker NuSMV [3]. We can also deal with ModalModels with state refinements.

Incorporating FSMActors with Other Actors in Libraries under the DE domain

The DE (Discrete Event) domain is one of the most useful MoCs capturing the behavior of real time systems. We study the parts of the actors that can not be represented by simple FSMs; we are able to characterize their interplay using the theory of Timed Automata [1].

Case Study: Traffic Light System in SR

We construct a simplified traffic light system in the SR domain, where the system contains of one car light and one pedestrian light. Our design should make it impossible to have the car light and pedestrian light be green at the same time (this might lead to accidents). We use a model checker to test whether our design satisfies the specification. Formula: !EF (CarLightNormal.state = Cgrn & PedestrianLightNormal.state = Pgreen)

Case Study: Buffer Overflow Detection in DE

Buffer overflow detection has been an important issue in the design of embedded systems. Our conversion process enables us to configure parameters of buffer size for each component, and use model checkers to detect the undesired behavior. Also we can describe more interesting properties using TCTL [2].

Conclusion and Future Work

In this work, we offer design with verification by translating component models into the mathematical models needed for verification. This work opens interesting problems for future study in parametric safety analysis and rate control analysis.

References

