Skip to main content
SpringerLink
Log in

Refinement-based verification of implementations of Stateflow charts

  • Original Article
  • Published:
Formal Aspects of Computing

Abstract

Simulink’s Stateflow is a graphical notation widely adopted in industry. Since it is frequently used to model safety-critical systems, correctness of implementations of Stateflow charts is a major concern. In previous work, we have shown how we can generate formal models for refinement of Stateflow charts automatically. Here, we define a refinement strategy that supports the automated verification of implementations with respect to these models. We consider the verification of implementations that follow architectural patterns used in the Stateflow code generator. We present a detailed procedure for application of refinement laws. If the implementation is correct, the procedure succeeds. If a law application fails, the implementation is either incorrect or does not use the expected architectural pattern. The very low proof burden associated with the refinement verification makes a high level of automation possible.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Abrial J-R (2010) Modeling in Event-B: System and software engineering. Cambridge University Press, Cambridge

    Book  Google Scholar 

  2. Adams MM, Clayton PB (2005) Cost-effective formal verification for control systems. In Lau K, Banach R (eds) ICFEM 2005: formal methods and software engineering, volume 3785 of Lecture Notes in Computer Science. Springer, Berlin, pp 465–479

  3. Barnes J (2003) High integrity software: the SPARK approach to safety and security. Addison-Wesley, Reading

    Google Scholar 

  4. Banphawatthanarak C, Krogh BH (2000) Verification of stateflow diagrams using smv: sf2smv 2.0. Technical Report CMU-ECE-2000-020. Carnegie Mellon University

  5. Cavalcanti ALC, Clayton P (2006) Verification of control systems using Circus. In: 11th IEEE international conference on engineering of complex computer systems. IEEE Computer Society, New York, pp 269–278

  6. Caspi P, Curic A, Maignan A, Sofronis C, Tripakis S (2003) Translating discrete-time Simulink to Lustre. In: Alur R, Lee I (eds) EMSOFT 2003, volume 2855 of Lecture Notes in Computer Science. Springer, Berlin, pp 84–99

  7. Cavalcanti ALC, Clayton P, O’Halloran C (2005) Control law diagrams in Circus. In: Fitzgerald J, Hayes IJ, Tarlecki A (eds) FM 2005: formal methods, volume 3582 of Lecture Notes in Computer Science. Springer, Berlin, pp 253–268

  8. Cavalcanti ALC, Clayton P, O’Halloran C (2011) From control law diagrams to Ada via Circus. Formal Aspect Comput 23(4): 465–512

    Article  MATH  Google Scholar 

  9. Chen C, Sun J, Liu Y, Dong JS, Zheng M (2012) Formal modeling and validation of Stateflow diagrams. Int J Softw Tools Technol Transf 14(6): 653–671

    Article  Google Scholar 

  10. Cavalcanti ALC, Sampaio ACA, Woodcock JCP (2003) A refinement strategy for Circus. Formal Aspect Comput 15(2–3): 146–181

    Article  MATH  Google Scholar 

  11. Cavalcanti ALC, Woodcock JCP (1999) ZRC—a refinement calculus for Z. Formal Aspect Comput 10(3): 267–289

    Article  Google Scholar 

  12. Ferrari A, Fantechi A, Bacherini S, Zingoni N (2009) Modeling guidelines for code generation in the railway signaling context. In: NASA formal methods, pp 166–170

  13. Harel D (1987) Statecharts: a visual formalism for complex systems. Sci Comput Program 8(3): 231–274

    Article  MATH  MathSciNet  Google Scholar 

  14. Hoare CAR, He J (1998) Unifying theories of programming. Prentice-Hall, Englewood Cliffs

    Google Scholar 

  15. Harel D, Pnueli A, Schmidt JP, Sherman R (1987) On the formal semantics of statecharts. In: 2nd IEEE symposium on logic in computer science. IEEE Press, New York, pp 54–64

  16. Latella D, Majzik I, Massink M (1999) Towards a formal operational semantics of UML statechart diagrams. In: Ciancarini P, Gorrieri R (eds) IFIP TC6/WG6.1 third international conference on formal methods for open object-based distributed systems. Kluwer, Dordrecht, pp 331–347

  17. Lilius J, Paltor IP (1999) The semantics Of UML state machines. Technical Report 273, Turku Centre and Computer Science

  18. Lublinerman R, Szegedy C, Tripakis S (2009) Modular code generation from synchronous block diagrams modularity versus code size. In: 36th symposium on principles of programming languages

  19. Mathworks Automotive Advisory Board. MAAB Control Algorithm Modeling. http://www.mathworks.co.uk/help/simulink/maab-control-algorithm-modeling.html

  20. The MathWorks,Inc. Real-Time Workshop. www.mathworks.com/products/rtwt

  21. The MathWorks,Inc. Simulink. www.mathworks.com/products/simulink

  22. The MathWorks,Inc. Stateflow and Stateflow coder 7 user’s guide. www.mathworks.com/products

  23. Miyazawa A, Cavalcanti ALC (2011) Refinement-based verification of sequential implementations of Stateflow charts. In: Derrick J, Boiten E, Reeves S (eds) Refinement workshop. Electronic Notes in Theoretical Computer Science. Elsevier. doi:10.4204/EPTCS.55

  24. Miyazawa A, Cavalcanti ALC (2012) Refinement-oriented models of Stateflow charts. Sci Comput Program 77(10–11): 1151–1177

    Article  MATH  Google Scholar 

  25. Miyazawa A (2012) Formal verification of implementations of Stateflow charts. PhD thesis, University of York

  26. Mikk E, Lakhnech Y, Petersohn C, Siegel M (1997) On formal semantics of Statecharts as supported by statemate. In: BCS-FACS northern formal methods workshop. Springer, Berlin

  27. Morgan CC (1994) Programming from specifications. Prentice-Hall, Englewood Cliffs

    MATH  Google Scholar 

  28. Miller SP, Whalen MW, Cofer DD (2010) Software model checking takes off. Commun ACM 53(2): 58–64

    Article  Google Scholar 

  29. Ng MY, Butler M (2003) Towards formalizing UML state diagrams in CSP. In: International conference on software engineering and formal methods. IEEE Computer Society, Silver Spring, pp 138–148

  30. Oliveira MVM, Cavalcanti ALC (2008) ArcAngelC: a refinement tactic language for Circus. Electron Notes Theor Comput Sci 214C:203–229

  31. Oliveira MVM (2006) Formal derivation of state-rich reactive programs using Circus. PhD thesis, University of York

  32. Oliveira MVM, Zeyda F, Cavalcanti ALC (2011) A tactic language for refinement of state-rich concurrent specifications. Sci Comput Program 76(9): 792–833

    Article  MATH  Google Scholar 

  33. Pnueli A, Shalev M (1991) What is in a step: on the semantics of statecharts. In: Ito T, Meyer AR (eds) Theoretical aspects of computer software, volume 526 of Lecture Notes in Computer Science. Springer, Berlin, pp 244–264

  34. Roscoe AW (2011) Understanding concurrent systems. Texts in Computer Science. Springer, Berlin

    Google Scholar 

  35. Ramos R, Sampaio ACA, Mota AC (2005) A semantics for UML-RT active classes via mapping into Circus. In: Formal methods for open object-based distributed systems, volume 3535 of Lecture Notes in Computer Science, pp 99–114

  36. Snook C, Savicks V, Butler M (2011) Verification of UML models by translation to UML-B. In: 9th international conference on formal methods for components and objects, volume 6957 of Lecture Notes in Computer Science. Springer, Berlin, pp 251–266

  37. Scaife N, Sofronis C, Caspi P, Tripakis S, Maraninchi F (2004) Defining and translating a “Safe” subset of Simulink/Stafeflow into Lustre. In: International conference on embedded software. ACM Press, New york, pp 259–268

  38. Sekerinski E, Zurob R (2002) Translating statecharts to B. In: Butler M, Petre L, Sere K (eds) Integrated formal methods, volume 2335 of Lecture Notes in Computer Science. Springer, Berlin, pp 128–144

  39. TargetLink. http://www.dspace.com/en/inc/home/products/sw/pcgs/targetli.cfm. Accessed: 05 May 2013

  40. Toyn I, Galloway A (2005) Proving properties of stateflow models using ISO Standard Z and CADiZ. In: Henson MC, Treharne H, King S, Schneider S (eds) ZB 2005: formal specification and development in Z and B, volume 3455 of Lecture Notes in Computer Science. Springer, Berlin, pp 104–123

  41. Tiwari A (2002) Formal semantics and analysis methods for Simulink Stateflow models. Technical report, SRI International. www.csl.sri.com/~tiwari/stateflow.html

  42. Toom A, Naks T, Pantel M, Gandriau M, Indrawati (2008) Gene-auto: an automatic code generator for a safe subset of Simulink/Stateflow and Scicos. In: 4th European congress ERTS embedded real-time software

  43. von der Beeck M (2002) A structured operational semantics for UML-statecharts. Softw Syst Model V1:130–141

    Google Scholar 

  44. Woodcock JCP, Davies J (1996) Using Z—specification, refinement, and proof. Prentice-Hall, Englewood Cliffs

  45. Zeyda F, Cavalcanti A (2010) Encoding Circus programs in ProofPower-Z. In: Butterfield A (ed) Unifying theories of programming, volume 5713 of Lecture Notes in Computer Science. Springer, Berlin, pp 218–237

  46. Zeyda F, Oliveira MVM, Cavalcanti ALC (2012) Mechanised support for sound refinement tactics. Formal Aspect Comput 24(1): 127–160

    Article  MATH  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of York, Deramore Lane, Heslington, York, YO10 5GH, UK

    Alvaro Miyazawa & Ana Cavalcanti

Authors
  1. Alvaro Miyazawa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ana Cavalcanti
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alvaro Miyazawa.

Additional information

Communicated by Eerke Albert Boiten

Rights and permissions

Reprints and permissions

About this article

Cite this article

Miyazawa, A., Cavalcanti, A. Refinement-based verification of implementations of Stateflow charts. Form Asp Comp 26, 367–405 (2014). https://doi.org/10.1007/s00165-013-0291-6

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00165-013-0291-6

Keywords

Search

Navigation