Skip to main content
SpringerLink
Log in

Formal Verification of Dynamic Properties in an Aerospace Application

  • Published:
Formal Methods in System Design Aims and scope Submit manuscript

Abstract

Formal verification of computer-based engineering systems is only meaningful if the mathematical models used are derived systematically, recording the assumptions made at each modelling stage. In this paper we give an exposition of research efforts in cooperation with aerospace industries in Sweden. We emphasize the need for modelling techniques and languages covering the whole spectrum from informal engineering documents, to hybrid mathematical models. In this modelling process we give as much weight to the physical environment as to the controlling software. In particular, we report on our experience using switched bond graphs for the modelling of hardware components in hybrid systems. We present the basic ideas underlying bond graphs and illustrate the approach by modelling an aircraft landing gear system. This system consists of actuating hydromechanic and electromechanic hardware, as well as controlling components implemented in software and electronics. We present a detailed analysis of the closed loop system with respect to safety and timeliness properties. The proofs are carried out within the proof system of Extended Duration Calculus.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. R. Alur, C. Courcoubetis, N. Halbwachs, T.A. Henzinger, P.-H. Ho, X. Nicollin, A. Olivero, J. Sifakis, and S. Yovine. The Algorithmic Analysis of Hybrid Systems. Journal of Theoretical Computer Science, 138:3–34, 1995.

    Google Scholar 

  2. J.J. Beaman and R.C. Rosenberg. Constitutive and modulation structure in bond graph modeling. Journal of Dynamic Systems, Measurement and Control, 110(4):395–402, December 1988.

    Google Scholar 

  3. G. Berry. The Esterel v5 Language Primer. Technical report, Ecole des Mines and INRIA, Sophia-Antipolis, http://zenon.inria.fr/meije/esterel, April 1997.

    Google Scholar 

  4. G. Berry. The Foundations of Esterel. In Proofs, Languages and Interaction: Essays in Honour of Robin Milner. MIT Press, 1998. To appear.

  5. R. Boyer and Y. Yu. Automated Proofs of Object Code for a Widely used Microprocessor. Journal of the ACM, 43(1):166–192, 1996.

    Google Scholar 

  6. Z. Chaochen, A. P. Ravn, and M. R. Hansen. An Extended Duration Calculus for Hybrid Real-Time Systems. In R.L. Grossman, A. Nerode, A.P. Ravn, and H. Rischel, editors, Proc. Workshop on Theory of Hybrid Systems, October 1992, LNCS 736, pages 36–59, Lyngby, Denmark, 1993. Springer Verlag.

  7. M. Croxford and J. Sutton. Breaking through the V and V bottleneck. In Proceedings of Ada in Europe. Springer Verlag, 1995.

  8. B. Dutertre and V. Stavridou. Formal Requirements Analysis of an Avionics Control System. IEEE Transactions on Software Engineering, 25(5):267–278, May 1997.

    Google Scholar 

  9. N. Halbwachs. Synchronous Programming of Reactive Systems. Kluwer Academic Publishers, 1993.

  10. A. Hall. Using Formal Methods to develop an ATC Information System. IEEE Software, 12(6):66–76, 1996.

    Google Scholar 

  11. M. R. Hansen and Z. Chaochen. Duration Calculus: Logical Foundations. Formal Aspects of Computing, pages 283–330, 1997.

  12. D. Harel. STATECHARTS: A Visual Formalism for Complex Systems. Science of Computer Programming, 8:231–274, 1987.

    Google Scholar 

  13. M. Heimdahl and N. Leveson. Completeness and Consistency in Heirarchical State-based Requirements. IEEE transactions on Software Engineering, 22(6):363–377, June 1996.

    Google Scholar 

  14. T.A. Henzinger and P-H. Ho. Model Checking Strategies for Linear Hybrid Systems. In proc. of Workshop on Formalisms for Representing and Reasoning about Time, as part of the Seventh International Conference on Industrial and Engineering Applications of Artificial Intelligence and Expert Systems, May 1994.

  15. D.C. Karnopp, R.C. Rosenberg, and D. Margolis. System dynamics — A unified approach (2nd edition). John Wiley & Sons, New York, 1990.

    Google Scholar 

  16. H. Langmaack, W.-P. de Roever, and J. Vytopil, editors. Proc. of the 3rd. International Conference on Formal Techniques in Real-time and Fault-tolerant Systems, LNCS 863. Springer Verlag, 1994.

  17. M. Morin, S. Nadjm-Tehrani, P. Österling, and E. Sandewall. Real-Time Hierarchical Control. IEEE Software, 9(5):51–57, September 1992.

    Google Scholar 

  18. S. Nadjm-Tehrani. Reactive Systems in Physical Environments: Compositional Modelling and Framework for Verification. PhD thesis, Dept. of Computer and Information Science, Linköping University, March 1994. Dissertation No. 338.

  19. S. Nadjm-Tehrani. Time-Deterministic Hybrid Transition Systems. In Hybrid Systems V, Proceedings of the fifth international workshop on hybrid systems, LNCS, To appear. Springer Verlag, 1998.

  20. S. Nadjm-Tehrani and J-E. Strömberg. From Physical modelling to Compositional models of Hybrid Systems. In W.-P. de Roever, and J. Vytopil, editors. Proc. of the 3rd. International Conference on Formal Techniques in Real-time and Fault-tolerant Systems, LNCS 863. Springer Verlag, 1994 Langmaack et al. [16]}, pages 583–604.

  21. S. Nadjm-Tehrani and J-E. Strömberg. Proving Dynamic Properties in an Aerospace Application. In Proc. of the 16th International Symposium on Real-time Systems, pages 2–10. IEEE Computer Society Press, December 1995.

  22. S. Nadjm-Tehrani and J-E. Strömberg. JAS-95 Lite: Modelling and Formal Analysis of Dynamic Properties. Technical Report LITH-IDA-R–96–41, Dept. of Computer and Information Science, Linköping University, December 1996. Currently appears on http://www.ida.liu.se/~snt/activities.html.

  23. M. R. Nielsen. Support for Duration Calculus Verification. Master's thesis, Dept. of Information Technology, Technical University of Denmark, April 1997.

  24. N. Owre, J. Rushby, and N. Shankar. PVS: A Prototype Verification System. In Proc. 11th International Conference on Automated Deduction, LNCS 607. Springer Verlag, 1992.

  25. Henry M. Paynter. Analysis and design of engineering systems. MIT Press, Cambridge, M.A., 1961.

    Google Scholar 

  26. P.J.G. Ramadge and W. M. Wonham. The Control of Discrete Event Systems. Proceedings of the IEEE, (77):81–97, March 1989.

  27. A.P. Ravn. Design of Embedded Real-time Computing Systems. Technical Report ID-TR:1995–170, Dept. of Computer Science, Technical University of Denmark, October 1995.

  28. H. Ruess, N. Shankar, and M. Srivas. Modular Verification of SRT division. In In proceedings of the International Conference on Computer Aided Verification, CAV'96, LNCS 1102, pages 123–134. Springer Verlag, 1996.

  29. J. U. Skakkebaek and N. Shankar. Towards a Duration Calculus Proof Assistant in PVS. In W.-P. de Roever, and J. Vytopil, editors. Proc. of the 3rd. International Conference on Formal Techniques in Real-time and Fault-tolerant Systems, LNCS 863. Springer Verlag, 1994 Langmaack et al. [16]}, pages 660–679.

  30. U. Söderman. Conceptual modelling of mode switching physical systems. PhD thesis, Linköping University, Linköping, 1995. Dissertation no. 375.

    Google Scholar 

  31. J.-E. Strömberg and S. Nadjm-Tehrani. Hybrid Systems Verification Combining Duration Calculus and Bond Graphs. In the invited session on Hybrid Dynamic Systems, Proc. IFAC-IFIP-IMACS Conference on Control of Industrial Systems, pages 481–486. IFAC, 1997.

  32. J.-E. Strömberg, S. Nadjm-Tehrani, and J. Top. Switched Bond Graphs as Front-end to Formal Verification of Hybrid Systems. In R. Alur, T.A. Henzinger, and E. Sontag, editors, Proc. of the DIMACS International Workshop on Verification and Control of Hybrid Systems, LNCS 1066, pages 282–293. Springer Verlag, 1996.

  33. J.E. Strömberg. A mode switching modelling philosophy. PhD thesis, Linköping University, Linköping, 1994. Dissertation no. 353.

    Google Scholar 

  34. J.E. Strömberg, J.L. Top, and U. Söderman. Variable causality in bond graphs caused by discrete effects. In Proc. First Int. Conf. on Bond Graph Modeling (ICBGM '93), number 2 in SCS Simulation Series, volume 25, pages 115–119, San Diego, 1993.

    Google Scholar 

  35. J.L. Top. Conceptual modelling of physical systems. PhD thesis, University of Twente, Enschede, 1993.

    Google Scholar 

  36. J. van Dijk. On the role of bond graph causality in modelling mechatronic systems. PhD thesis, University of Twente, Enschede, 1994.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer and info. Science, Linköping University, S-581 83, Linköping, Sweden

    Simin Nadjm-Tehrani

  2. DST Control AB, Mjärdevi Science Park, Teknikringen 6, S-583 30, Linköping, Sweden

    Jan-Erik Strömberg

Authors
  1. Simin Nadjm-Tehrani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jan-Erik Strömberg
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Nadjm-Tehrani, S., Strömberg, JE. Formal Verification of Dynamic Properties in an Aerospace Application. Formal Methods in System Design 14, 135–169 (1999). https://doi.org/10.1023/A:1008651801000

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/A:1008651801000

Search

Navigation