Informatik - Forschung und Entwicklung

, Volume 22, Issue 2, pp 95–108 | Cite as

An industrial application of symbolic model checking

The TWIN elevator case study
Reguläre Beiträge

Abstract

Model checking techniques are recognized to provide reliable and copious results. Instead of examining a few cases only – as it is done in testing – model checking includes the whole state space in mathematical proofs of correctness. Yet, this completeness is seen as a drawback as the state explosion problem is hard to handle. In our industrial case study, we apply automated model checking techniques to an innovative elevator system, the TWIN by ThyssenKrupp. By means of abstraction and nondeterminism, we cope with runtime behaviour and achieve to efficiently prove our specification’s validity. The elevator’s safety requirements are exhaustively expressed in temporal logic along with real-world and algorithmic prerequisites, consistency properties, and fairness constraints. Beyond verifying system safety for an actual installation, our case study demonstrates the rewarding applicability of model checking at an industrial scale.

Keywords

Symbolic Model Checking Mechanical Verification Industrial Case Study State Based Systems Safety SMV 

Zusammenfassung

Model-Checking-Techniken liefern anerkanntermaßen zuverlässige und umfassende Ergebnisse. Im Gegensatz zu Testverfahren werden nicht nur Einzelfälle untersucht, sondern der gesamte Zustandsraum fließt in die mathematische Korrektheitsprüfung ein, was jedoch aufgrund schwer handhabbarer Zustandsexplosion als Nachteil angesehen wird. In unserer Industrie-Fallstudie, der Anwendung automatisierter Model Checking Techniken auf das innovative TWIN Aufzugssystem von ThyssenKrupp, beweisen wir die Gültigkeit der Spezifikation bezüglich der Anforderungen; Effizienz wird durch Abstraktion und Nichtdeterminismus erreicht. Die Sicherheitsanforderungen an den Aufzug sind vollständig in Temporallogik ausgedrückt, ebenso wie algorithmische und technische Voraussetzungen, Konsistenzbedingungen und Fairness-Eigenschaften. Unser Fallbeispiel weist nicht nur die Betriebssicherheit eines Produktivsystems nach, sondern unterstreicht die lohnende Anwendbarkeit von Model Checking Techniken im industriellen Maßstab.

Schlagworte

Symbolisches Model Checking Mechanische Verifikation Industrielle Fallstudie Zustandsbasierte Systeme Sicherheit SMV 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bäumler S, Balser M, Dunets A, Reif W, Schmitt J (2006) Verification of Medical Guidelines by Model Checking – A Case Study http://spinroot.com/spin/Workshops/ws06/027.pdfGoogle Scholar
  2. 2.
    Bundesamt für Sicherheit in der Informationsgesellschaft (BSI) (2005) Common Criteria for Information Technology Security Evaluation, Part 3. http://www.bsi.de/cc/ccpart3v2_3.pdfGoogle Scholar
  3. 3.
    Burch JR, Clarke EM, Long DE (1994) Symbolic Model Checking for Sequential Circuit Verification. IEEE Trans Comp Aided Design Integr Circ Syst 13:401–424Google Scholar
  4. 4.
    Chan W, Anderson RJ, Beame P, Burns S, Modugno F, Notkin D, Reese JD (1998) Model checking large software specifications. IEEE Trans Softw Eng 24(7):498–520Google Scholar
  5. 5.
    Cimatti A, Clarke EM, Giunchiglia F, Roveri M (2000) NuSMV: a new symbolic model verifier. In: Halbwachs N, Peled D (eds) International Conference on Computer-Aided Verification (CAV’99), LNCS, vol 1633, pp 495–499, Springer, Berlin HeidelbergGoogle Scholar
  6. 6.
    Cimatti A (2000). Industrial Applications of Model Checking. In: Cassez F, Jard C, Rozoy B, Ryan MD (eds.) Modeling and Verification of Parallel Processes (MOVEP’00), LNCS, vol. 2067, pp 153–167, Springer, Berlin HeidelbergGoogle Scholar
  7. 7.
    Clarke EM, Grumberg O, Peled DA (1999) Model Checking. The MIT Press, Cambridge, MA, USAGoogle Scholar
  8. 8.
    Helke S, Kammüller F (2005) Property Preserving Abstraction for Statecharts. In: 25th IFIP WG 6.1 International Conference on Formal Techniques for Networked and Distributed Systems, FORTE 2005, LNCS, vol. 3731, pp 305–319, Springer, Berlin HeidelbergGoogle Scholar
  9. 9.
    Holzmann GJ (1991) Design and Verification of Computer Protocols. Prentice Hall, LondonGoogle Scholar
  10. 10.
    Janssen W, Mateescu R, Mauw S, Fennema P, van der Stappen P (1999) Model checking for managers. In: Proceedings Theoretical and Practical Aspects of SPIN Model Checking, LNCS, vol 1680, pp 92–107, Springer, Berlin HeidelbergGoogle Scholar
  11. 11.
    Lamport L (1994) The temporal logic of actions. ACM Trans Prog Lang Syst 16:872–923 http://doi.acm.org/10.1145/177492.177726Google Scholar
  12. 12.
    Larsen K G, Steffen B, Weise C (1997) Continuous Modelling of Real Time and Hybrid Systems: From Concepts to Tools. Int J Softw Tools Technol Transf 1:64–85Google Scholar
  13. 13.
    Manna Z, Pnueli A (1991) The Temporal Logic of Reactive and Concurrent Systems: Specification. Springer-Verlag, New YorkMATHGoogle Scholar
  14. 14.
    McMillan KL (1992) Symbolic Model Checking – an Approach to the State Explosion Problem. School of Computer Science, Pittsburgh PA, Carnegie Mellon UniversityGoogle Scholar
  15. 15.
    McMillan KL (1995) Symbolic Model Checking. Kluwer Academic Publishers, Norwell, MA, USAGoogle Scholar
  16. 16.
    nuSMV (1999) NuSMV examples: the collection. http://nusmv.irst.itc.it/examples/examples.htmlGoogle Scholar
  17. 17.
    Preibusch S (2006) http://preibusch.de/projects/TWIN/Google Scholar
  18. 18.
    ThyssenKrupp (2005) Safe distance – Four-level safety concept. http://twin-elevator.com/Safe_distance.353.0.html?L=1Google Scholar
  19. 19.
    ThyssenKrupp (2005) Higher performance. http://twin-elevator.com/New_buildings.368.0.html?L=1Google Scholar
  20. 20.
    Uppsala University, Department of Information Technology (2006) UPPAAL. http://www.uppaal.com/Google Scholar

Copyright information

© Springer-Verlag 2007

Authors and Affiliations

  1. 1.Technische Universität BerlinBerlinGermany
  2. 2.German Institute for Economic Research (DIW Berlin)BerlinGermany

Personalised recommendations