An operational semantics for Stateflow

  • Grégoire HamonEmail author
  • John Rushby
Special section FASE'04/05


We present a formal operational semantics for Stateflow, the graphical Statecharts-like language of the Matlab/Simulink tool suite that is widely used in model-based development of embedded systems. Stateflow has many tricky features but our operational treatment yields a surprisingly simple semantics for the subset that is generally recommended for industrial applications. We have validated our semantics by developing an interpreter that allows us to compare its behavior against the Matlab simulator. We have used the semantics as a foundation for developing prototype tools for formal analysis of Stateflow designs.


Model Checker Operational Semantic Denotational Semantic Formal Tool Runtime Error 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 2.
    Anton, J., da Costa, P., Errington, L.: Formal synthesis of generators for embedded systems. Technical report, Kestrel Technology (2005)Google Scholar
  2. 2.
    Banphawatthanarak, C., Krogh, B.H., Butts, K.: Symbolic verification of executable control specifications. In: Proceedings of the 10th IEEE International Symposium on Computer Aided Control System Design, pp. 581–586. Kohala Coast—Island of Hawai’i, HI (1999)Google Scholar
  3. 3.
    Buck, D., Rau, A.: On modelling guidelines: Flowchart patterns for Stateflow. Softwaretechnik-Trends 21(2) (2001)Google Scholar
  4. 4.
    Caspi, P., Curic, A., Maignan, A., Sofronis, C., Tripakis, S.: Translating discrete-time Simulink to Lustre. In: 3rd International ACM Conference on Embedded Software, Lecture Notes in Computer Science, vol. 2855, pp. 84–99. Springer, Heidelberg (2003)Google Scholar
  5. 5.
    Ford: Structured analysis and design using Matlab/Simulink/Stateflow—modeling style guidelines. Technical. report, Ford Motor Company (1999). Available at Scholar
  6. 6.
    Gnesi S., Latella D. and Massink M. (2002). Modular semantics for a UML Statechart diagrams kernel and its extension to Multicharts and branching time model checking. J. Logic Algeb. Program. 51(1): 43–75 zbMATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Hamon, G.: A denotational semantics for Stateflow. In: EMSOFT 2005: Proceedings of the 5th ACM Workshop on Embedded Software, pp. 164–172. Association for Computing Machinery, Jersey City, NJ (2005)Google Scholar
  8. 8.
    Hamon, G., de Moura, L., Rushby, J.: Generating efficient test sets with a model checker. In: 2nd International Conference on Software Engineering and Formal Methods, pp. 261–270. IEEE Computer Society, Beijing, China (2004)Google Scholar
  9. 9.
    Hamon, G., de Moura, L., Rushby, J.: Automated test generation with SAL. Technical note, Computer Science Laboratory, SRI International, Menlo Park, CA Available at (2005)Google Scholar
  10. 10.
    Harel D. (1987). Statecharts: a visual formalism for complex systems. Sci. Comput. Program. 8(3): 231–274 zbMATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Lüttgen, G., von der Beeck, M., Cleaveland, R.: A compositional approach to Statecharts semantics. In: Rosenblum, D., (ed.) 8th International ACM Symposium on Foundations of Software Engineering, pp. 120–129. San Diego, Ca (2000)Google Scholar
  12. 12.
    The Mathworks: Stateflow and Stateflow Coder, User’s Guide, release 13sp1 edn. (2003). Available at http://www.mathworks. com/access/helpdesk/help/pdf_doc/stateflow/sf_ug.pdfGoogle Scholar
  13. 13.
    Mikk, E., Lakhnech, Y., Petersohn, C., Siegel, M.: On formal semantics of Statecharts as supported by Statemate. In: 2nd BCS-FACS Northern Formal Methods Workshop. BCS-EWIC (1997)Google Scholar
  14. 14.
    de Moura, L, Owre, S., Rueß, H., Rushby, J., Shankar, N., Sorea, M., Tiwari, A.: SAL 2. In: Alur, R., Peled, D.(eds.) Computer-aided verification, CAV ’2004, Lecture Notes in Computer Science, vol. 3114, pp. 496–500. Springer, Boston, MA SAL home page: (2004)Google Scholar
  15. 15.
    Plotkin, G.: A structural approach to operational semantics. Technical Report DAIMI-FN-19, Aarhus University (1981)Google Scholar
  16. 16.
    Scaife, N., Sofronis, C., Caspi, P., Tripakis, S., Maraninchi, F.: Defining and translating a “safe” subset of Simulink/Stateflow into Lustre. In: EMSOFT 2004: Proceedings of the Fourth ACM Workshop on Embedded Software, pp. 259–268. Pisa, Italy (2004)Google Scholar
  17. 17.
    Strachey, C., Wadsworth, C.P.: Continuations: A mathematical semantics for handling full jumps. Higher-Order Symbolic Comput. 13, 135–152 (2000), Originally published 1974Google Scholar
  18. 18.
    Tiwari A., Shankar N. and Rushby J. (2003). Invisible formal methods for embedded control systems. In:Proceedings of the IEEE 91(1): 29–39 CrossRefGoogle Scholar

Copyright information

© Springer-Verlag 2007

Authors and Affiliations

  1. 1.The MathWorksNatickUSA
  2. 2.Computer Science Laboratory, SRI InternationalMenlo ParkUSA

Personalised recommendations