A verified production cell controller
  • Leszek Holenderski
Part of the Lecture Notes in Computer Science book series (LNCS, volume 891)


Our aim was to fully develop (i.e. specify, program and verify) a controller for the production cell simulator. We have specified and programmed the controller in Lustre, which is a declarative language for programming synchronous reactive systems. For verification we have used a symbolic model checker, called Lesar, which allows to automatically verify those Lustre programs which use only boolean data. Since the production cell controller could be written as such a program, we were able to automatically verify all safety requirements given in the task description for this case study. Using a declarative language allowed to develop the controller in a relatively easy way, and in a relatively short time.


Model Checker Output Channel Declarative Language Main Node Supply Input Signal 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    N. Halbwachs, Synchronous Programming of Reactive Systems, Kluwer Academic Publishers, 1993, 1–175.Google Scholar
  2. [2]
    P. Caspi, N. Halbwachs, D. Pilaud, J. A. Plaice, Lustre: a declarative language for programming synchronous systems, Proc. of the 14th Symposium on Principle of Programming Languages, München, Sep. 1987, 178–188.Google Scholar
  3. [3]
    N. Halbwachs, P. Caspi, P. Raymond, D. Pilaud, The Synchronous Data Flow Programming Language Lustre, IEEE Special Issue on Real Time Programming, Proceedings of the IEEE, 79(9), Sep. 1991, 1305–1320.Google Scholar
  4. [4]
    N. Halbwachs, A Tutorial of Lustre, Lustre distribution, available by anonymous ftp from as file /ftp/pub/LUSTRE/, Jan. 1993, 1–19Google Scholar
  5. [5]
    N. Halbwachs, F. Lagnier, C. Ratel, Programming and Verifying Real-Time Systems by Means of the Synchronous Data-Flow Language Lustre, IEEE Trans. on Software Eng., 18(9), Sep. 1992, 785–793.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1995

Authors and Affiliations

  • Leszek Holenderski
    • 1
  1. 1.GMD BirlinghovenGermany

Personalised recommendations