Modeling and Validation of a Software Architecture for the Ariane-5 Launcher

  • Iulian Ober
  • Susanne Graf
  • David Lesens
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4037)


We present the modeling and validation experiments performed with the IFx validation toolset and with the UML profile developed within the IST Omega project, on a representative space vehicle control system: a model of the Ariane-5 flight software obtained by manual reverse engineering. The goal of the study is to verify functional and scheduling-related requirements under different task architecture assumptions. The study is also a proof of concept for the UML-based validation technique proposed in IFx.


Model Check Software Architecture Basic Cycle Mission Management Partial Order Reduction 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Arons, T., Hooman, J., Kugler, H., Pnueli, A., van der Zwaag, M.: Deductive verification of UML models in TLPVS. In: Baar, T., Strohmeier, A., Moreira, A., Mellor, S.J. (eds.) UML 2004. LNCS, vol. 3273, pp. 335–349. Springer, Heidelberg (2004)Google Scholar
  2. 2.
    Bianco, V.D., Lavazza, L., Mauri, M.: Model checking UML specifications of real time software. In: Proceedings of 8th International Conference on Engineering of Complex Computer Systems, IEEE, Los Alamitos (2002)Google Scholar
  3. 3.
    Bozga, M., Lesens, D., Mounier, L.: Model-Checking Ariane-5 Flight Program. In: Proceedings of FMICS 2001, Paris, France, Inria, pp. 211–227 (2001)Google Scholar
  4. 4.
    Bozga, M., Graf, S., Ober, I., Ober, I., Sifakis, J.: The IF toolset. In: SFM-2004:RT 4th Int. School on Formal Methods for the Design of Computer, Communication and Software Systems: Real Time, June 2004. LNCS (2004)Google Scholar
  5. 5.
    Damm, W., Josko, B., Pnueli, A., Votintseva, A.: Understanding UML: A formal semantics of concurrency and communication in real-time UML. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2002. LNCS, vol. 2852, Springer, Heidelberg (2003)Google Scholar
  6. 6.
    David, A., Möller, O., Yi, W.: Formal verification UML statecharts with real time extensions. In: Kutsche, R.-D., Weber, H. (eds.) ETAPS 2002 and FASE 2002. LNCS, vol. 2306, Springer, Heidelberg (2002)CrossRefGoogle Scholar
  7. 7.
    del Mar Gallardo, M., Merino, P., Pimentel, E.: Debugging UML designs with model checking. Journal of Object Technology 1(2), 101–117 (2002)CrossRefGoogle Scholar
  8. 8.
    Fernandez, J.-C., Garavel, H., Kerbrat, A., Mounier, L., Mateescu, R., Sighireanu, M.: CADP - a protocol validation and verification toolbox. In: Alur, R., Henzinger, T.A. (eds.) CAV 1996. LNCS, vol. 1102, Springer, Heidelberg (1996)Google Scholar
  9. 9.
    Fersman, E., Mokrushin, L., Pettersson, P., Yi, W.: Schedulability analysis using two clocks. In: Garavel, H., Hatcliff, J. (eds.) ETAPS 2003 and TACAS 2003. LNCS, vol. 2619, Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Graf, S., Ober, I., Ober, I.: Timed annotations in UML. Int. Journal on Software Tools for Technology Transfer, Springer, Heidelberg (in print, 2006) , Available on Springer On-line at:
  11. 11.
    Har’El, Z., Kurshan, R.P.: Software for Analysis of Coordination. In: Conference on System Science Engineering, Pergamon Press, Oxford (1988)Google Scholar
  12. 12.
    Holzmann, G.J.: The model-checker SPIN. IEEE Trans. on Software Engineering 23(5) (1999)Google Scholar
  13. 13.
    Knapp, A., Merz, S., Rauh, C.: Model checking timed UML state machines and collaborations. In: Damm, W., Olderog, E.-R. (eds.) FTRTFT 2002. LNCS, vol. 2469, Springer, Heidelberg (2002)CrossRefGoogle Scholar
  14. 14.
    Larsen, K.G., Petterson, P., Yi, W.: UPPAAL: Status & Developments. In: Grumberg, O. (ed.) CAV 1997. LNCS, vol. 1254, pp. 456–459. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  15. 15.
    Latella, D., Majzik, I., Massink, M.: Automatic verification of a behavioral subset of UML statechart diagrams using the SPiN model-checker. Formal Aspects of Computing (11) (1999)Google Scholar
  16. 16.
    Lilius, J., Paltor, I.P.: Formalizing UML state machines for model checking. In: France, R.B., Rumpe, B. (eds.) UML 1999. LNCS, vol. 1723, Springer, Heidelberg (1999)Google Scholar
  17. 17.
    Liu, C.L., Leyland, J.W.: Scheduling algorithms for multiprogramming in a hard real-time environment. JACM 20(1), 46–61 (1973)MathSciNetCrossRefMATHGoogle Scholar
  18. 18.
    Ober, I., Graf, S., Ober, I.: Validating timed UML models by simulation and verification. Int. Journal on Software Tools for Technology Transfer, Springer, Heidelberg (in print, 2006), Available on Springer On-line at:
  19. 19.
    SysML Partners. SysML specification v. 0.9 draft (10 jan. 2005), Available at:
  20. 20.
    Potop-Butucaru, D., Caillaud, B., Benveniste, A.: Concurrency in synchronous systems. In: Formal Methods in System Design 2005. LNCS, Springer, Heidelberg (2005)Google Scholar
  21. 21.
    Xie, F., Levin, V., Browne, J.C.: Model checking for an executable subset of UML. In: Proceedings of 16th IEEE International Conference on Automated Software Engineering (ASE 2001), IEEE, Los Alamitos (2001)Google Scholar
  22. 22.
    Yovine, S.: Kronos: A verification tool for real-time systems. Springer International Journal of Software Tools for Technology Transfer 1(1-2) (December 1997)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2006

Authors and Affiliations

  • Iulian Ober
    • 1
  • Susanne Graf
    • 2
  • David Lesens
    • 3
  1. 1.GRIMM/ISYCOM laboratory IUT-B 1 pl. BrassensToulouse UniversityBlagnacFrance
  2. 2.VERIMAGGièresFrance
  3. 3.EADS SPACE TransportationLes MureauxFrance

Personalised recommendations