Towards Modularized Verification of Distributed Time-Triggered Systems

  • Jewgenij Botaschanjan
  • Alexander Gruler
  • Alexander Harhurin
  • Leonid Kof
  • Maria Spichkova
  • David Trachtenherz
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4085)


The correctness of a system according to a given specification is essential, especially for safety-critical applications. One such typical application domain is the automotive sector, where more and more safety-critical functions are performed by largely software-based systems.

Verification techniques can guarantee correctness of the system. Although automotive systems are relatively small compared to other systems (e.g. business information systems) they are still too large for monolithic verification of the system as a whole.

Tackling this problem, we present an approach for modularized verification, aiming at time-triggered automotive systems. We show how the concept of tasks, as used in current automotive operating systems, can be modeled in a CASE tool, verified and deployed. This results in a development process facilitating verification of safety-critical, real-time systems at affordable cost.


Idle State Electronic Control Unit Scheduleability Analysis Case Tool Product Automaton 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    The MathWorks (May 18, 2006),
  2. 2.
    IBM Rational Rose Technical Developer (May 18, 2006),
  3. 3.
    AutoFocus (May 18, 2006),
  4. 4.
    FlexRay Consortium: FlexRay Communication System - Protocol Specification - Version 2.0 (2004)Google Scholar
  5. 5.
    OSEK/VDX: Time-Triggered Operating System - Specification 1.0 (May 18, 2006)Google Scholar
  6. 6.
    European Commission (DG Enterprise and DG Information Society): eSafety forum: Summary report 2003. Technical report, eSafety (2003)Google Scholar
  7. 7.
    Kopetz, H., Grünsteidl, G.: TTP — a protocol for fault-tolerant real-time systems. Computer 27(1), 14–23 (1994)CrossRefGoogle Scholar
  8. 8.
    VxWorks: A Realtime Operating System (RTOS) (May 18, 2006),
  9. 9.
    QNX: A Realtime Operating System (RTOS) (May 18, 2006),
  10. 10.
    OSEK/VDX (May18, 2006),
  11. 11.
  12. 12.
    TTCan: Time Triggered Communication on CAN (May 18, 2006),
  13. 13.
    FlexRay Consortium (May 18, 2006),
  14. 14.
    Botaschanjan, J., Kof, L., Kühnel, C., Spichkova, M.: Towards Verified Automotive Software. In: ICSE, SEAS Workshop, St. Louis, Missouri, USA (2005)Google Scholar
  15. 15.
    OSEK/VDX: Fault-Tolerant Communication - Specification 1.0 (May 18, 2006),
  16. 16.
    FlexRay Consortium: FlexRay Communication System - Bus Guardian Specification - Version 2.0 (2004)Google Scholar
  17. 17.
    FlexRay Consortium: FlexRay Communication System - Electrical Physical Layer Specification - Version 2.0 (2004)Google Scholar
  18. 18.
    Huber, F., Schätz, B., Einert, G.: Consistent Graphical Specification of Distributed Systems. In: Fitzgerald, J.S., Jones, C.B., Lucas, P. (eds.) FME 1997. LNCS, vol. 1313, pp. 122–141. Springer, Heidelberg (1997)Google Scholar
  19. 19.
    Verisoft Project (May 18, 2006),
  20. 20.
    Verisoft–Automotive Project (May 18, 2006),
  21. 21.
    Leinenbach, D., Paul, W., Petrova, E.: Towards the Formal Verification of a C0 Compiler. In: 3rd International Conference on SEFM, Koblenz, Germany, pp. 2–12 (2005)Google Scholar
  22. 22.
    The Motor Industry Software Reliability Association (MISRA): Guidelines for the Use of the C Language in Critical Systems. Motor Industry Research Association (MIRA), Ltd., UK (May 18, 2006)Google Scholar
  23. 23.
    AbsInt Angewandte Informatik GmbH. Worst-Case Execution Time Analyzers (May 18, 2006),
  24. 24.
    Pnueli, A., Siegel, M., Singerman, E.: Translation validation. In: Steffen, B. (ed.) TACAS 1998. LNCS, vol. 1384, pp. 151–166. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  25. 25.
    Cimatti, A., Clarke, E.M., Giunchiglia, E., Giunchiglia, F., Pistore, M., Roveri, M., Sebastiani, R., Tacchella, A.: NuSMV 2: An open source tool for symbolic model checking. In: Proceedings of CAV 2002, Copenhagen, Denmark (2002) 359–364CrossRefGoogle Scholar
  26. 26.
    Wimmel, G., Lötzbeyer, H., Pretschner, A., Slotosch, O.: Specification based test sequence generation with propositional logic. Journal of STVR: Special Issue on Specification Based Testing, 229–248 (2000)Google Scholar
  27. 27.
    Sifakis, J., Tripakis, S., Yovine, S.: Building models of real-time systems from application software. Proceedings of the IEEE 91(1), 100–111 (2003)CrossRefGoogle Scholar
  28. 28.
    Rushby, J.: Systematic formal verification for fault-tolerant time-triggered algorithms. In: Dependable Computing for Critical Applications—6, vol. 11, pp. 203–222. IEEE Computer Society, Los Alamitos (1997)Google Scholar
  29. 29.
    Henzinger, T.A., Horowitz, B., Kirsch, C.M.: Giotto: A time-triggered language for embedded programming. Proceedings of the IEEE 91, 84–99 (2003)CrossRefGoogle Scholar
  30. 30.
    Bauer, A., Romberg, J.: Model-Based Deployment in Automotive Embedded Software: From a High-Level View to Low-Level Implementations. In: Proceedings of MOMPES, satelite of ACSD 2004, Hamilton, Canada, pp. 93–106 (2004)Google Scholar
  31. 31.
    Henzinger, T.A., Kirsch, C.M., Majumdar, R., Matic, S.: Time-safety checking for embedded programs. In: EMSOFT 2002, pp. 76–92 (2002)Google Scholar
  32. 32.
    Braun, P., Broy, M., Cengarle, M.V., Philipps, J., Prenninger, W., Pretschner, A., Rappl, M., Sandner, R.: The automotive CASE, pp. 211–228. Wiley, Chichester (2003)Google Scholar
  33. 33.
    ASCET-SD (May 18, 2006),
  34. 34.
    Cadence Cierto VCC (May 18, 2006),

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Jewgenij Botaschanjan
    • 1
  • Alexander Gruler
    • 1
  • Alexander Harhurin
    • 1
  • Leonid Kof
    • 1
  • Maria Spichkova
    • 1
  • David Trachtenherz
    • 2
  1. 1.Institut für InformatikTU MünchenGarching bei MünchenGermany
  2. 2.BMW Group Research and TechnologyMünchenGermany

Personalised recommendations