Automatic verification of a hydroelectric power plant
We analyze the specification of a hydroelectric power plant by ENEL (the Italian Electric Company). Our goal is to show that for the specification of the plant (its control system in particular) some given properties hold.
We were provided with an informal specification of the plant. From such informal specification we wrote a formal specification using the CCS/Meije process algebra formalism. We defined properties using μ- calculus. Automatic verification was carried out using model checking. This was done by translating our process algebra definitions (the model) and μ-calculus formulas into BDDs.
In this paper we present the informal specification of the plant, its formal specification, some of the properties we verified and experimental results.
KeywordsModel Check Boolean Function Boolean Variable Process Algebra Hydroelectric Power Plant
- [AB 84]D. Austry, G. Boudol, Algèbre de processus et synchronisation, Theoretical Computers Science, 1(30), 1984.Google Scholar
- [BCLMD 94]J.R. Burch, E.M. Clarke, D.E. Long, K.L. McMillan, D.L. Dill, Symbolic Model Checking for Sequential Circuit Verification, IEEE Trans. on Computer-Aided Design, Vol.13, N.4, pp. 401–424, Apr. 1994.Google Scholar
- [BCMDH 92]J.R. Burch, E.M. Clarke, K.L. McMillan, D.L. Dill, L.J. Hwang, Symbolic Model Checking: 10 20 states and beyond, Information and Computation, 98, (1992).Google Scholar
- [Bry 86]R. Bryant, Graph-Based Algorithms for Boolan Function Manipulation, IEEE Trans. on Computers, Vol.C-35, N.8, Aug. 1986.Google Scholar
- [BRB 90]K.S. Brace, R.L. Rudell, R.E. Bryant, Efficient Implementation of a BDD Package, 27th ACM/IEEE Design Automation Conference, 1995.Google Scholar
- [CGHJLMN 95]E.M. Clarke, O. Grumberg, H. Haraishi, S. Jha, D.E. Long, K.L. McMillan, L.A. Ness, Verification of the Futurebus+ Cache Coherence Protocol, Formal Methods in System Design, Vol.6, N.2, pp. 217–232, Mar. 1995.Google Scholar
- [CRB 94]O. Cherkaoui, N. Rico, A. Bernardi, Specification and Analysis of a Security Management System, FME 94, LNCS 873, Springer-Verlag.Google Scholar
- [DB 95]A. Dsouza, B. Bloom, Generating BDD Models for Process Algebra Terms, CAV 95, LNCS 939, Springer-Verlag.Google Scholar
- [EFT 91]R. Enders, T. Filkorn, D. Taubner, Generating BDDs for Symbolic Model Checking in CCS, Proceedings of CAV'91, Lecture Notes in Computer Science, 575, Springer-Verlag, 1991.Google Scholar
- [ENEL 92]ENEL, Descrizione informale di un caso di studio tratto dalle specifiche funzionali di un automatismo coordinatore delle manovre degli impianti idroelettrici, Centro di Ricerca in Automatica, Rapporto Interno, Febbraio 1992.Google Scholar
- [LP 94]S. Larosa, R. Pugliese, Using the specification language CCS/Meije for a case study: a Software Control System of a Hydroelectric Power Plant, Nota Interna B4–58, Istituto di Elaborazione delTInformazione-CNR, Pisa, 1994.Google Scholar
- [MIY 90]S. Minato, N. Ishiura, S. Yajima, Shared Binary Decision Diagram with Attributed Edges for Efficient Boolean Function Manipulation, 27th ACM/IEEE Design Automation Conference, 1995.Google Scholar
- [PT 95]R. Pugliese, E. Tronci, Automatic Verification of a Hydroelectric Power Plant, Research Report SI/RR-95/15, 1995.Google Scholar
- [dSV 89]R. de Simone, D. Vergamini, Aboard Auto, Rapports Techniques 111, INRIA, Sophia Antipolis, 1989.Google Scholar
- [Tro 95]E. Tronci, Hardware Verification, Boolean Logic Programming, Boolean Functional Programming, Proceedings of LICS 95, IEEE Computer Society.Google Scholar