Architectural Verification of Control Systems Using CSP

  • Joabe Jesus
  • Alexandre Mota
  • Augusto Sampaio
  • Luiz Grijo
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6991)


Although validation of complex dynamic systems can be realised using checklists and simulations provided by tools such as Simulink, these techniques usually do not cover all system behaviours. Moreover, the control laws are rarely modelled together with the system architecture. This integration can reveal defects which are only detected in final stages of the development. This work presents two major contributions: a strategy to validate the integration of a proposed architecture with control laws, based on the CSP process algebra; and the validation of a Fly-by-wire Elevator Control System designed by Embraer. The results show that the strategy helps finding defects in early stages of the development, saving time and costs.


Model Checker Parallel Composition Translation Rule Nominal Behaviour Block Library 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Holloway, C.M.: Why engineers should consider formal methods. In: Proceedings of the 16th AIAA/IEEE Digital Avionics Systems Conference, Irvine CA, vol. 1, pp. 1.3-16 – 1.3-22 (October 1997)Google Scholar
  2. 2.
    Certification Considerations for Highly-Integrated or Complex Aircraft Systems. Technical Report ARP4754, SAE International, Warrendale, PA (December 1999)Google Scholar
  3. 3.
    Bernard, R., Aubert, J., Bieber, P., Merlini, C., Metge, S.: Experiments in model-based safety analysis: flight controls. In: 1st IFAC workshop on Dependable Control of Discrete Systems (2007)Google Scholar
  4. 4.
    Bozzano, B., Villafiorita, A.: Improving system reliability via model checking: The fSAP/NuSMV-SA safety analysis platform. In: Anderson, S., Felici, M., Littlewood, B. (eds.) SAFECOMP 2003. LNCS, vol. 2788, pp. 49–62. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Camus, J.-L., Dion, B.: Efficient development of airborne software with Scade suite. Esterel Technologies (2003),
  6. 6.
    Silva, L., Sampaio, A., Barros, E.: A constructive approach to hardware/software partitioning. Form. Methods Syst. Des. 24(1), 45–90 (2004)CrossRefzbMATHGoogle Scholar
  7. 7.
    Roscoe, A.: The Theory and Practice of Concurrency. Prentice Hall PTR, Englewood Cliffs (1997)Google Scholar
  8. 8.
    The MathWorks Inc. Simulink User’s Guide (2008)Google Scholar
  9. 9.
    Pratt, R.: Flight Control Systems: Pratical Issues in Design and Implementation. The Institution of Electrical Engineers, UK (2000)Google Scholar
  10. 10.
    Zeyda, F., Cavalcanti, A.: Mechanised Translation of Control Law Diagrams into Circus. In: Leuschel, M., Wehrheim, H. (eds.) IFM 2009. LNCS, vol. 5423, pp. 151–166. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Chen, C., Dong, J.S.: Applying Timed Interval Calculus to Simulink Diagrams. In: Liu, Z., Kleinberg, R.D. (eds.) ICFEM 2006. LNCS, vol. 4260, pp. 74–93. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Jesus, J.: Designing and formal verification of fly-by-wire flight control systems. Master’s thesis, UFPE (2009),
  13. 13.
    Roscoe, A., Broadfoot, P.: Proving Security Protocols With Model Checkers by Data Independence Techniques (1999)Google Scholar
  14. 14.
    Grijo, L.: Architectures of Flight Control and Autopilot for Civil Aircraft. Master’s thesis, Aeronautical Institute of Technology, São José dos Campos (2004)Google Scholar
  15. 15.
    Halbwachs, N., Lagnier, F., Raymond, P.: Synchronous Observers and the Verification of Reactive Systems. In: Third Int. Conf. on Algebraic Methodology and Software Technology, AMAST 1993. Springer, Heidelberg (1993)Google Scholar
  16. 16.
    Lazic, R., Roscoe, A.: Data independence with generalised predicate symbols. In: PDPTA 1999, vol. I, pp. 319–325. CSREA Press (1999)Google Scholar
  17. 17.
    Farias, A., Mota, A., Sampaio, A.: Compositional Abstraction of CSPZ Processes. Journal of the Brazilian Computer Society 14(2) (June 2008)Google Scholar
  18. 18.
    Arthan, R.D., Caseley, P.: Colin O’Halloran, and A. Smith. ClawZ: Control Laws in Z. In: Proc. 3rd IEEE ICFEM 2000, York, pp. 169–176 (September 2000)Google Scholar
  19. 19.
    Meenakshi, B., Bhatnagar, A., Roy, S.: Tool for Translating Simulink Models into Input Language of a Model Checker. In: Liu, Z., Kleinberg, R.D. (eds.) ICFEM 2006. LNCS, vol. 4260, pp. 606–620. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  20. 20.
    Tripakis, S., Sofronis, C., Caspi, P., Curic, A.: Translating discrete-time Simulink to Lustre. ACM Trans. Embed. Comput. Syst. 4(4), 779–818 (2005)CrossRefGoogle Scholar
  21. 21.
    The MathWorks Inc. Simulink Validation and Verification 2 User’s Guide (2008)Google Scholar
  22. 22.
    Software considerations in airborne systems and equipment certification. DO 178B, RTCA Inc., Washington D.C. (December 1992)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Joabe Jesus
    • 1
  • Alexandre Mota
    • 1
  • Augusto Sampaio
    • 1
  • Luiz Grijo
    • 2
  1. 1.Centro de Informática - Universidade Federal de Pernambuco (UFPE)RecifeBrazil
  2. 2.Empresa Brasileira Aeronáutica (Embraer)São José dos CamposBrazil

Personalised recommendations