Abstract
In a context of heightened safety requirements for safety-critical embedded systems and ever-increasing costs of verification and validation, we describe a fully automated, credible autocoding chain for control systems. This chain generates code, along with guarantees of high level functional properties, which cans be independently verified. The platform relies on domain specific knowledge and formal analysis methods to bridge the semantic gap between domain experts and code verification experts. First, a graphical dataflow language is extended with annotation symbols, enabling the control engineer to express high level properties of its control law within the framework of a familiar block-diagram language. A public-domain autocoder is enhanced not only to generate the code implementing the initial design, but also to carry high level properties down to annotations at the level of the code. Finally, using customized code analysis tools, certificates are generated, which guarantee the correctness of the annotations with respect to the code, and can be verified using existing static analysis tools. For now, we limit the conclusions to the bounded-input bounded-output characteristic of linear controllers, however the approach appears readily extendable to a broader array of properties and systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
Given a program statement S and a postcondition Q, wp(S, Q) is the weakest precondition on the initial state ensuring that execution of S terminates in a state satisfying Q.
- 3.
References
Clarke Jr, E.M., Grumberg, O., Peled, D.A.: Model Checking. MIT Press, Cambridge, MA, USA (1999)
De Moura, L.: Bjørner, N.: Z3: An efficient SMT solver. In: Proceedings of the Theory and Practice of Software, 14th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS’08/ETAPS’08, pp. 337–340. Springer, Berlin, Heidelberg (2008)
Moskewicz, M.W., Madigan, C.F., Zhao, Y., Zhang, L., Malik, S.: Chaff: Engineering an efficient SAT solver. In: Proceedings of the 38th Annual Design Automation Conference. DAC ’01, pp. 530–535. ACM, New York, NY, USA (2001)
Souyris, J.: Industrial experience of abstract interpretation-based static analyzers. In: Jacquart, R. (ed.) Building the Information Society, IFIP International Federation for Information Processing, vol. 156, pp. 393–400. Springer, US (2004). doi:10.1007/978-1-4020-8157-6_31
Feret, J.: Static analysis of digital filters. In: European Symposium on Programming (ESOP’04), no. 2986 in LNCS, pp. 33–48. Springer, Berlin (2004)
Feret, J.: Numerical abstract domains for digital filters. In: International workshop on Numerical and Symbolic Abstract Domains (NSAD) (2005)
Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., Rival, X.: The ASTRÉE analyzer. In: Proceedings of the 14th European Symposium on Programming, Lecture Notes in Computer Science, vol. 3444 (2005)
Monniaux, D.: Compositional analysis of floating-point linear numerical filters. In: CAV (2005)
Feron, E.: From control systems to control software. IEEE Control Syst. 30(6), 50–71 (2010)
Herencia-Zapana, H., Jobredeaux, R., Owre, S., Garoche, P.L., Feron, E., Perez, G., Ascariz, P.: Pvs linear algebra libraries for verification of control software algorithms in c/acsl. In: NASA Formal Methods, pp. 147–161 (2012)
Rinard, M.: Credible compilation. Techincal report, In: Proceedings of CC 2001: International Conference on Compiler Construction (1999)
Denney, E.: Certifying auto-generated flight code. http://shemesh.larc.nasa.gov/LFM2008/slides/Session3/Denney.ppt (2008)
Dieumegard, A.: Formal guarantees for safety critical code generation: the case of highly variable languages. Ph.D. thesis, INP Toulouse (2015)
Boyd, S., El Ghaoui, L., Feron, E., Balakrishnan, V.: Linear Matrix Inequalities in System and Control Theory, Studies in Applied Mathematics, vol. 15. SIAM, Philadelphia, PA (1994)
Megretski, A., Rantzer, A.: System analysis via integral quadratic constraints. IEEE Trans. Autom. Control 42(6), 819–830 (1997)
Berry, G., Gonthier, G., Gonthier, A.B.G., Laltte, P.S.: The esterel synchronous programming language: Design, semantics, implementation (1992)
Pakmehr, M., Wang, T., Jobredeaux, R., Vivies, M., Feron, E.: Verifiable control system development for gas turbine engines. CoRR abs/1311.1885 (2013)
Yakubovich, V.A.: The solution of certain matrix inequalities in automatic control theory. Soviet Math. Dokl 3, 620–623 (1962)
Nesterov, Y., Nemirovskii, A., Ye, Y.: Interior-point polynomial algorithms in convex programming, In: SIAM, vol. 13. (1994)
Bordin, M., Naks, T., Toom, A., Pantel, M.: Compilation of heterogeneous models: Motivations and challenges. In: ERTS. Société des Ingénieurs de l’Automobile, http://www.sia.fr (2012)
Izerrouken, N., Pantel, M., Thirioux, X.: Ssi Yan Kai, O.: Integrated formal approach for qualified critical embedded code generator. Formal Methods for Industrial Critical Systems. Lecture Notes in Computer Science, vol. 5825, pp. 199–201. Springer, Berlin (2009)
Toom, A., Izerrouken, N., Naks, T., Pantel, M., Ssi-Yan-Kai, O.: Towards reliable code generation with an open tool: Evolutions of the gene-auto toolset. In: ERTS. Société des Ingénieurs de l’Automobile, http://www.sia.fr (2010)
Toom, A., Naks, T., Pantel, M., Gandriau, M., Wati, I.: Gene-auto–an automatic code generator for a safe subset of simulink-stateflow and Scicos. In: ERTS. Société des Ingénieurs de l’Automobile, http://www.sia.fr (2008)
Baudin, P., Filliâtre, J.C., Marché, C., Monate, B., Moy, Y., Prevosto, V.: ACSL: ANSI/ISO C Specification Language. http://frama-c.cea.fr/acsl.html (2008)
Whalen, M.W., Murugesan, A., Rayadurgam, S., Heimdahl, M.P.: Structuring simulink models for verification and reuse. In: Proceedings of the 6th International Workshop on Modeling in Software Engineering, pp. 19–24. ACM (2014)
Cuoq, P., Kirchner, F., Kosmatov, N., Prevosto, V., Signoles, J., Yakobowski, B.: Frama-c: A software analysis perspective. In: Proceedings of the 10th International Conference on Software Engineering and Formal Methods. SEFM’12, pp. 233–247. Springer, Berlin, Heidelberg (2012)
Scott, M.L.: Programming Language Pragmatics. Morgan Kaufmann Publishers Inc., San Francisco, CA, USA (2000)
Hoare, C.A.R.: An axiomatic basis for computer programming. Commun. ACM 12, 576–580 (1969)
Dijkstra, E.W.: Guarded commands, nondeterminacy and formal derivation of programs. Commun. ACM 18(8), 453–457 (1975)
Geneauto metamodel with verification annotations documentation. http://block-library.enseeiht.fr/html/Progress/geneautoAnnot.html
Jönsson, U.T.: A Lecture on the S-Procedure. Lecture Note at the Royal Institute of technology, Sweden (2001)
Owre, S., Shankar, N.: Theory interpretation in pvs. Techincal report, SRI International (2001)
Munoz, C.: Batch proving and proof scripting in pvs. NIA-NASA Langley. National Institute of Aerospace, Hampton, VA, Report NIA Report (2007)
Roux, P., Jobredeaux, R., Garoche, P.L., Feron, E.: A generic ellipsoid abstract domain for linear time invariant systems. In: HSCC, pp. 105–114 (2012)
Arthan, R., Martin, U., Oliva, P.: A hoare logic for linear systems. Formal Aspects Comput. 25(3), 345–363 (2013)
Goubault, E., Putot, S.: A zonotopic framework for functional abstractions. CoRR abs/0910.1763 (2009)
dof helicopter: http://www.quanser.com/Products/3dof_helicopter
Price Induction: DGEN 380 turbofan engine. http://www.price-induction.com/en (2013)
Acknowledgments
The authors would like to thank Pierre Roux for his contribution to the PVS-ellipsoid plugin, Gilberto Perez and Pablo Ascariz for their invaluable help on the PVS linear algebra library.
This chapter was prepared under support from NSF Grant CPS Medium 1135955 (CrAVES), CPS Synergy 1446758 (SORTIES), the Army Research Office under MURI W911NF-11-1-0046, the National Aeronautics and Space Administration under NASA Cooperative Agreement NNL09AA00A, activity 2736, the French Fond Unique Interministeriel 2011 project P, ITEA2 OPES, FNRAE project CAVALE, ANR INS project CAFEIN and ANR ASTRID project VORACE.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Wang, T. et al. (2016). From Design to Implementation: An Automated, Credible Autocoding Chain for Control Systems. In: Feron, E. (eds) Advances in Control System Technology for Aerospace Applications. Lecture Notes in Control and Information Sciences, vol 460. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-47694-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-662-47694-9_5
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-47693-2
Online ISBN: 978-3-662-47694-9
eBook Packages: EngineeringEngineering (R0)