Rajeev Alur
K. C. Shashidhar
ABSTRACT
Aimed at verifying safety properties and improving simulation coverage for hybrid systems models of embedded control software, we propose a technique that combines numerical simulation and symbolic methods for computing state-sets. We consider systems with linear dynamics described in the commercial modeling tool Simulink/Stateflow. Given an initial state x, and a discrete-time simulation trajectory, our method computes a set of initial states that are guaranteed to be equivalent to x, where two initial states are considered to be equivalent if the resulting simulation trajectories contain the same discrete components at each step of the simulation. We illustrate the benefits of our method on two case studies. One case study is a benchmark proposed in the literature for hybrid systems verification and another is a Simulink demo model from Mathworks.
- Simulink demos: http://www.mathworks.com/products/simulink/demos.html.Google Scholar
- Simulink models of hybrid systems benchmarks http://www.cse.unsw.edu.au/~ansgar/benchmark/.Google Scholar
- A. Agrawal, G. Simon, and G. Karsai. Semantic translation of Simulink/Stateflow models to hybrid automata using graph transformations. ENTCS, 109:43--56, 2004.Google ScholarCross Ref
- R. Alur, C. Courcoubetis, N. Halbwachs, T.A. Henzinger, P. Ho, X. Nicollin, A. Olivero, J. Sifakis, and S. Yovine. The algorithmic analysis of hybrid systems. Theoretical Computer Science, 138:3--34, 1995. Google ScholarDigital Library
- R. Alur, T. Dang, and F. Ivancic. Predicate abstraction for reachability analysis of hybrid systems. ACM Trans. on Embedded Computing Systems, 5(1):152--199, 2006. Google ScholarDigital Library
- R. Bagnara, P. M. Hill, and E. Zaffanella. The Parma Polyhedra Library: Toward a complete set of numerical abstractions for the analysis and verification of hardware and software systems. Science of Computer Programming, 2008. Google ScholarDigital Library
- C. Banphawatthanarak, B.H. Krogh, and K. Butts. Symbolic verification of executable control specifications. In Intl. Symp. on Computer Aided Control System Design, pages 581--586. IEEE, 1999.Google ScholarCross Ref
- BEACON Tester, Applied Dynamics International, http://www.adi.com/products_be_bss_te.htm.Google Scholar
- A. Chutinan and B.K. Krogh. Verification of polyhedral-invariant hybrid automata using polygonal flow pipe approximations. In HSCC, LNCS 1569, pages 76--90. Springer, 1999. Google ScholarDigital Library
- E.M. Clarke, A. Fehnker, Z. Han, B.H. Krogh, J. Ouaknine, O. Stursberg, and M. Theobald. Abstraction and counterexample-guided abstraction refinement in model checking of hybrid systems. Intl. Journ. on Foundations of Computer Science, 14(4):583--604, 2003.Google ScholarCross Ref
- A. Donzé and O. Maler. Systematic simulation using sensitivity analysis. In HSCC, LNCS 4416, pages 174--189. Springer, 2007. Google ScholarDigital Library
- A. Fehnker and F. Ivancic. Benchmarks for hybrid systems verification. In HSCC, LNCS 2993, pages 326--341. Springer, 2004.Google Scholar
- G. Frehse. Phaver: Algorithmic verification of hybrid systems past HyTech. In HSCC, LNCS 3414, pages 258--273. Springer, 2005. Google ScholarDigital Library
- A.A. Gadkari, A. Yeolekar, J. Suresh, S. Ramesh, S. Mohalik, and K.C. Shashidhar. AutoMOTGen: Automatic model oriented test generator for embedded control systems. In CAV, LNCS 5123, pages 204--208. Springer, 2008. Google ScholarDigital Library
- A. Girard and G.J. Pappas. Approximation metrics for discrete and continuous systems. IEEE Trans. on Automatic Control, 52(5):782--798, 2007.Google ScholarCross Ref
- A. Girard and G.J. Pappas. Verification using simulation. In HSCC, LNCS 3927, pages 272--286. Springer, 2006. Google ScholarDigital Library
- P. Godefroid, N. Klarlund, and K. Sen. DART: Directed automated random testing. In PLDI, pages 213--223. ACM, 2005. Google ScholarDigital Library
- N. Halbwachs, Y. Proy, and P. Raymond. Verification of linear hybrid systems by means of convex approximations. In SAS, LNCS 864, pages 223--237. Springer, 1994.Google Scholar
- G. Hamon. A denotational semantics for Stateflow. In EMSOFT, pages 164--172. ACM, 2005. Google ScholarDigital Library
- G. Hamon and J.M. Rushby. An operational semantics for stateflow. STTT, 9(5-6):447--456, 2007.Google ScholarDigital Library
- D. Harel. Statecharts: A visual formulation for complex systems. Science of Computer Programming, 8(3):231--274, 1987. Google ScholarDigital Library
- T.A. Henzinger, P. Ho, and H. Wong-Toi. HyTech: a model checker for hybrid systems. STTT, 1, 1997.Google Scholar
- A.A. Julius, G.E. Fainekos, M. Anand, I. Lee, and G.J. Pappas. Robust test generation and coverage for hybrid systems. In HSCC, LNCS 4416, pages 329--342. Springer, 2007. Google ScholarDigital Library
- A. Kurzhanski and P. Varaiya. Ellipsoidal techniques for reachability analysis. In HSCC, LNCS 1790, pages 202--214. Springer, 2000. Google ScholarDigital Library
- E.A. Lee. What's ahead for embedded software. IEEE Computer, pages 18--26, September 2000. Google ScholarDigital Library
- I. Mitchell and C. Tomlin. Level set methods for computation in hybrid systems. In HSCC, LNCS 1790, pages 310--323. Springer, 2000. Google ScholarDigital Library
- T. Nahhal and T. Dang. Coverage for continuous and hybrid systems. In CAV, LNCS 4590, pages 449--462. Springer, 2007. Google ScholarDigital Library
- Reactis, Reactive Systems, Inc., http://www.reactive-systems.com.Google Scholar
- S. Sankaranarayanan, T. Dang, and F. Ivancic. Symbolic model checking of hybrid systems using template polyhedra. In TACAS, LNCS 4963, pages 188--202. Springer, 2008. Google ScholarDigital Library
- S. Sastry, J. Sztipanovits, R. Bajcsy, and H. Gill. Modeling and design of embedded software. Proc. of the IEEE, 91(1), 2003.Google Scholar
- M. Satpathy, A. Yeolekar, and S. Ramesh. REDIRECT: Randomized directed testing for Simulink/Stateflow models. In EMSOFT (this proceedings). ACM, 2008. Google ScholarDigital Library
- Simulink Design Verifier, The Mathworks, Inc., http://www.mathworks.com/products/sldesignverifier.Google Scholar
- K. Sen, D. Marinov, and G. Agha. CUTE: a concolic unit testing engine for C. In FSE, pages 263--272. ACM, 2005. Google ScholarCross Ref
- Safety Test Builder, TNI-Software., http://www.tni-software.com/en/produits/safetytestbuilder.Google Scholar
- A. Tiwari. Abstractions for hybrid systems. Formal Methods in System Design, 32(1):57--83, 2008. Google ScholarDigital Library
- A. Tiwari. Formal semantics and analysis methods for Simulink Stateflow models. Technical report, SRI International, 2002.Google Scholar
- S. Tripakis, C. Sofronis, P. Caspi, and A. Curic. Translating discrete-time Simulink to Lustre. ACM Trans. on Embedded Computing Systems, 4(4):779--818, 2005. Google ScholarDigital Library
- T-VEC Tester, T-VEC Technologies, Inc., http://www.t-vec.com/solutions/simulink.php.Google Scholar
Index Terms
- Symbolic analysis for improving simulation coverage of Simulink/Stateflow models
Recommendations
A step towards verification and synthesis from simulink/stateflow models
HSCC '11: Proceedings of the 14th international conference on Hybrid systems: computation and controlThis paper describes a toolkit for synthesizing hybrid supervisory control systems starting from the popular Simulink/Stateflow modeling environment. The toolkit provides a systematic strategy for translating Simulink/Stateflow models to hybrid automata ...
Repository mining for changes in Simulink and Stateflow models
AbstractModel-Based Development (MBD) is widely used for embedded controls development, with MATLAB/Simulink/Stateflow being one of the most used development environments in the automotive industry. Simulink/Stateflow models are the primary design ...
Formal Analysis for Stateflow Diagrams
SSIRI-C '10: Proceedings of the 2010 Fourth International Conference on Secure Software Integration and Reliability Improvement CompanionStateflow has been widely used in industry to specify and simulate control systems. Unfortunately, the lack of formal descriptions of Stateflow and its limited verification capability become an obstacle to handle complex systems working in safety-...
Comments