The formal modelling and verification method has become an effective way of improving the reliability and correctness of complex,safety-critical embedded systems.Statecharts are widely used to formally model embedded ...The formal modelling and verification method has become an effective way of improving the reliability and correctness of complex,safety-critical embedded systems.Statecharts are widely used to formally model embedded applications,but they do not realise the reasonable separation of system concerns,which would result in code scattering and tangling.Aspect-Oriented Software Development(AOSD)technology could separate crosscutting concerns from core concerns and identify potential problems in the early phase of the software development life cycle.Therefore,the paper proposes aspect-oriented timed statecharts(extended timed statecharts with AOSD)to separately model base functional requirements and other requirements(e.g.,scheduling,error handling),thereby improving the modularity and development efficiency of embedded systems.Furthermore,the dynamic behaviours of embedded systems are simulated and analysed to determine whether the model satisfies certain properties(e.g.,liveness,safety)described by computation tree logic formulae.Finally,a given case demonstrates some desired properties processed with respect to the aspect-oriented timed statecharts model.展开更多
在高铁线路故障情况下,为了支持高铁动车组在普速线路上运行,国铁集团组织研究了高铁动车组利用普速线迂回运行系统.该系统车地间无线通信拟采用的无线单向广播方案,在现有的列控系统中从未使用过,对其进行建模与验证研究具有重要意义....在高铁线路故障情况下,为了支持高铁动车组在普速线路上运行,国铁集团组织研究了高铁动车组利用普速线迂回运行系统.该系统车地间无线通信拟采用的无线单向广播方案,在现有的列控系统中从未使用过,对其进行建模与验证研究具有重要意义.通过分析CTCS-1级列控系统的总体技术规范,对无线广播通信场景进行详细设计和完善,采用SysML语言对场景建模,通过设计SysML-PRISM模型的转换规则将场景的SysML模型转换为概率模型,得到由信道模块、车站数据服务器(Station Data Server,SDS)模块、列车模块构成的无线广播通信场景概率模型,采用概率模型检验工具PRISM对场景的概率模型进行描述和验证.结果表明:场景设计合理、无线单向广播通信方式可行、SDS规定的优先发送报文的次数应该为2次或3次.本文中对无线广播通信场景的研究能提早发现系统技术方案中可能存在的问题,为相关研究提供参考.展开更多
The increasing complexity of digital systems makes designers begin to design using abstract system level modeling (SLM). However, SLM brings new challenges for verification engineers to guarantee the functional equi...The increasing complexity of digital systems makes designers begin to design using abstract system level modeling (SLM). However, SLM brings new challenges for verification engineers to guarantee the functional equivalence between SLM specifications and lower-level implementa- tions such as those of transaction level modeling (TLM). This paper proposes a novel method for equivalence checking be- tween SLM and TLM based on coverage directed simulation. Our method randomly simulates an SLM model and uses an satisfiability modulo theories (SMT) solver to generate stimuli for the uncovered area with the direction of a com- posite coverage metric (code coverage and functional cover- age). Then we run all the generated stimuli (random stimuli and direct stimuli) on both SLM and TLM designs. At the same time, the selected observation variables are compared to evaluate the equivalence between SLM and TLM. Promising experimental results show that our equivalence checking method is more efficient with lower simulation cost.展开更多
基金supported by the National Natural Science Foundation of China under GrantsNo.61173048,No.61103115
文摘The formal modelling and verification method has become an effective way of improving the reliability and correctness of complex,safety-critical embedded systems.Statecharts are widely used to formally model embedded applications,but they do not realise the reasonable separation of system concerns,which would result in code scattering and tangling.Aspect-Oriented Software Development(AOSD)technology could separate crosscutting concerns from core concerns and identify potential problems in the early phase of the software development life cycle.Therefore,the paper proposes aspect-oriented timed statecharts(extended timed statecharts with AOSD)to separately model base functional requirements and other requirements(e.g.,scheduling,error handling),thereby improving the modularity and development efficiency of embedded systems.Furthermore,the dynamic behaviours of embedded systems are simulated and analysed to determine whether the model satisfies certain properties(e.g.,liveness,safety)described by computation tree logic formulae.Finally,a given case demonstrates some desired properties processed with respect to the aspect-oriented timed statecharts model.
文摘在高铁线路故障情况下,为了支持高铁动车组在普速线路上运行,国铁集团组织研究了高铁动车组利用普速线迂回运行系统.该系统车地间无线通信拟采用的无线单向广播方案,在现有的列控系统中从未使用过,对其进行建模与验证研究具有重要意义.通过分析CTCS-1级列控系统的总体技术规范,对无线广播通信场景进行详细设计和完善,采用SysML语言对场景建模,通过设计SysML-PRISM模型的转换规则将场景的SysML模型转换为概率模型,得到由信道模块、车站数据服务器(Station Data Server,SDS)模块、列车模块构成的无线广播通信场景概率模型,采用概率模型检验工具PRISM对场景的概率模型进行描述和验证.结果表明:场景设计合理、无线单向广播通信方式可行、SDS规定的优先发送报文的次数应该为2次或3次.本文中对无线广播通信场景的研究能提早发现系统技术方案中可能存在的问题,为相关研究提供参考.
文摘The increasing complexity of digital systems makes designers begin to design using abstract system level modeling (SLM). However, SLM brings new challenges for verification engineers to guarantee the functional equivalence between SLM specifications and lower-level implementa- tions such as those of transaction level modeling (TLM). This paper proposes a novel method for equivalence checking be- tween SLM and TLM based on coverage directed simulation. Our method randomly simulates an SLM model and uses an satisfiability modulo theories (SMT) solver to generate stimuli for the uncovered area with the direction of a com- posite coverage metric (code coverage and functional cover- age). Then we run all the generated stimuli (random stimuli and direct stimuli) on both SLM and TLM designs. At the same time, the selected observation variables are compared to evaluate the equivalence between SLM and TLM. Promising experimental results show that our equivalence checking method is more efficient with lower simulation cost.
