Abstract
For hybrid systems, hybrid automata-based tools are capable of verification, while Matlab Simulink/Stateflow is proficient in simulation. We propose a co-verification procedure, in which the verification tool SpaceEx/PHAVer and simulation tool Matlab are integrated to analyze and verify hybrid systems. For the application of this procedure, a platform screen door system (PSDS, a subsystem of the subway control system), is modeled with hybrid automata and Simulink/Stateflow charts, respectively. The models of PSDS are simulated by Matlab and verified by SpaceEx/PHAVer. The simulation and verification results indicate that the sandwiched situation can be avoided under time interval conditions. We improve the model with four trains and four stations on a subway line and analyze the urgent control scenario for the safety distance requirement. In this paper, the Simulink/Stateflow model is a refinement of the SpaceEx/PHAVer model, which is closer to a final implementation. Moreover, the two models are complementary for some features (e.g.,visualization of simulation, correctness proving by verification), stressing different aspects of the overall system and permitting complementary analysis techniques, i.e., verification versus simulation. We conclude that this integration procedure is competent in verifying subway control systems.
























Similar content being viewed by others
References
Abrial, J.-R.: The B-book: Assigning Programs to Meanings. Cambridge University Press, Cambridge (2005)
Abrial, J.-R.: Modeling in Event-B: System and Software Engineering. Cambridge University Press, Cambridge (2010)
Abrial, J.-R., Lee, M., Neilson, D., Scharbach, P., SÃrensen, I.: The b-method. In: Proceedings of VDM, LNCS, vol. 552, pp. 398–405. Springer-Verlag, Berlin (1991)
Accellera Orgnization: Property specification language reference. http://www.eda.org/vfv/docs/psl_lrm-1.01.pdf (2003). Accessed 25 Apr 2003
Agrawal, A., Simon, G., Karsai, G.: Semantic translation of simulink/stateflow models to hybrid automata using graph transformations. Electron. Notes. Theor. Comput. Sci. 109, 43–56 (2004)
Alur, R., Courcoubetis, C., Henzinger, T., Ho, P.: Hybrid automata: an algorithmic approach to the specification and analysis of hybrid systems. In: Hybrid Systems, LNCS, vol. 736, pp. 209–229. Springer-Verlag, Berlin (1993)
Alur, R., Henzinger, T., Ho, P.: Automatic symbolic verification of embedded systems. IEEE Trans. Softw. Eng. 22(3), 181–201 (1996)
Asarin, E., Bournez, O., Dang, T., Maler, O.: Approximate reachability analysis of piecewise-linear dynamical systems. In: Proceedings of HSCC, LNCS, vol. 1790, pp. 20–31. Springer-Verlag, Berlin (2000)
Asarin, E., Dang, T., Maler, O., Testylier, R.: Using redundant constraints for refinement. In: Proceedings of ATVA, LNCS, vol. 6252, pp. 37–51. Springer-Verlag, Berlin (2010)
Bagnara, R., Ricci, E., Zaffanella, E., Hill, P.: Possibly not closed convex polyhedra and the parma polyhedra library. In: Proceedings of SAS, LNCS, vol. 2477, pp. 299–315. Springer-Verlag, Berlin (2002)
Bloem, R., Cimatti, A., Greimel, K., Hofferek, G., Könighofer, R., Roveri, M., Schuppan, V., Seeber, R.: Ratsy-a new requirements analysis tool with synthesis. In: Proceedings of CAV, pp. 425–429. Springer-Verlag, Berlin (2010)
Bonnett, C.: Practical Railway Engineering. Imperial College Press, London (2005)
ClearSy: http://www.clearsy.com/en/ (2011–2013). Accessed 1 July 2013
ClearSy: COPPILOT System. http://www.coppilot.fr/en/coppilot/ (2011–2013). Accessed 1 July 2013
ClearSy: Tools and applications at ClearSy. http://www.tools.clearsy.com (2011–2013). Accessed 21 Aug 2013
Doyen, L., Henzinger, T., Raskin, J.: Automatic rectangular refinement of affine hybrid systems. In: Proceedings of FORMATS, LNCS, vol. 3829, pp. 144–161. Springer-Verlag, Berlin (2005)
Ferrari, A., Fantechi, A., Magnani, G., Grasso, D., Tempestini, M.: The metrô rio case study. Sci. Comput. Program. 78(7), 828–842 (2012)
Frehse, G.: PHAVer: algorithmic verification of hybrid systems past HyTech. In: Proceedings of HSCC, LNCS, vol. 3414, pp. 258–273. Springer-Verlag, Berlin (2005)
Frehse, G.: Language Overview for PHAVer version 0.35. http://www.cs.ru.nl/~goranf/ (2006). Accessed 22 June 2006
Frehse, G.: PHAVer: algorithmic verification of hybrid systems past HyTech. Int. J. Softw. Tools. Technol. Transf. 10(3), 263–279 (2008)
Frehse, G., Le Guernic, C., Donzé, A., Cotton, S., Ray, R., Lebeltel, O., Ripado, R., Girard, A., Dang, T., Maler, O.: SpaceEx: scalable verification of hybrid systems. In: Proceedings of CAV, LNCS, vol. 6806, pp. 379–395. Springer-Verlag, Berlin (2011)
Girard, A., Le Guernic, C.: Zonotope/hyperplane intersection for hybrid systems reachability analysis. In: Proceedings of HSCC, LNCS, vol. 4981, pp. 215–228. Springer-Verlag, Berlin (2008)
Granlund, T., Ryde, K.: The GNU Multiple Precision Arithmetic Library Version 4 (2001)
Halbwachs, N., Proy, Y., Raymond, P.: Verification of linear hybrid systems by means of convex approximations. In: Proceedings of SAS, LNCS, vol. 864, pp. 223–237. Springer-Verlag, Berlin (1994)
Hamon, G.: A denotational semantics for stateflow. In: Proceedings of EMSOFT, pp. 164–172. ACM, New York (2005)
Hamon, G., Rushby, J.: An operational semantics for stateflow. Int. J. Softw. Tools. Technol. Transf. 9(5–6), 447–456 (2007)
Harel, D.: Statecharts: a visual formalism for complex systems. Sci. Comput. Program. 8(3), 231–274 (1987)
Harel, D., Naamad, A.: The statemate semantics of statecharts. ACM Trans. Softw. Eng. Methodol. 5(4), 293–333 (1996)
Henzinger, T., Ho, P., Wong-Toi, H.: Hytech: a model checker for hybrid systems. Int. J. Softw. Tools. Technol. Transf. 1(1–2), 110–122 (1997)
Henzinger, T., Kopke, P., Puri, A., Varaiya, P.: What’s decidable about hybrid automata? J. Comput. Syst. Sci. 57(1), 94–124 (1998)
Henzinger, T.A.: The theory of hybrid automata. In: Proceedings of LICS, pp. 278–292. IEEE Computer Society, Washington, D.C. (1996)
Jacky, J.: The Way of Z: Practical Programming with Formal Methods. Cambridge University Press, Cambridge (1996)
Jo H.-J., Hwang J.-G., Yong Y.-K.: Development of formal method application for ensuring safety in train control system. http://www.railway-research.org/IMG/pdf/o.3.4.2.3.pdf (2008)
Kurzhanski, A.B., Varaiya, P.: Ellipsoidal techniques for reachability analysis. In: Proceedings of HSCC, LNCS, vol. 1790, pp. 202–214. Springer-Verlag, Berlin (2000)
Le Guernic, C., Girard, A.: Reachability analysis of linear systems using support functions. Nonlinear Anal. Hybrid Syst. 4(2), 250–262 (2010)
Lecomte, T.: Safe and reliable metro platform screen doors control/command systems. In: Proceedings of FM, LNCS, vol. 5014, pp. 430–434. Springer-Verlag, Berlin (2008)
Lecomte, T.: Applying a formal method in industry: a 15-year trajectory. In: Proceedings of FMICS, LNCS, vol. 5825, pp. 26–34. Springer-Verlag, Berlin (2009)
Lynch, N.A., Vaandrager, F.W.: Forward and backward simulations, ii: timing-based systems. Inf. Comput. 128(1), 1–25 (1996)
Marrone, S., Nardone, R., Orazzo, A., Petrone, I., Velardi, L.: Improving verification process in driverless metro systems: the mbat project. In: Proceedings of ISoLA, LNCS, vol. 7610, pp. 231–245. Springer-Verlag, Berlin (2012)
MBAT Consortium: ARTEMIS Project MBAT. http://www.mbat-artemis.eu (2011–2014). Accessed 1 July 2013
National Institute of Standards and Technology (NIST): Fire dynamics simulator and smokeview code. http://code.google.com/p/fds-smv/ (2012–2013). Accessed 5 Mar 2014
Nicollin, X., Olivero, A., Sifakis, J., Yovine, S.: An approach to the description and analysis of hybrid systems. In: Proceedings of Hybrid Systems, LNCS, vol. 736, pp. 149–178. Springer-Verlag, Berlin (1993)
Ober, I., Graf, S., Ober, I.: Validating timed uml models by simulation and verification. Int. J. Softw. Tools. Technol. Transf. 8(2), 128–145 (2006)
Pinto, A., Sangiovanni-Vincentelli, A.L., Carloni, L.P., Passerone, R.: Interchange formats for hybrid systems: review and proposal. Proc. HSCC LNCS 3414, 526–541 (2005)
Qu, L., Chow, W.: Platform screen doors on emergency evacuation in underground railway stations. Tunn. Undergr. Space Technol. 30, 1–9 (2012)
Roh, J.S., Ryou, H.S., Park, W.H., Jang, Y.J.: Cfd simulation and assessment of life safety in a subway train fire. Tunn. Undergr. Space Technol. 24(4), 447–453 (2009)
Su, W., Abrial, J.-R., Zhu, H.: Complementary methodologies for developing hybrid systems with event-b. In: Proceedings of ICFEM, LNCS, vol. 7635. Springer-Verlag, Berlin (2012)
Zhao, L., Tang, T., Cheng, R., He, L.: Property based requirements analysis for train control system. J. Comput. Inf. Syst. 9(3), 915–922 (2013)
Acknowledgments
We thank Goran Frehse for his insightful discussion on SpaceEx/PHAVer and hybrid systems. This work was partly supported by the Danish National Research Foundation and the National Natural Science Foundation of China (Grant No. 61361136002) for the Danish-Chinese Center for Cyber Physical Systems. And, also it was supported by National High Technology Research and Development Program of China (No. 2012AA011205), National Natural Science Foundation of China (No. 61321064 and No. 91118008), Shanghai STCSM Project (No. 12511504205), Shanghai Knowledge Service Platform Project (No. ZF1213) and Shanghai Minhang Talent Project.
Author information
Authors and Affiliations
Corresponding author
Appendix: Hybrid automata of train and urgent distance controller in SpaceEx
Appendix: Hybrid automata of train and urgent distance controller in SpaceEx
See Table 2.
Rights and permissions
About this article
Cite this article
Fang, H., Shi, J., Zhu, H. et al. Formal verification and simulation for platform screen doors and collision avoidance in subway control systems. Int J Softw Tools Technol Transfer 16, 339–361 (2014). https://doi.org/10.1007/s10009-014-0318-1
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10009-014-0318-1