Abstract
The CLawZ toolset independently and automatically proves the correctness of code automatically generated by a commercial auto-code generator for the Simulink® modelling language. The use of formal methods is invisible to the user and it has been shown to lead to faster development of correct code. The CLawZ toolset has been continually developed and used for over a decade to prove the correctness of embedded real time safety critical software for Eurofighter Typhoon. The only requirement on the commercial auto-coder is that it provides traceability information between the signal wires in a Simulink® model and the program variables that implement them.
Similar content being viewed by others
Notes
Although model checking offers automated verification it suffers from the state space explosion problem that affects its scalability.
Ground_Velocity is not part of the PID example; it is from a different use of CLawZ that illustrates how unproven verification conditions can arise.
References
Abrial, J.: Modelling in Event-B: System and Software Engineering. Cambridge University Press, Cambridge (2010)
Arthan, R.D., Caseley, P., O’Halloran, C., Smith, A.: ClawZ: control laws in Z. In: ICFEM 2000, pp. 169–176 (2000)
Barnes, J.: High Integrity Ada, the Spark Approach. Addison Wesley, Reading (1997). ISBN 0-201-17517-7
Denney, E., Fischer, B.: A Verification-Driven Approach to Traceability and Documentation for Auto-Generated Mathematical Software (2009)
Filliâtre, J.-C., Marché, C.: Multi-prover verification of C programs. In: Formal Methods and Software Engineering, pp. 15–29 (2004)
Gordon, M.J.C., Melham, T.F. (eds.): Introduction to HOL: A Theorem Proving Environment for Higher Order Logic. Cambridge University Press, Cambridge (1993)
Hewitt, M.A., O’Halloran, C., Sennett, C.T.: Experiences with PiZA an animator for Z. In: zUM 1997, pp. 37–51 (1997)
Hoare, C.A.R.: An axiomatic basis for computer programming. Commun. ACM (1969)
ISO/IEC: SO/IEC 12207—information technology software life cycle processes. International Organization for Standardization/International Electrotechnical Commission (1995)
Knuth, D.E.: Literate Programming. Center for the Study of Language and Information—CSLI Lecture Notes, vol. 27. Stanford, California (1992). ISBN 0-937073-80-6
Littlewood, B.: On diversity, and the elusiveness of independence In: Computer Safety, Reliability and Security. LNCS, vol. 2434, pp. 485–504 (2002). ISBN 978-3-540-44157-1
Littlewood, B., Popov, P., Strigini, L., Shryane, N.: Modeling the effects of combining diverse software fault detection techniques. IEEE Trans. Softw. Eng. Arch. 26(12), 1157–1167 (2000). ISSN:0098-5589
Morgan, C.: Programming from Specifications. Prentice Hall Series in Computer Science (1990)
Murali, R., Ireland, A.: E-SPARK: Automated generation of provably correct code from formally verified designs. In: Proceedings of AVOCS’12, Bamberg (2012)
O’Halloran, C., Smith, A.: Verification of picture generated code. In: ASE 1999, pp. 127–136 (1999)
O’Halloran, C., Arthan, R.D., King, D.: Using a formal specification contractually. Form. Asp. Comput. 9(4), 349–358 (1997)
Powell, A., Murdoch, J., Tudor, N.: Modelling risk-benefit assumptions in technology substitution. In: Proceedings of the 2007 International Conference on Software Process (ICSP’07), pp. 295–306. Springer, Heidelberg (2007)
Toom, A., Naks, T., Pantel, M., Gandriau, M.: Indrawati: gene-auto—an automatic code generator for a safe subset of Simulink-stateflow and scicos. In: European Congress on Embedded Real-Time Software (ERTS), Toulouse (2008). http://www.sia.fr
Woodcock, J., Davies, J.: Using Z Specification, Refinement and Proof, 1st edn. Prentice Hall, New York (1996)
Acknowledgements
Many people have worked on CLawZ, or used it to verify code over the years. The main contributors to its success have been Mark Adams, Rob Arthan, Dan Boulton, Phil Clayton, Hazel Duncan, Alf Smith, Karen Stephenson, Mark Teasdale, Nick Tudor and Paul Whittaker. Thanks go to the referees for their constructive comments and patience.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
O’Halloran, C. Automated verification of code automatically generated from Simulink® . Autom Softw Eng 20, 237–264 (2013). https://doi.org/10.1007/s10515-012-0116-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10515-012-0116-5