Skip to main content
SpringerLink
Log in

Automated verification of code automatically generated from Simulink®

  • Published:
Automated Software Engineering Aims and scope Submit manuscript

Abstract

The CLawZ toolset independently and automatically proves the correctness of code automatically generated by a commercial auto-code generator for the Simulink® modelling language. The use of formal methods is invisible to the user and it has been shown to lead to faster development of correct code. The CLawZ toolset has been continually developed and used for over a decade to prove the correctness of embedded real time safety critical software for Eurofighter Typhoon. The only requirement on the commercial auto-coder is that it provides traceability information between the signal wires in a Simulink® model and the program variables that implement them.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22
Fig. 23

Similar content being viewed by others

Notes

  1. Although model checking offers automated verification it suffers from the state space explosion problem that affects its scalability.

  2. Ground_Velocity is not part of the PID example; it is from a different use of CLawZ that illustrates how unproven verification conditions can arise.

References

  • Abrial, J.: Modelling in Event-B: System and Software Engineering. Cambridge University Press, Cambridge (2010)

    Google Scholar 

  • Arthan, R.D., Caseley, P., O’Halloran, C., Smith, A.: ClawZ: control laws in Z. In: ICFEM 2000, pp. 169–176 (2000)

    Google Scholar 

  • Barnes, J.: High Integrity Ada, the Spark Approach. Addison Wesley, Reading (1997). ISBN 0-201-17517-7

    MATH  Google Scholar 

  • Denney, E., Fischer, B.: A Verification-Driven Approach to Traceability and Documentation for Auto-Generated Mathematical Software (2009)

  • Filliâtre, J.-C., Marché, C.: Multi-prover verification of C programs. In: Formal Methods and Software Engineering, pp. 15–29 (2004)

    Chapter  Google Scholar 

  • Gordon, M.J.C., Melham, T.F. (eds.): Introduction to HOL: A Theorem Proving Environment for Higher Order Logic. Cambridge University Press, Cambridge (1993)

    MATH  Google Scholar 

  • Hewitt, M.A., O’Halloran, C., Sennett, C.T.: Experiences with PiZA an animator for Z. In: zUM 1997, pp. 37–51 (1997)

    Google Scholar 

  • Hoare, C.A.R.: An axiomatic basis for computer programming. Commun. ACM (1969)

  • ISO/IEC: SO/IEC 12207—information technology software life cycle processes. International Organization for Standardization/International Electrotechnical Commission (1995)

  • Knuth, D.E.: Literate Programming. Center for the Study of Language and Information—CSLI Lecture Notes, vol. 27. Stanford, California (1992). ISBN 0-937073-80-6

  • Littlewood, B.: On diversity, and the elusiveness of independence In: Computer Safety, Reliability and Security. LNCS, vol. 2434, pp. 485–504 (2002). ISBN 978-3-540-44157-1

    Google Scholar 

  • Littlewood, B., Popov, P., Strigini, L., Shryane, N.: Modeling the effects of combining diverse software fault detection techniques. IEEE Trans. Softw. Eng. Arch. 26(12), 1157–1167 (2000). ISSN:0098-5589

    Article  Google Scholar 

  • Morgan, C.: Programming from Specifications. Prentice Hall Series in Computer Science (1990)

    MATH  Google Scholar 

  • Murali, R., Ireland, A.: E-SPARK: Automated generation of provably correct code from formally verified designs. In: Proceedings of AVOCS’12, Bamberg (2012)

    Google Scholar 

  • O’Halloran, C., Smith, A.: Verification of picture generated code. In: ASE 1999, pp. 127–136 (1999)

    Google Scholar 

  • O’Halloran, C., Arthan, R.D., King, D.: Using a formal specification contractually. Form. Asp. Comput. 9(4), 349–358 (1997)

    Article  Google Scholar 

  • Powell, A., Murdoch, J., Tudor, N.: Modelling risk-benefit assumptions in technology substitution. In: Proceedings of the 2007 International Conference on Software Process (ICSP’07), pp. 295–306. Springer, Heidelberg (2007)

    Google Scholar 

  • Toom, A., Naks, T., Pantel, M., Gandriau, M.: Indrawati: gene-auto—an automatic code generator for a safe subset of Simulink-stateflow and scicos. In: European Congress on Embedded Real-Time Software (ERTS), Toulouse (2008). http://www.sia.fr

    Google Scholar 

  • Woodcock, J., Davies, J.: Using Z Specification, Refinement and Proof, 1st edn. Prentice Hall, New York (1996)

    MATH  Google Scholar 

Download references

Acknowledgements

Many people have worked on CLawZ, or used it to verify code over the years. The main contributors to its success have been Mark Adams, Rob Arthan, Dan Boulton, Phil Clayton, Hazel Duncan, Alf Smith, Karen Stephenson, Mark Teasdale, Nick Tudor and Paul Whittaker. Thanks go to the referees for their constructive comments and patience.

Author information

Authors and Affiliations

  1. Oxford University, Oxford, UK

    Colin O’Halloran

Authors
  1. Colin O’Halloran
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Colin O’Halloran.

Rights and permissions

Reprints and permissions

About this article

Cite this article

O’Halloran, C. Automated verification of code automatically generated from Simulink® . Autom Softw Eng 20, 237–264 (2013). https://doi.org/10.1007/s10515-012-0116-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10515-012-0116-5

Keywords

Search

Navigation