Abstract
In thisarticle, the design, modeling and validation of embedded systemsis examined. There exist commercial tools for the developmentof control- or data-flow dominated systems, e.g.STATEMATE for control dominated systems and MATLAB for data-flowdominated systems, but there are problems to describe mixed systems.The system is split in a control and a transformation part. Thecontrol part is described with the graphical language ARGOS,the transformation part with the data-flow language LUSTRE. Integrationis done based on their common synchronous architecture. The designprocess is shown in a case study on an industrial application,the automatic headlight leveling system. A validation strategyaccording to the separation of the system is shown. Safety propertiesof the control part are proved with model checking, functionalcorrectness is shown in two steps by simulation and hardwarein the loop simulation.
Similar content being viewed by others
References
A. Benveniste and G. Berry. The synchronous approach to reactive and real-time systems. Proceedings of the IEEE, 79(9):1270–1282, September 1991.
R. Budde and A. Merceron. A generator of boolean acceptors for safety properties. To appear.
R. Budde, A. Merceron, and K.-H. Sylla. Formal verification as a design tool—the transponder lock example. In 15th International Conference on Computer Safety, Reliability and Security, October 1996.
Reinhard Budde. se the design and programming language embedded eifel (se version 1.1). Technical report, GMD-SET-EES, Schloß Birlinghoven, St. Augustin, April 1998.
J. R. Burch, E. M. Clarke, and K. L. McMillan. Symbolic model checking 1020 and beyond. Information and Computation, 98:142–170, 1992.
E. M. Clarke, E. A. Emerson, and A. P. Sistla. Automatic verification of finite-state concurrent systems using temporal logic specifications: A practical approach. In Conference record of the 10th ACM Symposium on Principles of Programming Languages (POPL), Austin, TX, 1983, pages 117–126.
E. Pärt-Enander and A. Sj7#x00F6;berg. The MATLAB 5 Handbook. Addison-Wesley, 1999.
N. Halbwachs, P. Caspi, P. Raymond, and D. Pilaud. The synchronous data flow programming language lustre. Proceedings of the IEEE, 79(9):1305–1319, September 1991.
N. Halbwachs, J.-C. Fernandez, and A. Bouajjanni. An executable temporal logic to express safety properties and its connection with the language lustre. In Sixth International Symp. on Lucid and Intensional Programming, ISLIP' 93, April 1993.
N. Halbwachs, F. Lagnier, and P. Raymond. Synchronous observers and the verification of reactive systems. In T. Rus, G. Scollo, M. Nivat, and C. Rattray, editors, Third Int. Conf. on Algebraic Methodology and Software Technology, AMAST 93, Twente, June 1993. Workshop in Computing, Springer Verlag.
N. Halbwachs. Synchronous Programming of Reactive Systems. Kluwer Academic Press, 1993.
N. Halbwachs, F. Lagnier, and C. Ratel. Programming and verifying real-time systems by means of the synchronous data-flow language LUSTRE. IEEE Transactions on Software Engineering, 18(9):785–793, September 1992.
D. Harel. Statecharts: Avisual formalism for complex system. Science of Computer Programming, 8(3): 231–274, 1987.
D. Harel, H. Lachover, A. Naamad, A. Pnueli, M. Politiand, R. Sherman, and A. Shtull-Trauring. Statemate: a working environment for the development of complex reactive systems. IEEE Transactions on Software Engineering, 16(4):403–413, April 1990.
D. Harel and A. Pnueli. On the development of reactive systems. In K. R. Apt, editor, Logics and Models of Concurrent Systems, Springer, New York, 1985, pages 477–498.
L. Holenderski and A. Poigne. Synchronie workbench light. http://set.gmd.de/SET/ees_f.html, 1997.
W.-H. Hucho. Zweimal leuchtweitenregelung. Automobil Revue, 22:47–49, Mai 1992.
L. J. Jagadeesan, C. Puchol, and J. E. Von Olnhausen. Safety property verification of reactive systems. In P. Wolper, editor, Computer aided verification, in Lecture Notes in Computer Science, Springer Verlag, 1995, volume 939, pages 127–140.
S. M. MacMenamin and J. F. Palmer. Essential System Analysis. Prentice Hall, 1984.
Z. Manna and A. Pnueli. The Temporal Logic of Reactive and Concurrent Systems. Springer Verlag, 1991.
F. Maraninchi. Argonaute, graphical description, semantics and verification of reactive systems by using a process algebra. In Workshop on Automatic Verification Methods for Finite State Systems, LNCS 407, Springer Verlag, Grenoble, jun 1989.
F. Maraninchi. The argos language: Graphical representation of automata and description of reactive systems. In IEEE Workshop on Visual Languages, oct 1991.
K. L. McMillan. Symbolic Model Checking. Kluwer Academic Publishers, 1993.
S. J. Mellor and P. T. Ward. Structured Development for Real-Time Systems, Yourdon Press, 1985, volumes 1, 2, 3.
MSR. Final documentation of the project msr. Technical report, MSR, Mar 1996.
M. Muellerburg, L. Holenderski, O. Maffeis, A. Merceron, and M. Morley. Systematic testing and formal verification to validate reactive programs. Software Quality Journal, pages 287–307, 1995.
A. Poigne, M. Morley, O. Maffeis, L. Holenderski, and R. Budde. The synchronous approach to designing reactive systems. In Formal Methods in System Design. Kluwer Academic Publishers, 1996.
C. Ratel. Définition et réalisation d'un outil de vérification formelle de programmes Lustre: Le syséme Lesar. PhD thesis, Université Joseph Fourrier, Grenoble, June 1992.
C. Toop. Dynamische leuchtweiteregelung. Automobiltechnische Zeitschrift, 9, 1993.
M. Weber. Combining statecharts and Z for the design of safety-critical control systems. In Industrial Benefits and Advances in Formal Methods, LNCS, Springer Verlag, 1996, volume 1051, pages 307–326.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Gmehlich, R. Specification and Validation of Embedded Systems using LUSTRE and ARGOS. Case Study: The Automatic Headlight Leveling System. Design Automation for Embedded Systems 6, 151–175 (2001). https://doi.org/10.1023/A:1011237030847
Issue Date:
DOI: https://doi.org/10.1023/A:1011237030847