Show simple item record

dc.contributor.advisor Johnson, Steven D. en
dc.contributor.author Pike, Lee en
dc.date.accessioned 2010-06-01T21:57:04Z en
dc.date.available 2027-02-01T22:57:05Z en
dc.date.available 2010-06-09T15:00:57Z
dc.date.issued 2010-06-01T21:57:04Z en
dc.date.submitted 2006 en
dc.identifier.uri http://hdl.handle.net/2022/7310 en
dc.description Thesis (PhD) - Indiana University, Computer Sciences, 2006 en
dc.description.abstract Fault-tolerant real-time distributed control systems are being developed for next-generation aircraft and automobiles. They employ numerous complex protocols; because their uses are safety-critical, the design and implementation of these protocols must be error-free. The following modeling considerations make the formal verification of these protocols difficult: faults, real-time constraints, distributed control, nonfunctional behavioral requirements, and intricate protocol interactions. We describe a methodology for the formal verification of time-triggered systems, a class of synchronized fault-tolerant control and communication architectures. The methodology centers around the distinct timing assumptions made in time-triggered systems. First, we describe a set of abstractions for specifying time-triggered protocols in an untimed synchronous model of computation that is particularly well-suited for mechanical theorem-proving. The abstractions systematically abstract faults, data, communication, and fault-masking. An untimed synchronous specification simplifies the specification and verification overhead, but a large semantic gap exists between the timing characteristics of an untimed protocol specification and its implementation. We therefore extend previous work to formally demonstrate via mechanical theorem-proving that under certain assumptions, a simulation exists between a time-triggered implementation of a protocol and its untimed synchronous specification. We then use a combination of bounded model-checking and automated solvers to verify that realized protocol schedules satisfy the necessary time-triggered assumptions. Finally, some protocols do not satisfy the time-triggered model constraints due to the fact they execute when the system is unsynchronized, such as during startup or restart. We also use bounded model-checking and automated solvers to verify explicit real-time models of such protocols. The methodology is demonstrated by verifying NASA Langley's SPIDER fly-by-wire bus architecture. en
dc.language.iso EN en
dc.publisher [Bloomington, Ind.] : Indiana University en
dc.rights This work is licensed under the Creative Commons Attribution 3.0 Unported License. en
dc.rights.uri http://creativecommons.org/licenses/by/3.0/ en
dc.subject.classification Computer Science en
dc.title Formal Verification of Time-Triggered Systems en
dc.type Doctoral Dissertation en


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search IUScholarWorks


Advanced Search

Browse

My Account

Statistics