Practical Use of Formal Verification for Safety Critical Cyber-Physical Systems: A Case Study

Cyber-Physical Systems (CPS) linking computing to physical systems are often used to monitor and controlsafety-critical processes, i.e. processes that bear the potential to cause significant damage or loss in the case of failures. While safety-critical systems have been extensively studied in both the discrete (computing) and analog (control) domains, the developed techniques apply to either one domain or the other. As cyber-physical systems span both domains, the focus on an individual domain leaves a gap on the systemlevel, where complex interactions between the domains can lead to failures that cannot be analyzed by considering only the physical orthe digital part of the integrated CPS. We discuss such a complex failure condition in a real-world brakecontrol system, and demonstrate its detection using a formalverification approach specifically targeting CPS.