Paths to Property Violation: A Structural Approach for Analyzing Counter-Examples

Author

Bochot, Thomas ; Virelizier, Pierre ; Waeselynck, Hèlène ; Wiels, Virginie

Author_Institution

Airbus Oper. SAS, Toulouse, France

fYear

2010

fDate

3-4 Nov. 2010

Firstpage

74

Lastpage

83

Abstract

At Airbus, flight control software is developed using SCADE formal models, from which 90% of the code can be generated. Having a formal design leaves open the possibility of introducing model checking techniques. But, from our analysis of cases extracted from real software, a key issue concerns the exploitation of counterexamples showing property violation. Understanding the causes of the violation is not trivial, and the (unique) counterexample returned by a model checker is not necessarily realistic from an operational viewpoint. To address this issue, we propose an automated structural analysis that identifies paths of the model that are activated by a counterexample over time. This analysis allows us to extract relevant information to explain the observed violation. It may also serve to guide the model checker toward the search for different counterexamples, exhibiting new path activation patterns.

Keywords

aerospace computing; program diagnostics; program verification; SCADE formal models; airbus; automated structural analysis; flight control software; formal design; model checker; model checking; property violation; structural approach; Analytical models; Atmospheric modeling; Computational modeling; Cost accounting; Input variables; Observers; Software; Analysis of counterexamples; SCADE models; structural paths;

fLanguage

English

Publisher

ieee

Conference_Titel

High-Assurance Systems Engineering (HASE), 2010 IEEE 12th International Symposium on

Conference_Location

San Jose, CA

ISSN

1530-2059

Print_ISBN

978-1-4244-9091-2

Electronic_ISBN

1530-2059

Type

conf

DOI

10.1109/HASE.2010.15

Filename

5634313