Abstract. Mathwork’s Stateflow is a predominant environment for mod-eling embedded and cyberphysical systems where control software inter-act with physical processes. We present Compare-Execute-Check-Engine (C2E2)—a verification tool for continuous and hybrid Stateflow models. It checks bounded time invariant properties of models with nonlinear dy-namics, and discrete transitions with guards and resets. C2E2 transforms the model, computing simulations using a validated numerical solver, and then computes reachtube over-approximations with increasing pre-cision. For this last step it uses annotations that have to be added to the model. These annotations are extensions of proof certificates studied in Control Theory and can be automatically o...
<p>Formal verification has previously been applied to chemical plant control and automation systems ...
Abstract. Hybrid systems with both discrete and continuous dynamics are an important model for real-...
A formalism is presented that is intended to combine ba-sic properties of both state-based and actio...
International audienceStateflow is a widely used modeling framework for embedded and cyberphysical s...
Simulations can help enhance confidence in system designs, but they provide almost no formal guarant...
State chart notations with ‘run to completion’ semantics are popular with engineers for designing co...
Simulink is widely used for model driven development (MDD) of industrial software systems. Typically...
With the recent advances in communication and computation technologies, integration of software into...
We are developing analysis and verification mechanisms for models com-posed of hierarchically specif...
Hybrid systems tightly integrate software-based discrete control systems and continuous physical phe...
In this paper, we present the first steps toward a runtime verification framework for monitoring hyb...
Autonomous systems are often safety-critical and are expected to work in uncertain environments. En...
We show how by combining Explicit Model Checking techniques and simulation it is possible to effecti...
Model checking has established itself as a successful tool supported technique for the verification ...
To test safety of autonomous vehicles, large corporations have raced to log millions of miles of tes...
<p>Formal verification has previously been applied to chemical plant control and automation systems ...
Abstract. Hybrid systems with both discrete and continuous dynamics are an important model for real-...
A formalism is presented that is intended to combine ba-sic properties of both state-based and actio...
International audienceStateflow is a widely used modeling framework for embedded and cyberphysical s...
Simulations can help enhance confidence in system designs, but they provide almost no formal guarant...
State chart notations with ‘run to completion’ semantics are popular with engineers for designing co...
Simulink is widely used for model driven development (MDD) of industrial software systems. Typically...
With the recent advances in communication and computation technologies, integration of software into...
We are developing analysis and verification mechanisms for models com-posed of hierarchically specif...
Hybrid systems tightly integrate software-based discrete control systems and continuous physical phe...
In this paper, we present the first steps toward a runtime verification framework for monitoring hyb...
Autonomous systems are often safety-critical and are expected to work in uncertain environments. En...
We show how by combining Explicit Model Checking techniques and simulation it is possible to effecti...
Model checking has established itself as a successful tool supported technique for the verification ...
To test safety of autonomous vehicles, large corporations have raced to log millions of miles of tes...
<p>Formal verification has previously been applied to chemical plant control and automation systems ...
Abstract. Hybrid systems with both discrete and continuous dynamics are an important model for real-...
A formalism is presented that is intended to combine ba-sic properties of both state-based and actio...