Algunas mejoras concretas

This thesis is structured as follows:

• Chapter 2 presents the literature review and technical background regarding the main subjects for the development of the research presented in this thesis: formal methods and control systems. The literature review covers the trending towards the use of formal methods in industrial environments, the various uses of formal methods in software development, and current challenges to bring formal methods into a software development cycle regarding current safety-critical control applications.

• Chapter 3 presents the system abstraction methodology for dynamics recovery. Discrete SISO LTI models are proposed for the dynamical representation of the control system. An ad hoc fixed-point integer only data type is proposed. In this manner, the ad hoc data type only requires integer variables providing enough resolution to address the system dynamic simulation. The proposed abstraction methodology allows to portray a dynamic feedback control system without the need of floating-point or fixed-point data types, which makes it suitable for a model checker implementation. The abstraction methodology takes into account possible modelling errors and data type rounding errors, compensating for these inaccuracies so that the abstraction provides boundaries when reasoning about the original system. The output of this chapter is a novel dynamic system abstraction methodology suitable for model checking which provides safety guarantees regarding possible modelling errors.

• Chapter 4 presents the model checking approach to high level control system re- quirements verification. A design for verification approach is taken to create a set of

automata to enable the formal verification of high level control performance require- ments: maximum % overshoot, rise time, settling time, and steady state error. Using the abstraction methodology presented in Chapter 3 to recover the system dynamics, the automata design is driven by the necessity of expressing control requirements as properties for the model checker. In this manner the performance requirements verification problem is addressed as a property verification in model checking. The output of this chapter is a novel formal verification methodology for discrete feedback control systems.

• Chapter 5 presents the formal discrete PID controller design and verification framework. By combining the system abstraction methodology from Chapter 3 and the high level performance requirements verification framework from Chapter 4, the automata framework is extended to address the controller tuning problem. The model checker is systematically used to generate a set of controller gains which drive the system into meeting high level performance requirements. The output of this chapter is a novel formal design and verification methodology for discrete PID controllers.

• Chapter 6 presents the formal discrete PID gain scheduling design and verification framework. The framework is underpinned by the abstraction methodology from Chapter 3, together with the high level control performance requirements verifica- tion framework from Chapter 4, and the formal discrete PID controller design and verification framework from Chapter 5. By bringing together all these elements, the timed-automata framework is extended to address the gain scheduling problem. The model checking framework is systematically used to generate the control schedule which drive the system into meeting high level performance requirements in every operating point. The model checking framework provides a novel push-button ap- proach to design and verification of the schedule. The model checking framework also allows to perform coverage testing over the final schedule. In order to provide more information to the designer about possible behaviour of the system in case the controller switched gains in regions for which the tuning was not intended to operate.

• Finally, Chapter 7 presents the conclusions regarding the work presented in this thesis and the future work.

Literature Review and Technical

Background

2.1

Overview

Nowadays, embedded computer systems are widely used for control applications. The increase of computational power and the necessity of more complex control systems have made the verification for correctness and compliance with requirements a major part of the control systems development process [7]. In safety-critical applications where human lives are at stake, safety must always be a priority. The relationship of control systems and computer science has never been so close, the need to deliver safe and reliable computer- based controllers is a crucial growing activity in engineering. Formal methods and model checking can provide the means to improve the design, development, and verification of embedded control applications.

This chapter presents the literature review and technical background related to the work developed in this thesis. Section 2.2 presents a state of the art analysis regarding formal methods and model checking. The main applications of formal methods and model checking regarding software development and the recent advances in the area thanks to the increase of computational power were analysed. Also, how formal methods and model checking fit into an industrial development setting, the potential benefits from its application, and the current challenges to be addressed in order to fully exploit formal methods and model checking were analysed. This analysis was mainly focused on keeping in mind safety-critical control systems applications, which is the main area of interest in this work for the application of formal methods. Finally, Section 2.3 presents the necessary technical background to understand the type of systems under analysis in this thesis. Both the model checking

fundamentals and the selected type of control systems fundamentals are presented in order to cover the two main subjects of this work: formal methods and safety-critical dynamic control systems.