Abstract
In this article, we present an approach to the ABZ 2020 case study that differs from those usually presented at ABZ: Rather than using a (correct-by-construction) approach following a formal method, we use C for a low-level implementation instead. We strictly adhere to test-driven development for validation, and only afterwards apply model checking using CBMC for verification. While the approach has several benefits compared to the more rigorous approaches, it also provides less mathematical clarity and overall less thorough verification. In consequence, our realization of the ABZ case study serves as a baseline reference for comparison, allowing to assess the benefit provided by the various formal modeling languages, methods and tools.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
References
Abrial, J.R.: The B-Book: Assigning Programs to Meanings. Cambridge University Press, New York (1996)
Abrial, J.R.: Modeling in Event-B: System and Software Engineering. Cambridge University Press, New York (2010)
Arcaini, P., Gargantini, A., Riccobene, E., Scandurra, P.: A model-driven process for engineering a toolset for a formal method. Softw. Pract. Exp. 41(2), 155–166 (2011)
Arcaini, P., Bonfanti, S., Gargantini, A., Riccobene, E., Scandurra, P.: Modelling an automotive software-intensive system with adaptive features using ASMETA. In: Raschke, A., Méry, D., Houdek, F. (eds.) Proceedings ABZ, pp. 302–317. Springer, Cham (2020)
Bagnara, R., Bagnara, A., Hill, P.M.: The MISRA C coding standard and its role in the development and analysis of safety- and security-critical embedded software. In: Podelski, A. (ed.) Proceedings Static Analysis, pp. 5–23. Springer, Cham (2018)
Baumeister, H.: Combining Formal Specifications with Test Driven Development. Proceedings XP/Agile Universe, LNCS, vol. 3134. Springer, Berlin (2004)
Beck, K.: Test-Driven Development: By Example. Kent Beck Signature Book, Addison-Wesley (2003)
Biere, A., Cimatti, A., Clarke, E., Zhu, Y.: Symbolic model checking without BDDs. In: Proceedings TACAS, LNCS, vol. 1579, pp. 193–207. Springer, Berlin (1999)
Boogerd, C., Moonen, L.: Assessing the value of coding standards: an empirical study. In: Proceedings ICSM, pp. 277–286. IEEE, New York (2008)
Börger, E., Gargantini, A., et al.: Proceedings ASM, vol. 2589. Springer, Berlin (2003)
Bowen, J.P., Hinchey, M.G.: Seven more myths of formal methods. IEEE Softw. 12(4), 34–41 (1995)
Brookes, T.M., Fitzgerald, J.S., Larsen, P.G.: Formal and informal specifications of a secure system component: final results in a comparative study. In: Gaudel, M., Woodcock, J. (eds.) FME ’96: Industrial Benefit and Advances in Formal Methods, Third International Symposium of Formal Methods Europe, Co-Sponsored by IFIP WG 14.3, Oxford, UK, March 18–22, 1996, Proceedings, vol. 1051, pp. 214–227. Springer, Berlin (1996)
Buse, R.P., Weimer, W.R.: Learning a metric for code readability. IEEE Trans. Softw. Eng. 36(4), 546–558 (2010)
Cadar, C., Dunbar, D., Engler, D.R., et al.: KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs. In: Proceedings OSDI, vol. 8, pp. 209–224. USENIX Association (2008)
Chalupa, M., Vitovská, M., Strejček, J.: Symbiotic 5: boosted instrumentation. In: Proceedings TACAS, LNCS, vol. 10806, pp. 442–446. Springer, Berlin (2018)
Chen, M., Ravn, A.P., Wang, S., Yang, M., Zhan, N.: A two-way path between formal and informal design of embedded systems. In: Proceedings UTP, LNCS, vol. 10134, pp. 65–92. Springer, Berlin (2017)
Clarke, E., Kroening, D., Yorav, K.: Behavioral consistency of C and verilog programs using bounded model checking. In: Proceedings DAC, pp. 368–371. IEEE, New York (2003)
Clarke, E., Kroening, D., Lerda, F.: A tool for checking ANSI-C programs. In: Proceedings TACAS, LNCS, vol. 2988, pp. 168–176. Springer, Berlin (2004)
Clements, P., Northrop, L.: Software Product Lines. Addison-Wesley, Boston (2002)
Cunha, A., Macedo, N., Liu, C.: Validating multiple variants of an automotive light system with electrum. In: Raschke, A., Méry, D., Houdek, F. (eds.) Proceedings ABZ, pp. 318–334. Springer, Cham (2020)
Fathy, H.K., Filipi, Z.S., Hagena, J., Stein, J.L.: Review of hardware-in-the-loop simulation and its prospects in the automotive area. In: Modeling and Simulation for Military Applications, vol. 6228. SPIE, Bellingham (2006)
Fitzgerald, J.S., Brookes, T.M., Green, M.A., Larsen, P.G.: Formal and informal specifications of a secure system component: first results in a comparative study. In: Naftalin, M., Denvir, B.T., Bertran, M. (eds.) FME ’94: Industrial Benefit of Formal Methods, Second International Symposium of Formal Methods Europe, Barcelona, Spain, October 24–18, 1994. Proceedings, Lecture Notes in Computer Science, vol. 873, pp. 35–44. Springer, Berlin (1994)
General Specification of Basic Software Modules. AUTOSAR, Munich (2019)
Hall, A.: Seven myths of formal methods. IEEE Softw. 7(5), 11–19 (1990)
Hansen, D., Ladenberger, L., Wiegard, H., Bendisposto, J., Leuschel, M.: Validation of the ABZ landing gear system using ProB. In: ABZ 2014: The Landing Gear Case Study, CCIS, vol. 433, pp. 1–17. Springer, Berlin (2015)
Hansen, D., Leuschel, M., Schneider, D., Krings, S., Körner, P., Naulin, T., Nayeri, N., Skowron, F.: Using a formal B model at runtime in a demonstration of the ETCS hybrid level 3 concept with real trains. In: Proceedings ABZ, LNCS, vol. 10817, pp. 292–306. Springer, Berlin (2018)
Hatton, L.: Language subsetting in an industrial context: a comparison of MISRA C 1998 and MISRA C 2004. Inf. Softw. Technol. 49(5), 475–482 (1998)
Houdek, F., Raschke, A.: Adaptive Exterior Light and Speed Control System
ISO: Road Vehicles – Functional Safety (2011)
Jackson, D.: Software Abstractions: Logic, Language, and Analysis. MIT Press, Cambridge (2012)
Johnson, J., Lubo, S., Yedla, N., Aponte, J., Sharif, B.: An empirical study assessing source code readability in comprehension. In: Proceedings IEEE ICSME, pp. 513–523 (2019)
Käköla, T., Duenas, J.C.: Software Product Lines. Springer, Berlin (2006)
Körner, P., Bendisposto, J., Dunkelau, J., Krings, S., Leuschel, M.: Integrating formal specifications into applications: the ProB Java API. Form. Methods Syst. Des., 1–28 (2020)
Krings, S., Körner, P., Dunkelau, J., Rutenkolk, C.: A verified low-level implementation of the adaptive exterior light and speed control system. In: Raschke, A., Méry, D., Houdek, F. (eds.) Proceedings ABZ, pp. 382–397. Springer, Cham (2020)
Larsen, P.G., Fitzgerald, J.S., Brookes, T.M.: Applying formal specification in industry. IEEE Softw. 13(3), 48–56 (1996)
Leuschel, M., Mutz, M., Werth, M.: Modelling and validating an automotive system in classical B and event-B. In: Raschke, A., Méry, D., Houdek, F. (eds.) Proceedings ABZ, pp. 335–350. Springer, Cham (2020)
Macedo, N., Brunel, J., Chemouil, D., Cunha, A., Kuperberg, D.: Lightweight specification and analysis of dynamic systems with rich configurations. In: Proceedings ACM SIGSOFT, FSE 2016, pp. 373–383. Association for Computing Machinery, New York (2016)
Mammar, A., Frappier, M.: Modeling of a speed control system using event-B. In: Raschke, A., Méry, D., Houdek, F. (eds.) Proceedings ABZ, pp. 367–381. Springer, Cham (2020)
Mammar, A., Frappier, M., Laleau, R.: An event-B model of an automotive adaptive exterior light system. In: Raschke, A., Méry, D., Houdek, F. (eds.) Proceedings ABZ, pp. 351–366. Springer, Cham (2020)
MISRA C:2012 – Guidelines for the use of the C language in critical systems. MISRA (2013)
Short, M., Pont, M.J.: Assessment of high-integrity embedded automotive control systems using hardware in the loop simulation. J. Syst. Softw. 81(7), 1163–1183 (2008)
Vu, F., Hansen, D., Körner, P., Leuschel, M.: A multi-target code generator for high-level B. In: Proceedings IFM, pp. 456–473. Springer, Berlin (2019)
Yang, M., Zhan, N.: Combining Formal and Informal Methods in the Design of Spacecrafts. LNCS, vol. 9506, pp. 290–323. Springer, Berlin (2016)
Yuan, J., Shen, J., Abraham, J., Aziz, A.: On combining formal and informal verification. In: Proceedings CAV, LNCS, vol. 1254, pp. 376–387. Springer, Berlin (1997)
Funding
Open Access funding enabled and organized by Projekt DEAL.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
About this article
Cite this article
Krings, S., Körner, P., Dunkelau, J. et al. A verified low-level implementation and visualization of the adaptive exterior light and speed control system. Int J Softw Tools Technol Transfer 26, 403–419 (2024). https://doi.org/10.1007/s10009-024-00750-5
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10009-024-00750-5