MOISE
/
Timed-Altarica-To-Fiacre-Translator
mirror of http://172.16.200.102/MOISE/Timed-Altarica-To-Fiacre-Translator.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
This project is a demonstrator tool, made by the MOISE project, that translates timed Altarica models into Fiacre models. Such translation allows to use model checkers such as Tina to prove properties. The project contains the translator tool.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
4.6 MiB
 
 
 
 
 
 
Tree: 18eb3f6047
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '18eb3f6047'
${ noResults }
Timed-Altarica-To-Fiacre-Tr.../doc/Rapport post-doc/main.toc

48 lines
4.2 KiB
Raw Blame History

\contentsline {chapter}{\numberline {1}Introduction}{3}{chapter.1}
\contentsline {section}{\numberline {1.1}Toward an automated model-based approach to system validation}{3}{section.1.1}
\contentsline {subsection}{\numberline {1.1.1}Classical safety analysis techniques: FTA and FMEA}{4}{subsection.1.1.1}
\contentsline {subsection}{\numberline {1.1.2}Modern safety analysis techniques: MBSE and MBSA}{5}{subsection.1.1.2}
\contentsline {section}{\numberline {1.2}Automated Evaluation of Safety Temporal Conditions}{5}{section.1.2}
\contentsline {chapter}{\numberline {2}State of the art}{7}{chapter.2}
\contentsline {section}{\numberline {2.1}Modelling languages for Safety Analysis}{7}{section.2.1}
\contentsline {section}{\numberline {2.2}Safety Assessment on Temporal Properties}{8}{section.2.2}
\contentsline {section}{\numberline {2.3}Model-checking approach to safety assessment}{9}{section.2.3}
\contentsline {subsection}{\numberline {2.3.1}Tina model-checker}{10}{subsection.2.3.1}
\contentsline {chapter}{\numberline {3}A Model-Checking Approach to Analyse Temporal Failure Propagation with AltaRica}{12}{chapter.3}
\contentsline {section}{\numberline {3.1}Model-Based Safety Analysis with AltaRica}{13}{section.3.1}
\contentsline {subsection}{\numberline {3.1.1}AltaRica language and versions}{13}{subsection.3.1.1}
\contentsline {subsection}{\numberline {3.1.2}AltaRica modelling}{13}{subsection.3.1.2}
\contentsline {subsection}{\numberline {3.1.3}Time AltaRica: Adding Timing Constraints to Events}{15}{subsection.3.1.3}
\contentsline {section}{\numberline {3.2}A Definition of Fiacre Using Examples}{16}{section.3.2}
\contentsline {section}{\numberline {3.3}Example of a Failure Detection and Isolation System}{18}{section.3.3}
\contentsline {subsubsection}{Safety model of the architecture without FDI}{19}{section*.2}
\contentsline {subsubsection}{Safety model of the architecture with FDI}{21}{section*.3}
\contentsline {section}{\numberline {3.4}Compilation of AltaRica and Experimental evaluation}{22}{section.3.4}
\contentsline {subsection}{\numberline {3.4.1}Empirical evaluation}{24}{subsection.3.4.1}
\contentsline {chapter}{\numberline {4}A Case Study: FDIR in a Satellite AOCS}{26}{chapter.4}
\contentsline {section}{\numberline {4.1}An Expression of Industrial Needs and Requirements}{27}{section.4.1}
\contentsline {section}{\numberline {4.2}AOCS Case Study}{27}{section.4.2}
\contentsline {subsection}{\numberline {4.2.1}Architecture description}{28}{subsection.4.2.1}
\contentsline {subsection}{\numberline {4.2.2}AOCS mode automaton}{28}{subsection.4.2.2}
\contentsline {subsubsection}{OFF mode}{31}{section*.5}
\contentsline {subsubsection}{Acquisition \& Safe mode (ASM)}{31}{section*.6}
\contentsline {subsubsection}{Attitude Control Mode (ACM)}{31}{section*.7}
\contentsline {subsubsection}{Collision Avoidance Manœuvre (CAM)}{32}{section*.8}
\contentsline {subsubsection}{Orbit Control Mode (OCM)}{32}{section*.9}
\contentsline {subsubsection}{Formation Control Mode (FCM)}{33}{section*.10}
\contentsline {subsubsection}{Equipment}{33}{section*.11}
\contentsline {section}{\numberline {4.3}Case study modelling}{36}{section.4.3}
\contentsline {subsection}{\numberline {4.3.1}AltaRica modelling process}{37}{subsection.4.3.1}
\contentsline {subsection}{\numberline {4.3.2}Details of the model}{37}{subsection.4.3.2}
\contentsline {subsection}{\numberline {4.3.3}Empirical evaluation}{38}{subsection.4.3.3}
\contentsline {chapter}{\numberline {5}Conclusions}{41}{chapter.5}
\contentsline {section}{\numberline {5.1}Future Work}{42}{section.5.1}
\contentsline {section}{\numberline {A.1}Interpretation of AltaRica in Fiacre}{47}{section.A.1}
\contentsline {section}{\numberline {A.2}Method and translation}{51}{section.A.2}
\contentsline {subsection}{\numberline {A.2.1}Time Petri Nets}{51}{subsection.A.2.1}
\contentsline {subsubsection}{States in a TPN}{51}{section*.17}
\contentsline {subsection}{\numberline {A.2.2}From AltaRica to Tina}{52}{subsection.A.2.2}
\contentsline {subsection}{\numberline {A.2.3}Factored model of ETGTS}{52}{subsection.A.2.3}
\contentsline {subsubsection}{Semantics of a ETGTS}{53}{section*.18}
\contentsline {subsubsection}{Translation}{54}{section*.19}
\contentsline {section}{\numberline {A.3}Command line}{54}{section.A.3}