LUSTRE: a declarative language for real-time programming
POPL '87 Proceedings of the 14th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
What's decidable about hybrid automata?
Journal of Computer and System Sciences
The AltaRica formalism for describing concurrent systems
Fundamenta Informaticae - Special issue prepared in tribute to Peter Ernst on the occasion of his retirement
Synchronous Programming of Reactive Systems
Synchronous Programming of Reactive Systems
TACAS '95 Proceedings of the First International Workshop on Tools and Algorithms for Construction and Analysis of Systems
HYTECH: The Cornell HYbrid TECHnology Tool
Hybrid Systems II
LICS '96 Proceedings of the 11th Annual IEEE Symposium on Logic in Computer Science
Languages and tools for hybrid systems design
Foundations and Trends in Electronic Design Automation
SpaceEx: scalable verification of hybrid systems
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
| Hi-index | 0.00 |
This paper presents how three kinds of automata can be used in a complementary way to progressively design and assess the Failure Detection Isolation and Recovery (FDIR) mechanisms of a satellite. AltaRica language and tools are chosen to investigate how discrete mode automata can be used to assess the overall system architecture against highest level safety and dependability requirements. SCADE language and tools are chosen to model and verify the software part of the FDIR with synchronous data flows. HyTech language and tools are used to validate the hypotheses about the physical behaviours of components thanks to hybrid automata. Each case tries to highlight the relevant safety objectives, the granularity of model sufficient for these safety and dependability objectives and the model tractability with the existing tools.