Change-based causes in counterexample explanation for model checking

Polina Ovsiannikova, Antti Pakonen, Valeriy Vyatkin

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    15 Downloads (Pure)

    Abstract

    Formal verification by means of model checking avails in discovering design issues of safety systems at the early stages. However, a significant amount of time and effort is required to decipher its results and localize the failure, especially in complex logic. This work continues our previous study on the visual explanation of failure traces and introduces change-based causes. Additionally, inspired by the types of properties that revealed model failures in projects of VTT in the Finnish nuclear industry, we define a new form of explanation – a hybrid influence graph. The new approach was implemented in a tool called Oeritte and evaluated using two practical examples of failures in nuclear instrumentation and control systems.
    Original languageEnglish
    Title of host publicationIECON 2021 – 47th Annual Conference of the IEEE Industrial Electronics Society
    PublisherIEEE Institute of Electrical and Electronic Engineers
    Pages1-6
    Number of pages6
    ISBN (Electronic)978-1-6654-3554-3
    ISBN (Print)978-1-6654-0256-9
    DOIs
    Publication statusPublished - 16 Oct 2021
    MoE publication typeA4 Article in a conference publication
    Event47th Annual Conference of the IEEE Industrial Electronics Society, IECON 2021 - Virtual conference, Toronto, Canada
    Duration: 13 Oct 202116 Oct 2021
    https://ieeeiecon.org/

    Conference

    Conference47th Annual Conference of the IEEE Industrial Electronics Society, IECON 2021
    Country/TerritoryCanada
    CityToronto
    Period13/10/2116/10/21
    Internet address

    Keywords

    • counterexample explanation
    • user-friendly model checking
    • causality
    • function block diagrams

    Fingerprint

    Dive into the research topics of 'Change-based causes in counterexample explanation for model checking'. Together they form a unique fingerprint.

    Cite this