タイムペトリネットを用いた踏切制御プログラムの形式的検証

抄録

In order to specify and verify real-time systems, formal languages for reasoning about quantitative timing properties are necessary. We have developed a model checking algorithm for the verification of real-time systems, where the given real-time system is modelled by a time Petri net, and properties to be verified are expressed by a real-time logic.
In this paper, we verify a railway crossing controller as a case study of verification with this method. The railway crossing controller as well as trains, a crossing gate and so on are modelled by time Petri nets. Two properties: (1) that the crossing gate completely shuts down 15 seconds before train reaches to the crossing, and (2) that the crossing gate never rises as long as the train is in the warning zone, are expressed by a real-time logic. The verifier has found a bug in the control program given first, and shown that the two properties hold henceforth in the modified control program.