Formal and Joint Verification of Control Programs and Supervision Interfaces for Socio-technical Systems Components

The Anaxagore Project (Bignon et al., 2013) provides a component-based design ow for reconfigurable socio-technical systems. Each component integrates a control program and a supervision interface and it has been validated by empirical testing. The purpose of this paper is the use of formal methods for the verification of the whole component control-command chain. Different component features (the control program, the supervision interface, the physical device) and the human tasks are modeled using timed automata. These timed automata are then checked by model checking (UPPAAL) with a set of safety and usability properties written in CTL. Our approach is presented through an industrial case study: the supervised control of a 2-way motorized valve. The results show that the use of formal techniques enables to successfully detect control program and supervision interface design errors.