学术文献库

Dynamic formal verification is a key tool for providing ongoing confidence that a system is meeting its requirements while in use, especially when paired with static formal verification before the system is in use. This paper presents a workflow and Runtime Verification (RV) toolchain, Varanus, and their application to an industrial case study. Using the workflow we manually derive a Communicating Sequential Processes (CSP) model from natural-language safety requirements documents, which Varanus uses as the monitor oracle. This reuse of the model means that the monitor oracle does not have to be developed separately, risking inconsistencies between it and the model for static verification. The approach is demonstrated by the offline RV of a teleoperated manipulation system, called MASCOT, which enables remote operations inside the Joint European Torus (JET) fusion reactor. We describe our model of the MASCOT safety design documents (including how the modelling process revealed an underspecification in the design) and evaluate the Varanus toolchain's utility. The workflow and tool provide validation of the safety documents, traceability of the safety properties from the documentation to the system, and a verified oracle for RV.