FASE 2011 - Formalizing and Operationalizing Industrial Standards
1. Formalizing and Operationalizing Industrial Standards
Dominik Dietrich Lutz Schr¨der
o Ewaryst Schulz
DFKI Bremen, Germany
ewaryst.schulz@dfki.de
International Conference on
Fundamental Approaches to Software Engineering
Saarbr¨cken, Germany
u
March 30 2011
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
2. Overview
The problem
Assure proper functioning of safety critical systems
Required functional properties of mechanical sub-components must
be satisfied
Our solution
Use engineering calculation methods
Formal language for engineering calculations
Architecture allowing efficient execution and formal verification
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
3. Outline
1 Motivation
2 The Industrial Standard EN 1591
3 The engineering calculation language EnCL
4 Formal verification of calculations
5 Integration into Hets framework
6 Conclusion
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
4. Reliable Mechanical Engineering
Principal motivation
Assure proper functioning of system, e.g., pipeline of chemical plant
Verification of functional properties of sub-components, e.g.,
flange connection withstands some given pressure
Some possible approaches
Formulating properties from first principles (mechanics, geometry)
→ level of abstraction not adequate
Instead: Relying on established practice in engineering
→ industrial standards, engineering calculations, e.g.,
standard for flange connections EN 1591
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
5. The Industrial Standard EN 1591
A standard for gasketed circular flange connections
Consists of applicability, nomenclature and calculation method
Assures impermeability and mechanical strength of the system
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
6. Calculation Method Parameter
The input parameters to the calculation method
Flange data, e.g., dimensions and material constants
Data for operating states such as pressure and temperature
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
7. Calculation Method Control Flow
Explicit back-jumps require
conditional loops
Evaluation order determined by
dependency in definitions
Piecewise function definitions
require conditionals
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
8. Calculation Method analyzed
The standard involves calculations using
√
Real arithmetic with real functions, e.g., cos, n
Special functions such as maximization
Requirements for formalizing the calculation method
Specify dependencies in arbitrary order
(subject to well-formedness requirements)
Imperative control flow
Schematic expressions
Observation: little control but a lot of dependencies
→ division into program part and dependency store
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
9. The Engineering Calculation
Language EnCL
The main building blocks
Terms over a {bool, real}-sorted Signature Σ with predefined part
Σpre = {������, cos, ...} and user-defined part Σuser = {c1 , c2 , ...}
Special term constructions
Predefined binders: e.g., solve(t = s, x)
convergence predicate in loop conditions: convergence(0.001, c)
Dependency stores are sets of dependencies c(x1 , ..., xn ) = t
Programs constructs
Assignment: c(x1 , ..., xn ) := t
Sequence: p1 ; ...; pn
Loop: repeat p until b
Conditional: case b : p
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
10. EnCL and Computer Algebra
Systems
Running EnCL program p with dependency store ������������
CAS provides many predefined Interpreter CAS
functions
start session
CAS supports dependency stores
CAS-interface send(������������)
evaluate terms
assign terms to constants ⎧ assign(c, t)
Send dependencies to the CAS
⎪ t′
run
⎨
.
.
.
Run program p program⎪ eval(u)
u′
⎩
The interpreter maintains dependency
store (in parallel to CAS)
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
11. A Small Example
Calculating a root of cos in EnCL using Newton’s Method
The EnCL specification Dependency Graph
x = 10 %(A)%
y = cos(x) %(B)% A
z = sin(x) %(C)% x
------------------------ B C
repeat y z
x := x + y/z %(D)%
until convergence(0.001, x) D
Behaves like
A;B;C;repeat x’:=x;D;B;C; until reldistLe(x, x’, 0.001)
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
12. EnCL Semantics
Σ-algebras with standard interpretation for predefined part Σpre
[[t]]������ ∈ R is the interpretation of t in the Σ-algebra ������
[[t]]������������ is the term t ′ after full substitution of t w.r.t. ������������
If ������ is a model of ������������ then [[[[t]]������������ ]]������ = [[t]]������
[[c(x1 , ..., xn ) := t]]������������ = ������������ [c(x1 , ..., xn ) = [[t]]������������ ]
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
13. Formal Verification
Correctness of calculations crucial for safety critical applications
The CAS cannot be fully trusted
However, results of the CAS can be formally verified
Mark selected subterms as verification points
Produce verification conditions
Use Hets to prove verification conditions
EnCL term semantics defined in HO-CASL,
i.e., axiomatization of Σpre
Checking solutions is easier than finding them
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
14. Verification Conditions: Example
EnCL program Insert verification point at solve
. CAS computes solve(t = s, x) in
. Dependency Store = ������������
. context ������������ and returns r
y := solve(t=s, x) Verification condition
.
.
⋀︀
. ������������ ⇒ solve(t = s, x) = r
Semantics of solve in HO-CASL
Translate to HO-CASL for proving
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
15. Integration of EnCL into Hets
The Hets Framework
HO-CASL
Higher Order Logic
EnCL
Specification Interpreter
Language
CAS Interface
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
16. Conclusion
Formal verification of functional properties of mechanical systems
Formal executable language for engineering calculations EnCL
Integration into Institution Framework
Implementation based on Hets Framework
Generic CAS interface in Hets instantiated for Mathematica,
Maple and Reduce
Support for uncertain numerical values
EnCL-formalization of calculation method from EN 1591
Future Work
Statement and proof of properties of calculation method
Partial instantiations of the standard ensuing simplification
Structuring of multiple calculation methods
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
17. Thank you for your attention.
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
19. Uncertainty
Some situations require dealing with uncertain numeric values
Input parameters up to an error value, e.g., 1.53 ± 0.01
CAS returns only approximation
Require tracking of uncertainty throughout the CAS session
→ Mathematica’s Numerical-Precision Tracking (NPT)
Adapt verification condition generation
→ replace numbers by intervals
Formalizing Industrial Standards German Research Center
D. Dietrich, L. Schr¨der, E. Schulz
o for Artificial Intelligence
