• Journal of KIISE:Software and Applications
• /
• v.31 no.6
• /
• pp.773-783
• /
• 2004

This paper presents a method for real-time verification of Statecharts. Statecharts has been widely used for real-time reactive systems, and supports two time models: synchronous and asynchronous. However, existing real-time verification methods for them are incompatible with the asynchronous time model or increase state space by introducing new variables to the target models. We solved these problems by extending existing model checking algorithms. The extended algorithms can be used with both time models of Statecharts because they consider time increasing transitions only. In addition, they do not increase target state space since they count those transitions internally without additional variables. We extended an existing model checker, NuSMV, based on the proposed algorithms and conducted some experiments to show their advantage.

• Journal of KIISE:Software and Applications
• /
• v.31 no.6
• /
• pp.750-759
• /
• 2004

The software of the nuclear power plant digital control system is a safety-critical system where many techniques must be applied to it in order to preserve safety in the whole system. Formal specifications especially allow the system to be clearly and completely specified in the early requirements specification phase therefore making it a trusted method for increasing safety. In this paper, we discuss the NuSCR, which is a qualified formal specification method for specifying nuclear power plant digital control system software requirements. To investigate the application of NuSCR, we introduce the experience of using NuSCR in formally specifying the plant protection system's software requirements, which is presently being developed at KNICS. Case study that shows that the formal specification approach NuSCR is very much qualified and specialized for the nuclear domain is also shown.

• Journal of KIISE:Software and Applications
• /
• v.27 no.3
• /
• pp.210-216
• /
• 2000

Place/Transition(P/T) nets has been used in protocol verification and concurrent system verification since it is suitable for describing concurrency and provides several well-established verification techniques. And it has been used as a base formalism for such high-level Petri nets as colored Petri nets, object-oriented Petri nets and etc. However, when analyzing complex models using P/T nets and P/T nets-based high-level Petri nets, there may be state explosion in reachability analysis due to improper handling of concurrency. In this paper, we define a structural concurrency in P/T nets, propose a partitioning algorithm based on the detected structural concurrency, and provide analysis techniques for such properties as boundedness of places and liveness of transitions, which are performed on compositional reachability graphs. The analysis techniques based on Petri net slices can be used in efficiently analyzing P/T nets-based high-level Petri net models as well as P/T net models.

• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.3
• /
• pp.211-215
• /
• 2009

As Programmable Logic Controllers (PLCs) are increasingly used to implement safety critical systems such as nuclear instrumentation & control system, formal verification for PLC based programs is becoming essential. This paper proposes a formal verification technique for PLC program implemented with function block diagram (FBD). In order to verify an FBD program, we translate an FBD program into a Verilog model and perform model checking using SMV model checker We developed a tool, FBD Verifier, which translates FBD programs into Verilog models automatically and supports efficient and intuitive visual analysis of a counterexample. With the proposed approach and the tool, we verified large FBD programs implementing reactor protection system of Korea Nuclear Instrumentation and Control System R&D Center (KNICS) successfully.

• Journal of KIISE:Computing Practices and Letters
• /
• v.6 no.2
• /
• pp.187-195
• /
• 2000

Embedded software generates its outputs using current states of the system as well as external inputs. When a module in embedded software is tested, we need an automated testing tool, which generates possible sequences to reach the module as well as input data of the module, to reduce the testing time and to improve the quality of software. In this paper, we use decision table to specify the functionality of the module and data-annotated MSC (Message Sequence Charts) to describe scenarios, and implement a tool, which we call MSCTest, to automate the testing process. MSCTest consists of MSC graphic editor, test sequence and data generator, and test driver generator. MSCTest is effectively applied to test EsWin which is a kind of window library used in embedded systems.

• Journal of Digital Contents Society
• /
• v.8 no.3
• /
• pp.279-288
• /
• 2007

Recently, Baruah et. al. proposed an optimal Pfair scheduling algorithm in the real-time multiprocessor system environments, and several variants of it were presented. All these algorithms assume the fixed unit quantum size. However, under Pfair based scheduling algorithms that are global scheduling technique, quantum size has direct influence on the scheduling overheads such as task switching and cache reload. We proposed a method for deciding the optimal quantum size[2] and an improved method for the task set whose utilization e is less than or equal to $e\;{\leq}\;p/3+1$[3]. However, these methods use repetitive computation of the task's utilization to determine the optimal quantum size. In this paper, we propose a more efficient method that can determine the optimal quantum size in constant time.

• Journal of the Semiconductor & Display Technology
• /
• v.15 no.4
• /
• pp.27-32
• /
• 2016

In recent years, various researches have been conducted to improve process yields in accordance with miniaturization of semiconductor. APC(Advanced Process Control) is considered one of the methods to increase in process yields. APC is a process control technology that maintains optimal process conditions and improves the reliability of results by controlling and formulating the relationship among the various process parameters and results. We built up an optical diagnostic system with a three-channel spectrometer. The system detects signals those represent the changes of specific emission peaks intensity versus each reference and converts it into MFC control signals to get back the changes to the reference state. Controlling the MFC continues until the specific peak intensity changes into the normal state. Through this device, we tested a APC automatically responding to process changes during the plasma process. We could control gas flow while sputtering process on going and improve uniformity of plasma intensity with this system. Finally, we have got results those enhance the plasma intensity non-uniformity to 7.7% from 15.5%. Also, found unexpected oxygen flow what is estimated to be come out from IGZO target.

• Journal of KIISE:Software and Applications
• /
• v.28 no.9
• /
• pp.634-648
• /
• 2001

Message Sequence Charts(MSC) has been used to describe the interactions of numerous concurrent tasks in telecommunication software. After the MSC specification is verified in requirement analysis phase, it can be used not only to synthesize state-based design models, but also to generate test sequences. Until now, the verification is accomplished by generating global state transition graph using the location information only. In this paper, we extend the condition statement of MSC to describe the activation condition of scenarios and the change of state variables, and propose an approach to construct global finite state machine (GFSM) using this information. The GFSM only includes feasible states and transitions of the system. We can generate the test sequences using the existing FSM-based test sequence generation technology.

• Journal of KIISE:Software and Applications
• /
• v.27 no.2
• /
• pp.120-133
• /
• 2000

Major obstruction of using formal methods for hybrid real-time systems in industry is the difficulty that engineers have in understanding and applying the quantitative methods in an abstract requirements phase. While formal methods technology in safety-critical systems can help increase confidence of software, difficulty and complexity in using them can cause another hazard. In order to overcome this obstruction, we propose a framework for qualitative requirements engineering of the hybrid real-time systems. It consists of a qualitative method for requirements specification, called QFM (Qualitative Formal Method), and a safety analysis method for the requirements based on a causality information, called CRSA (Causal Requirements Safety Analysis). QFM emphasizes the idea of a causal and qualitative reasoning in formal methods to reduce the cognitive burden of designers when specifying and validating the software requirements of hybrid safety systems. CRSA can evaluate the logical contribution of the software elements to the physical hazard of systems by utilizing the causality information that is kept during specification by QFM. Using the Shutdown System 2 of Wolsong nuclear power plants as a realistic example, we demonstrate the effectiveness of our approach.

• Journal of KIISE:Software and Applications
• /
• v.32 no.2
• /
• pp.108-118
• /
• 2005

The software of the nuclear power plant digital control system is a safety-critical system where many techniques must be applied to it in order to preserve safety in the whole system. Formal specifications especially allow the system to be clearly and completely specified in the early requirements specification phase, therefore making it a trusted method for increasing safety. In this paper, we discuss a systematic method, which generates PLC-based FBD programs from the requirements specification using NuSCR, a formal requirements specification method. This FBD programs takes an important position in design specification. The proposed method can reduce the possible errors occur in the manual design specification, and the software development cost and time. To investigate the usefulness of our proposed method, we introduce the fixed set-point rising trip example, a trip logic of BP in DPPS RPS, which is presently being developed at KNICS.