Formal Verification of the FTTRS Mechanisms for the Consistent Update of the Traffic Schedule

Abstract

Critical Adaptive Distributed Embedded Systems (ADESs) are nowadays the focus of many researchers. ADESs are envisioned to dynamically modify their behavior to support changes of their real-time and dependability requirements at runtime as the conditions of the environment in which they operate vary. To provide ADESs with an adequate communication infrastructure, our research group proposed the Flexible-Time-Triggered Replicated Star (FTTRS). FTTRS provides highly reliable communication services on top of Ethernet, while keeping the adaptivity benefits that the Flexible-Time-Triggered (FTT) communication paradigm offers from a real-time perspective. This paper formally verifies, by means of model checking, the correctness of the mechanisms FTTRS includes to enforce consistent changes of the communication scheduling at runtime.