SMT-Based Model Checking of Industrial Simulink Models

TL;DR

This paper introduces an SMT-based model checking approach for Simulink models, enabling automated, accurate, and efficient verification of complex industrial embedded system models using the Z3 solver.

Contribution

It presents a novel encoding of Simulink models into SMT formulas and applies a k-induction algorithm for invariant verification, improving verification success over existing tools.

Findings

Successfully verified most properties in tested models.

Outperformed other tools in verification success.

Enabled precise analysis of complex Simulink models.

Abstract

The development of embedded systems requires formal analysis of models such as those described with MATLAB/Simulink. However, the increasing complexity of industrial models makes analysis difficult. This paper proposes a model checking method for Simulink models using SMT solvers. The proposed method aims at (1) automated, efficient and comprehensible verification of complex models, (2) numerically accurate analysis of models, and (3) demonstrating the analysis of Simulink models using an SMT solver (we use Z3). It first encodes a target model into a predicate logic formula in the domain of mathematical arithmetic and bit vectors. We explore how to encode various Simulink blocks exactly. Then, the method verifies a given invariance property using the k-induction-based algorithm that extracts a subsystem involving the target block and unrolls the execution paths incrementally. In the experiment, we applied the proposed method and other tools to a set of models and properties. Our method successfully verified most of the properties including those unverified with other tools.