mirela / scp

Go to a project
Toggle navigation Toggle navigation pinning
Johan ARCILE
60892f72 1 parent 29cbcd30

Upload new file

Inline Side-by-side
Showing 1 changed file with 185 additions and 0 deletions
1 +pta
2 +
3 +formula fk1Ca = (sU=1);
4 +formula fk2Ca = (sCa=3);
5 +formula fk1I = (sF=1);
6 +formula fk2I = (sI=3);
7 +formula fk1F = (sL=1);
8 +formula fk2F = (sF=4);
9 +formula fk1U = (sL=1);
10 +formula fk2U = (sU=9);
11 +formula fk1L = (sF=1);
12 +formula fk2L = (sL=9);
13 +formula flock1 = (sU=4) | (sL=4) | (sG=1);
14 +formula flock2 = (sM=1);
15 +formula funlock1 = (sU=7) | (sL=7) | (sG=4);
16 +formula funlock2 = (sM=3);
17 +
18 +
19 +
20 +module mCa
21 + xCa : clock;
22 + sCa : [0..3] init 0;
23 +
24 + invariant
25 + (sCa=0 => xCa <= 3000) &
26 + (sCa=1 => xCa <= 4500) &
27 + (sCa=2 => xCa <= 0)
28 + endinvariant
29 +
30 + [] sCa=0 & xCa >= 2000 -> (sCa'=1) & (xCa'=0);
31 + [] sCa=1 & xCa >= 3500 -> (sCa'=2) & (xCa'=0);
32 + [k1Ca] sCa=2 -> (sCa'=1) & (xCa'=0);
33 + [] sCa=2 & !fk1Ca -> (sCa'=3);
34 + [k2Ca] sCa=3 -> (sCa'=1) & (xCa'=0);
35 +endmodule
36 +
37 +module mI
38 + xI : clock;
39 + sI : [0..3] init 0;
40 +
41 + invariant
42 + (sI=0 => xI <= 600) &
43 + (sI=1 => xI <= 1000) &
44 + (sI=2 => xI <= 0)
45 + endinvariant
46 +
47 + [] sI=0 & xI >= 400 -> (sI'=1) & (xI'=0);
48 + [] sI=1 & xI >= 900 -> (sI'=2) & (xI'=0);
49 + [k1I] sI=2 -> (sI'=1) & (xI'=0);
50 + [] sI=2 & !fk1I -> (sI'=3);
51 + [k2I] sI=3 -> (sI'=1) & (xI'=0);
52 +endmodule
53 +
54 +module mU
55 + xU : clock;
56 + sU : [0..9] init 0;
57 +
58 + invariant
59 + (sU=0 => xU<=0) &
60 + (sU=2 => xU<=9000) &
61 + (sU=3 => xU<=0) &
62 + (sU=5 => xU<=400) &
63 + (sU=6 => xU<=0) &
64 + (sU=8 => xU<=0)
65 + endinvariant
66 +
67 + [k2Ca] sU=0 -> (sU'=2) & (xU'=0);
68 + [] sU=0 & !fk2Ca -> (sU'=1);
69 + [k1Ca] sU=1 -> (sU'=2) & (xU'=0);
70 + [] sU=2 & xU >= 7000 -> (sU'=3) & (xU'=0);
71 + [] sU=3 & !flock2 -> (sU'=4);
72 + [lock2U] sU=3 -> (sU'=5) & (xU'=0);
73 + [lock1U] sU=4 -> (sU'=5) & (xU'=0);
74 + [] sU=5 & xU >= 300 -> (sU'=6) & (xU'=0);
75 + [] sU=6 & !funlock2 -> (sU'=7);
76 + [unlock2U] sU=6 -> (sU'=8) & (xU'=0);
77 + [unlock1U] sU=7 -> (sU'=8) & (xU'=0);
78 + [k2U] sU=8 -> (sU'=0) & (xU'=0);
79 + [] sU=8 & !fk2U -> (sU'=9);
80 + [k1U] sU=9 -> (sU'=0) & (xU'=8);
81 +
82 +
83 +endmodule
84 +
85 +module mF
86 + xF : clock;
87 + sF : [0..4] init 0;
88 +
89 + invariant
90 + (sF=0 => xF<=0) &
91 + (sF=2 => xF<=60) &
92 + (sF=3 => xF<=0)
93 + endinvariant
94 +
95 + [k2I] sF=0 -> (sF'=2) & (xF'=0);
96 + [k2L] sF=0 -> (sF'=2) & (xF'=0);
97 + [] sF=0 & !fk2I & !fk2L -> (sF'=1);
98 + [k1I] sF=1 -> (sF'=2) & (xF'=0);
99 + [k1L] sF=1 -> (sF'=2) & (xF'=0);
100 + [] sF=2 & xF >= 40 -> (sF'=3) & (xF'=0);
101 + [] sF=3 & !fk1F -> (sF'=4);
102 + [k1F] sF=3 -> (sF'=0) & (xF'=0);
103 + [k2F] sF=4 -> (sF'=0) & (xF'=0);
104 +
105 +endmodule
106 +
107 +module mL
108 + xL : clock;
109 + sL : [0..9] init 0;
110 +
111 + invariant
112 + (sL=0 => xL<=0) &
113 + (sL=2 => xL<=30) &
114 + (sL=3 => xL<=0) &
115 + (sL=5 => xL<=20) &
116 + (sL=6 => xL<=0) &
117 + (sL=8 => xL<=0)
118 + endinvariant
119 +
120 + [k2U] sL=0 -> (sL'=2) & (xL'=0);
121 + [k2F] sL=0 -> (sL'=2) & (xL'=0);
122 + [] sL=0 & !fk2U & !fk2F -> (sL'=1);
123 + [k1U] sL=1 -> (sL'=2) & (xL'=0);
124 + [k1F] sL=1 -> (sL'=2) & (xL'=0);
125 + [] sL=2 & xL >= 20 -> (sL'=3) & (xL'=0);
126 + [] sL=3 & !flock2 -> (sL'=4);
127 + [lock2L] sL=3 -> (sL'=5) & (xL'=0);
128 + [lock1L] sL=4 -> (sL'=5) & (xL'=0);
129 + [] sL=5 & xL >= 10 -> (sL'=6) & (xL'=0);
130 + [] sL=6 & !funlock2 -> (sL'=7);
131 + [unlock2L] sL=6 -> (sL'=8) & (xL'=0);
132 + [unlock1L] sL=7 -> (sL'=8) & (xL'=0);
133 + [k2L] sL=8 -> (sL'=0) & (xL'=0);
134 + [] sL=8 & !fk2L -> (sL'=9);
135 + [k1L] sL=9 -> (sL'=0) & (xL'=8);
136 +
137 +endmodule
138 +
139 +module mM
140 + xM : clock;
141 + sM : [0..3] init 1;
142 +
143 + invariant
144 + (sM=0 => xM<=0) &
145 + (sM=2 => xM<=0)
146 + endinvariant
147 +
148 + [] sM=0 & !flock1-> (sM'=1);
149 + [lock1L] sM=0 -> (sM'=2) & (xM'=0);
150 + [lock1U] sM=0 -> (sM'=2) & (xM'=0);
151 + [lock1G] sM=0 -> (sM'=2) & (xM'=0);
152 + [lock2L] sM=1 -> (sM'=2) & (xM'=0);
153 + [lock2U] sM=1 -> (sM'=2) & (xM'=0);
154 + [lock2G] sM=1 -> (sM'=2) & (xM'=0);
155 + [] sM=2 & !funlock1 -> (sM'=3);
156 + [unlock1L] sM=2 -> (sM'=0) & (xM'=0);
157 + [unlock1U] sM=2 -> (sM'=0) & (xM'=0);
158 + [unlock1G] sM=2 -> (sM'=0) & (xM'=0);
159 + [unlock2L] sM=3 -> (sM'=0) & (xM'=0);
160 + [unlock2U] sM=3 -> (sM'=0) & (xM'=0);
161 + [unlock2G] sM=3 -> (sM'=0) & (xM'=0);
162 +
163 +endmodule
164 +
165 +module mG
166 + xG : clock;
167 + sG : [0..5] init 0;
168 +
169 + invariant
170 + (sG=0 => xG<=0) &
171 + (sG=2 => xG<=420) &
172 + (sG=3 => xG<=0) &
173 + (sG=5 => xG<=750)
174 + endinvariant
175 +
176 + [lock2G] sG=0 -> (sG'=2) & (xG'=0);
177 + [] sG=0 & !flock2 -> (sG'=1);
178 + [lock1G] sG=1 -> (sG'=2) & (xG'=0);
179 + [] sG=2 & xG >= 310 -> (sG'=3) & (xG'=0);
180 + [unlock2G] sG=3 -> (sG'=5) & (xG'=0);
181 + [] sG=3 & !funlock2 -> (sG'=4);
182 + [unlock1G] sG=4 -> (sG'=5) & (xG'=0);
183 + [] sG=5 & xG >= 500 -> (sG'=0) & (xG'=0);
184 +
185 +endmodule