public void R12Bis()
{
var model = new Model(new InitializeOne());
model.Faults.SuppressActivations();
var modelchecker = new LtsMin();
//System is in normal mode.
var normalMode = G(!model.DigitalPart.AnomalyComposition());
//Handle has been moved and in the next state, the handle is in up position and stays up and normal mode.
var handleUp = normalMode && model.DigitalPart.ComputingModules.Any(module => module.HandleHasMoved) && X(G(model.Cockpit.PilotHandle.Position == HandlePosition.Up));
//Check that premise does in fact occur
var result = modelchecker.Check(model, G(!handleUp));
Assert.IsFalse(result.FormulaHolds);
//NormalMode and HandleUp imply that eventually the gears are locked up and the doors locked in closed position.
result = modelchecker.Check(model, G(handleUp.Implies(F(model.DigitalPart.ComputingModules.All(module => module.GearsRetracted) && model.DigitalPart.ComputingModules.All(module => module.DoorsClosed)))));
Assert.IsTrue(result.FormulaHolds);
}
public void R22()
{
var model = new Model(new InitializeOne());
model.Faults.SuppressActivations();
var modelchecker = new LtsMin();
//System is in normal mode.
var normalMode = G(!model.DigitalPart.AnomalyComposition());
//Handle stays in the up position and normal mode.
var handleIsUp = normalMode && F(G(model.Cockpit.PilotHandle.Position == HandlePosition.Up));
//Check that premise does in fact occur
var result = modelchecker.Check(model, G(!handleIsUp));
Assert.IsFalse(result.FormulaHolds);
//NormalMode and HandleIsUp imply that the outgoing sequence is not observed.
result = modelchecker.Check(model, G(handleIsUp.Implies(model.DigitalPart.ComputingModules.All(module => module.NotOutgoing))));
Assert.IsTrue(result.FormulaHolds);
}
public void R42()
{
var model = new Model(new InitializeOne());
model.Faults.SuppressActivations();
var modelchecker = new LtsMin();
//System is in normal mode.
var normalMode = G(!model.DigitalPart.AnomalyComposition());
// Normal mode implies that gears outgoing and retraction electro-valves are not stimulated simultanously.
var result = modelchecker.Check(model, G(normalMode.Implies(model.DigitalPart.ComputingModules.All(module => !(module.ExtendEV && module.RetractEV)))));
Assert.IsTrue(result.FormulaHolds);
}
public void R51()
{
var model = new Model(new InitializeOne());
model.Faults.SuppressActivations();
var modelchecker = new LtsMin();
//System is in normal mode.
var normalMode = G(!model.DigitalPart.AnomalyComposition());
//Stimulation of the maneuvering electro-valves.
var stimulation = model.DigitalPart.ComputingModules.All(module => module.OpenEV || module.CloseEV || module.ExtendEV || module.RetractEV);
//If stimulations is to be true in the next step, then the general electro-valve has to be stimulated.
var result = modelchecker.Check(model, G(normalMode.Implies(X(stimulation).Implies(model.DigitalPart.ComputingModules.All(module => module.GeneralEV)))));
Assert.IsTrue(result.FormulaHolds);
}
public void R32()
{
var model = new Model(new InitializeOne());
model.Faults.SuppressActivations();
var modelchecker = new LtsMin();
//System is in normal mode.
var normalMode = G(!model.DigitalPart.AnomalyComposition());
//Stimulation of the door opening or closure electro-valves.
var stimulation = model.DigitalPart.ComputingModules.All(module => module.OpenEV || module.CloseEV);
//If stimulations is to be true in the next step, then gears have to be locked down or up.
var result = modelchecker.Check(model, G(normalMode.Implies(X(stimulation).Implies(model.DigitalPart.ComputingModules.All(module => module.GearsExtended || module.GearsRetracted)))));
Assert.IsTrue(result.FormulaHolds);
}
public void R31()
{
var model = new Model(new InitializeOne());
model.Faults.SuppressActivations();
var modelchecker = new LtsMin();
//System is in normal mode.
var normalMode = G(!model.DigitalPart.AnomalyComposition());
//Stimulation of the gear extension or retraction electro-valves.
var stimulation = model.DigitalPart.ComputingModules.All(module => module.RetractEV || module.ExtendEV);
//If stimulations is to be true in the next step, then doors have to be open.
var result = modelchecker.Check(model, G(normalMode.Implies(X(stimulation).Implies(model.DigitalPart.ComputingModules.All(module => module.DoorsOpen)))));
Assert.IsTrue(result.FormulaHolds);
}
public override InvariantAnalysisResult Check(CoupledExecutableModelCreator <SafetySharpRuntimeModel> createModel, Formula formula)
{
return(_modelChecker.Check(createModel, formula));
}