Departmental Papers (CIS)

Date of this Version


Document Type

Conference Paper


International Conference on Embedded Software (EMSOFT 2015). Amsterdam, Netherlands, October 2015.


We consider the problem of verification of software implementations of linear time-invariant controllers. Commonly, different implementations use different representations of the controller’s state, for example due to optimizations in a third-party code generator. To accommodate this variation, we exploit input-output controller specification captured by the controller’s transfer function and show how to automatically verify correctness of C code controller implementations using a Frama-C/Why3/Z3 toolchain. Scalability of the approach is evaluated using randomly generated controller specifications of realistic size.

Subject Area

CPS Model-Based Design, CPS Formal Methods, CPS Embedded Control

Publication Source

International Conference on Embedded Software (EMSOFT 2015)

Copyright/Permission Statement

© ACM 2015. This is the author's version of the work. It is posted here for your personal use. Not for redistribution.



Date Posted: 16 October 2015

This document has been peer reviewed.