Modeling a Landing Gear System in Event-B

Abstract

This article describes the Event-B modeling of a landing gear system of an aircraft whose the complete description can be found in \cite{ABZ2014-Landing-Gear-System-Case-Study}. This real-life case study has been proposed by the ABZ'2014 track that took place in Toulouse, the European capital of the aeronautic industry. Our modeling is based on the Parnas and Madey's 4-Variable Model that permits to consider the different parts of a system. These parts are incrementally introduced using the Event-B refinement technique. The entire development has been carried out with the Rodin toolset. To ensure the correctness of the different components, we use several verification techniques (animation, model-checking and proof) depending on the complexity and the kind of the properties to verify. Basically, prior to the proof phase that can be tedious and complex, we use the animator \textsc{AnimB} and the model checker \textsc{ProB} that permit to discover some trivial inconsistencies. Once no error is reported, we start the proof phase by using the Atelier B and SMT provers which we installed under Rodin. We conclude the article by drawing up some key findings of and lessons learned from this experience.