VDM++

Brian Steensgaard, 20043835@iha.dkHenrik Karmisholt Grosen, 20043836@iha.dkRasmus Oudal Edberg, 20043839@iha.dk

ProjectProduction Cell

Purpose

The purpose of the production cell is to take metal plates from the feed belt to the press, which will perform some (time consuming) treatment of the plate. The treated plate is then moved from the press to the deposit belt where it leaves the unit. Plates are moved from the feed belt to the press using arm A of the robot, and from the press to the deposit belt using arm B of the robot. The two arms are of fixed length and height, and are fixed to each other (i.e. 90 degrees).

Semantics

1. Plate is placed on feed belt.2. Plate is moved from feed belt.3. Plate is removed from press if

one is already placed, and a plate is placed on press.

4. Plate is placed on deposit belt.

5. Plate leaves production cell.

Sensors And Actuators

Sensors1. Rotation sensor - controls the rotation of the

robot arms.2. Light sensor - senses an plate.

Actuators3. Motor - control the speed of the two belts.4. Lamp - provides input to the light sensor.5. Electro Magnet – used to pick up the plates

Project Goals

We want to:•Model the sensors in an OO model•Model the actuators in an OO model•Model the reactive control logic in an OO model

•Prove safety requirements for sensors•Prove safety requirements for actuators•Prove safety requirements for control logic

We do not want to:•Prove liveness properties (eg. optimization etc)•Consider realtime requirements•Consider distributed computing

Safety requirements

Sensor safety requirements•Sensor reading may not be beyond possible range

Actuator safety requirements•Machine parts may not be instructed to move beyond it’s limits

Control logic safety requirements•Machines must not collide•Metal plates may not be dropped outside feed belt and press•No more than one metal plate may be placed in the press•Metal plates must never fall of the end of the feed belt