. .. Principales, , p.66

A. .. Rappels-sur-le-cas-d'étude-:-la-fonction, 66 4.1.2 Aperçu général de la démarche

. .. Intégration-de-la-démarche, 71 4.1.3.1 Activités Renault et cadre normatif

. .. Concepts-défendus, 2.3.1 Co-construction des modèles et des propriétés formelles

, Un formalisme partagé pour des objectifs de modé-lisation communs

. .. , Une attribution souple des activités, p.78

.. .. Synthèse,

, Convergence des points de vue

. .. Objectifs, 137 6.1.1 Récapitulatif des données résultantes de la construction des modèles d'état

.. .. Fil-conducteur,

. .. Constat, Aperçu des activités visant à unier le vocabulaire . 142 6.2.2.2 Listes d'états uniée

. .. , Détermination des Modèles Globaux cibles (A3.2), p.149

. .. Activités-mises-en-jeu, 150 6.3.2 Modication des Modèles d'état Fonctionnels (A3.2.1) . . . 150 6.3.2.1 Validation des Modèles Globaux (A4.2) . . . . . . . 152 6.3.2.2 Exigences supplémentaires allouées à la Supervision AD globale

. .. , Enrichissement des Modèles de Sûreté (A3.3), p.154

. .. Aperçu, 154 6.4.2 Modication des Modèles d'état de Sûreté (A3.3.1) . . . . . 154 6.4.3 Vérication des Modèles Locaux par rapport aux Modèles Globaux cibles et validation (A3.3.2, A4.3)

, Validation des modèles

, Exigences supplémentaires allouées aux Supervisions locales

. .. , 167 6.5.1 Déroulement de l'activité de vérication, 5.2 Propriétés formelles à vérier sur les Modèles d'état Complets

K. Akesson, Supremicaa tool for verication and synthesis of discrete event supervisors, 2003.

A. Albinet and S. Begoc, The MeMVaTEx methodology : from requirements to models in automotive application design, 2008.

A. Albinet and J. Boulanger, Model-Based Methodology for Requirements Traceability in Embedded Systems, Proceedings of 3rd European Conference on Model Driven Architecture Foundations and Applications, ECMDA'07, 2007.
URL : https://hal.archives-ouvertes.fr/inria-00413488

A. Ferreira, D. De, and A. R. Da-silva, A controlled natural language approach for integrating requirements and model-driven engineering, Software Engineering Advances. ICSEA'09. Fourth International Conference on. IEEE, pp.518-523, 2009.

R. Ams, System Design Document AD System AD2.1. (août 2017b). System Technical Requirements AD System V1, 2017.

L. Apvrille and A. Becoulet, Prototyping an embedded automotive system from its UML/SysML models, 2012.

S. Badreau and . Boulanger, Ingénierie des exigences : Méthodes et bonnes pratiques pour construire et maintenir un référentiel, 2014.

C. Baier and . Et-j.-p.-katoen, Principles of model checking, 2008.

B. Reniers and J. M. , Validation of model behavior using UPPAAL, 2011.

S. Behere and M. Törngren, A functional reference architecture for autonomous driving, Information and Software Technology, vol.73, pp.136-150, 2016.

P. Behm, METEOR : A successful application of B in a large project, International Symposium on Formal Methods, pp.369-387, 1999.

G. Behrmann, A. David, and K. G. Larsen, A tutorial on uppaal, Formal methods for the design of real-time systems, pp.200-236, 2004.

F. E. Belmonte and . Soubiran, A Model Based Approach for Safety Analysis, SAFECOMP Workshop, 2012.

G. Biggs, T. Sakamoto, and T. Kotoku, A prole and tool for modelling safety information with design information in SysML, Software & Systems Modeling 15.1, pp.147-178, 2016.

H. Blom, EAST-ADL : An Architecture Description Language for Automotive Software-intensive Systems in the Light of Recent use and Research, International Journal of System Dynamics Applications (IJSDA), vol.5, pp.1-20, 2016.
URL : https://hal.archives-ouvertes.fr/cea-01810034

B. W. Boehm, A spiral model of software development and enhancement, Computer 21, vol.5, pp.61-72, 1988.

M. Boiteau, The AltaRica data-ow language in use : modeling of production availability of a multi-state system, Reliability Engineering & System Safety 91, vol.7, pp.747-755, 2006.

J. Boulanger, Formal methods applied to complex systems : implementation of the B method, 2014.

M. Bozzano, Formal verication and validation of AADL models, ERTS 2010 -Embedded Real Time Software and Systems, 2010.

G. Cabral and A. Sampaio, Formal specication generation from requirement documents, Electronic Notes in Theoretical Computer Science, vol.195, pp.171-188, 2008.

C. G. Cassandras and S. Lafortune, Introduction to discrete event systems, 2009.

J. Chanaron, Constructeurs/Fournisseurs : spécicités et dynamique d'évolution des modes relationnels, Actes du GERPISA, vol.14, pp.9-22, 1995.

D. Chen, Integrated safety and architecture modeling for automotive embedded systems, Elektrotechnik und Informationstechnik 128, vol.6, pp.196-202, 2011.

J. Chong, Véhicules autonomes et connectés : état d'avancement de la technologie et principaux enjeux stratégiques pour les pouvoirs publics au Canada. Bibliothèque du Parlement= Library of Parliament, 2016.

E. M. Clarke and E. A. Emerson, Design and synthesis of synchronization skeletons using branching time temporal logic, Workshop on Logic of Programs, pp.52-71, 1981.

R. Cressent, Valorisation de l'Ingénierie Système à Base de Modèles, pour l'analyse de sûreté de fonctionnement des systèmes complexes critiques intégrant des COTS . Thèse de doctorat dirigée par Kratz, Frédéric Sciences et technologies industrielles Orléans, 2012.

R. Cressent and P. David, Designing the database for a reliability aware Model-Based System Engineering process, Reliability Engineering & System Safety, vol.111, pp.171-182, 2013.
URL : https://hal.archives-ouvertes.fr/hal-00789554

R. Cressent, V. Idasiak, and F. Kratz, Prise en compte des analyses de la sûreté de fonctionnement dans l'ingénierie de système dirigée par les modèles SysML, Génie logiciel, pp.33-39, 2011.

R. Cressent, V. Idasiak, F. Kratz, and P. David, Mastering safety and reliability in a model based process, Reliability and Maintainability Symposium (RAMS), pp.1-6, 2011.
URL : https://hal.archives-ouvertes.fr/hal-00630827

P. David, Contribution to reliability analysis of complex systems during their design phase : application to the evaluation of human sensors networks missions . Theses, 2009.
URL : https://hal.archives-ouvertes.fr/tel-00464735

P. David, V. Idasiak, and F. Kratz, Reliability study of complex physical systems using SysML, Reliability Engineering & System Safety 95, vol.4, pp.431-450, 2010.
URL : https://hal.archives-ouvertes.fr/hal-00528802

B. Djoudi, C. Bouanaka, and N. Zeghib, A formal framework for contextaware systems specication and verication, Journal of Systems and Software, vol.122, pp.164-1212, 2016.

C. Dumitrescu, Bridging the gap between product lines and systems engineering : an experience in variability management for automotive model based systems engineering, Proceedings of the 17th International Software Product Line Conference, pp.254-263, 2013.
URL : https://hal.archives-ouvertes.fr/hal-00914011

J. Dumont, F. Sadmi, and F. Vallee, Safety Architect c : un outil d'analyse de risques s' inscrivant dans les processus d'ingénierie de systèmes complexes, Genie logiciel 98, pp.27-33, 2011.

M. B. Dwyer, G. S. Avrunin, and J. C. Corbett, Property specication patterns for nite-state verication, Proceedings of the second workshop on Formal methods in software practice, pp.7-15, 1998.

, EIA-632 :2003 Processes for Engineering a System, 2003.

E. Ernst, Separation of concerns, Proceedings of the AOSD 2003 Workshop on Software-Engineering Properties of Languages for Aspect Technologies (SPLAT), 2003.

D. Evrot, Contribution à la vérication d'exigences de sécurité : application au domaine de la machine industrielle, 2008.

D. J. Fagnant and K. Kockelman, Preparing a nation for autonomous vehicles : opportunities, barriers and policy recommendations, Transportation Research Part A : Policy and Practice, vol.77, pp.965-8564, 2015.

H. Fennel, Achievements and exploitation of the AUTOSAR development partnership, Rapp. tech. SAE Technical Paper, 2006.

M. Filax, T. Gonschorek, and F. Ortmeier, Correct formalization of requirement specications : a v-model for building formal models, International Conference on Reliability, Safety and Security of Railway Systems, pp.106-122, 2016.

S. Fiorèse and . Meinadier, Découvrir et comprendre l'ingénierie système, CEPADUES Editions, p.6, 2012.

M. Florian, Multi-view modeling in SysML : thematic structuring for multiple thematic views, Procedia Computer Science, vol.28, pp.531-538, 2014.

K. Forsberg, H. Mooz, and H. Cotterman, Visualizing project management : models and frameworks for mastering complex systems, 2005.

S. Fürst, AUTOSARA Worldwide Standard is on the Road, 14th International VDI Congress Electronic Systems for Vehicles, 2009.

T. Gaudré, Formation Renault : Ingénierie des Exigences (IE), 2016.

D. Genius and L. Apvrille, Virtual yet precise prototyping : An automotive case study, 8th European Congress on Embedded Real Time Software and Systems, pp.691-700, 2016.
URL : https://hal.archives-ouvertes.fr/hal-01291888

V. Gervasi and B. Nuseibeh, Lightweight validation of natural language requirements, Software : Practice and Experience, vol.32, pp.113-133, 2002.

M. Ghazel, J. Yang, and E. El-koursi, A pattern-based method for rening and formalizing informal specications in critical control systems, Journal of Innovation in Digital Ecosystems, vol.2, issue.1, pp.2352-6645, 2015.

H. G. Góngora, T. Gaudré, and S. Tucci-piergiovanni, Towards an architectural design framework for automotive systems development, Complex Systems Design & Management, pp.241-258, 2013.

, Groupe Renault -Direction de la Qualité et de la Satisfaction Client, 2016.

, Procédure : Maîtriser la sûreté de fonctionnement des systèmes mécatroniques, 2017.

, Groupe Renault -Direction Méthodes et Standards de Conception, Procédure : Concevoir le système, 2018.

M. Güdemann, Qualitative and quantitative formal model-based safety analysis : push the safety button, 2011.

R. Guillerm, Integration of Dependability in System Engineering Processes, 2011.
URL : https://hal.archives-ouvertes.fr/tel-00766124

C. Guychard, Conceptual interoperability through models federation, Semantic Information Federation Community Workshop, 2013.
URL : https://hal.archives-ouvertes.fr/hal-00905036

N. Hautiere, H. Tattegrain, and M. Guilbot, Véhicules connectés et autonomes : quels enjeux technologiques, juridiques et de sécurité routière ? In : Hygiène et Sécurité du Travail, vol.246, p.100, 2017.

W. L. Hürsch and C. V. Lopes, Separation of Concerns. Rapp. tech. IAV (sept. 2016). RSA AD Functional Safety Concept, 1995.

V. Idasiak and ;. Et-r.-kajdan, Ingénierie système basée modèle et analyse des défaillances : retour d'expérience, 3C-Ingénierie dirigée par les modèles : SysML, 2014.

, Application and management of the systems engineering process, IEEE, vol.1220, 2005.

. Iso, ISO 26262 Road Vehicles -Functional Safety, ISO 9000 :2015 Systèmes de management de la qualité -Principes essentiels et vocabulaire, 2011.

. Iso/cei, ISO/CEI 61508 :2000 Functional safety of electrical/ electronic/ programmable electronic safety-related, ISO/CEI/IEEE 15288 :2008 Systems and Software Engineering -Systems Life Cycle Process, vol.51, 2000.

K. Jo, Development of autonomous carPart II : A case study on the implementation of an autonomous driving system based on distributed architecture, IEEE Transactions on Industrial Electronics, vol.62, pp.5119-5132, 2015.

A. Joshi and M. P. Heimdahl, Model-based safety analysis of simulink models using SCADE design verier, International Conference on Computer Safety, Reliability, and Security, pp.122-135, 2005.

A. Joshi, M. Whalen, and M. P. Heimdahl, Model-Based Safety Analysis Final Report, 2006.

V. Judalet, Robust architecture for the shared control of by-wire vehicles, 2016.
URL : https://hal.archives-ouvertes.fr/tel-01466289

B. Kaiser, Integrating system modelling with safety activities, International Conference on Computer Safety, Reliability, and Security, pp.452-465, 2010.
DOI : 10.1007/978-3-642-15651-9_33

N. Kalra and S. M. Paddock, Driving to safety : How many miles of driving would it take to demonstrate autonomous vehicle reliability ? In : Transportation Research Part A : Policy and Practice 94, pp.965-8564, 2016.

E. Kang, A methodology for formal analysis and verication of EAST-ADL models, Reliability Engineering & System Safety, vol.120, pp.127-138, 2013.

R. Kawahara, Verication of embedded system's specication using collaborative simulation of SysML and simulink models, pp.21-28, 2009.

, Uber suspend son programme de voitures autonomes après un accident mortel, 2018.

J. Lasalle, F. Peureux, and F. Fondement, Development of an automated MBT toolchain from UML/SysML models, Innovations in Systems and Software Engineering, pp.247-256, 2011.
URL : https://hal.archives-ouvertes.fr/hal-00649263

L. Monde, A la suite d'une erreur de calcul, la Russie perd un satellite, 2017.

B. Lebeaupin, Vers un langage de haut niveau pour une ingénierie des exigences agile dans le domaine des systèmes embarqués avioniques, Requirements Engineering Conference (RE), pp.406-411, 2015.

B. Lebeaupin, A. Rauzy, and J. Roussel, A language proposition for system requirements, Systems Conference (SysCon, pp.1-8, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01570784

A. Legendre, System engineering and dependability : methodology synchronization of models, 2017.
URL : https://hal.archives-ouvertes.fr/tel-01730329

A. Legendre, A. Lanusse, A. P. Rauzy-;-d'y, . Marco, and . Bozzano, Toward Model Synchronization Between Safety Analysis and System Architecture Design in Industrial Contexts . In : Model-Based Safety and Assessment. Sous la dir, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01590709

, Proceedings of the 5th International Symposium, pp.35-49, 1113.

R. Leibinger, Software architectures for advanced driver assistance systems (ADAS), Agenda : Short overview of Elektrobit automotive, 2015.

N. G. Leveson, An approach to designing safe embedded software, International Workshop on Embedded Software, pp.15-29, 2002.

J. Lions, Ariane 5 ight 501 failure, 1996.

X. Liu and Z. Zhu, Construct Aspectual Models from Requirement Documents for Model-driven Development of Automotive Software, In : Electronic Notes in Theoretical Computer Science, vol.274, pp.33-50, 2011.

R. Marinescu, Analyzing industrial architectural models by simulation and model-checking, International Workshop on Formal Techniques for Safety-Critical Systems, pp.189-205, 2014.

J. Markovski and J. Van-de-mortel-fronczak, Modeling for safety in a synthesis-centric systems engineering framework, International Conference on Computer Safety, Reliability, and Security, pp.36-49, 2012.

P. Mauborgne, , 2016.

P. Mauborgne, S. Deniaud, E. Levrat, E. Bonjour, and P. Lamothe, Comment relier l'ingénierie système et la sûreté de fonctionnement ?, 10e Congrès international de Génie Industriel, 2013.

P. Mauborgne, S. Deniaud, E. Levrat, E. Bonjour, and J. Micaëlli, Operational and system hazard analysis in a safe systems requirement engineering processApplication to automotive industry, Safety science, vol.87, pp.256-268, 2016.

M. Maurer and H. Winner, Automotive Systems Engineering, 2013.

B. Mckinley, Voitures connectées : les nouveaux dés du test électronique. Article en ligne, 2016.

A. Mécatronique, Automobile et mécatronique : l'histoire d'une évolu-tion parallèle. Article en ligne, 2014.

F. Mhenni, Safety analysis integration in a systems engineering approach for mechatronic systems design . Theses
URL : https://hal.archives-ouvertes.fr/tel-01132906

P. Micouin, Exigences en ingénierie systèmes basée modèles, 9 ième Congrès International de Génie Industriel, 2011.

A. Mihal, Developing architectural platforms : A disciplined approach, IEEE Design & Test of Computers, vol.19, pp.6-16, 2002.
DOI : 10.1109/mdt.2002.1047739

P. Moati, Organiser les marchés dans une économie fondée sur la connaissance : le rôle clé des intégrateurs, Revue d'économie industrielle 97, vol.1, pp.123-138, 2001.
DOI : 10.3406/rei.2001.1803

S. Mohajerani, R. Malik, and M. Fabian, Compositional synthesis of supervisors in the form of state machines and state maps, Automatica, vol.76, pp.277-281, 2017.

G. Moncelet, Application des réseaux de Petri a l'évaluation de la sûrete de fonctionnement des systèmes mécatroniques du monde automobile, p.158, 1998.

, Autopilot Cited in Death of Chinese Tesla Driver

, Failure Report Summary, Autonomous vehicle control systems, AUTOMATED DRIVING SYSTEMS A vision for Safety, 2016.

R. Nouacer, EQUITAS : A tool-chain for functional safety and reliability improvement in automotive systems, In : Microprocessors and Microsystems, vol.47, pp.252-261, 2016.
URL : https://hal.archives-ouvertes.fr/cea-01845196

, Automated Driving : Denition for Levels of Automation, 2014.

Y. Papadopoulos, Engineering failure analysis and design optimisation with HiP-HOPS, Engineering Failure Analysis, vol.18, pp.590-608, 2011.
DOI : 10.1016/j.engfailanal.2010.09.025

F. Peres, J. Yang, and M. Ghazel, A formal framework for the formalization of informal requirements, The International Journal of Soft Computing and Software Engineering 2.8, pp.14-27, 2012.
URL : https://hal.archives-ouvertes.fr/hal-00852373

J. Pétin, Combining SysML and formal methods for safety requirements verication, 22nd International Conference on Software & Systems Engineering and their Applications, 2010.

J. E. Piques and . Andrianarison, SysML for embedded automotive systems : lessons learned, Interfaces 3, p.3, 2011.

A. Pnueli, The temporal logic of programs, 18th Annual Symposium on, pp.46-57, 1977.

K. Pohl, Requirements engineering : fundamentals, principles, and techniques, 2010.

, Promoneuve Opinion Way (sept. 2016). Les Français et les voitures neuves

P. Ramadge and W. M. Wonham, Supervision of discrete event processes, Decision and Control, 1982 21st IEEE Conference on. T. 21. IEEE, pp.1228-1229, 1982.

B. Rohée, A methodology to design and check a plant model, 3rd IFAC Workshop on Discrete-Event System Design (DESDes'06), pp.246-250, 2006.

J. Roussel, B. Et, and . Denis, Safety properties verication of ladder diagram programs, Journal Européen des Systemes Automatisés (JESA), vol.36, p.905, 2002.

. Rtca-inc, DO 178C :2012 Software considerations in airborne systems and equipment certication, 2012.

, ARP4761 :1996 Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment, SAE International, vol.4754, 1996.

. Sebok, Guide to the Systems Engineering Body of Knowledge (SEBoK) SEBoK. [Online ; accessed 23, 2017.

S. Sharvia and Y. Papadopoulos, Integrating model checking with HiP-HOPS in model-based safety analysis, Reliability Engineering & System Safety, vol.135, pp.64-80, 2015.

F. Simonot-lion and N. Navet, Les réseaux temps réel embarqués dans les véhicules, 2006.

S. Council and . Canada, Systems Engineering -Guide for ISO/IEC 15288 (Sytem Life Cycle Processes), 2002.

J. Stineau, Sensibilisation à l'architecture électrique et électronique. Formation interne Renault, 2015.

O. Taofifenua, Ontology centric design process : Sharing a conceptualization, Theses. Conservatoire national des arts et metiers -CNAM, 2012.
URL : https://hal.archives-ouvertes.fr/tel-00752100

Ö. “. Ta³, Functional system architectures towards fully automated driving, Intelligent Vehicles Symposium (IV), pp.304-309, 2016.

. Tns-sofres, Les Français et l'Automobile -vague, vol.5, p.203, 2014.

. Insa-lyon and S. Tucci-piergiovanni, Model-Based Analysis and Engineering of Automotive Architectures with EAST-ADL, Handbook of Research on Embedded Systems Design, pp.242-282, 2014.

, La UNECE ouvre la voie à la conduite automatisée en modiant la Convention de Vienne sur la circulation routière, 2016.

, National Motor Vehicle Crash Causation Survey Report DOT HS 811 059. Rapp. tech. National Highway Trac Safety Administration, 2008.

J. Verries, Approche pour la conception de systèmes aéronautiques innovants en vue d'optimiser l'architecture. Application au système portes passager, 2010.

A. Villemeur, Sureté de fonctionnement des systèmes industriels : abilité-facteurs humains, informatisation, 1988.

R. Weissnegger, A novel method to speed-up the evaluation of cyberphysical systems (ISO 26262) . In : Intelligent Solutions in Embedded Systems (WISES), pp.109-114, 2015.

J. Woodcock, Formal methods : Practice and experience, ACM computing surveys (CSUR) 41, vol.4, p.19, 2009.

W. Wu and T. Kelly, Deriving safety requirements as part of system architecture denition, Proceedings of 24th International System Safety Conference, 2006.

N. Yakymets and S. Dhouib, Model-driven safety assessment of robotic systems, Intelligent Robots and Systems (IROS), 2013 IEEE/RSJ International Conference on, pp.1137-1142, 2013.
URL : https://hal.archives-ouvertes.fr/cea-01810068

N. Yakymets, M. Perin, and A. Lanusse, Modélisation des réseaux en AltaRica 3.0 . In : 19e Congrès de Maîtrise des Risques et Sûreté de Fonctionnement, Systems Conference (SysCon), pp.570-577, 2014.

J. Zaytoon and B. Riera, Synthesis and implementation of logic controllersa review, Annual reviews in control, vol.43, pp.152-168, 2017.

W. Zhang, Towards tool integration through artifacts and roles, Software Engineering Conference (APSEC), pp.603-613, 2012.
URL : https://hal.archives-ouvertes.fr/hal-01472914

Z. Zhioua, Y. Roudier, and R. Ameur-boulifa, Formal specication of security guidelines for program certication, Theoretical Aspects of Software Engineering, pp.1-8, 2017.

Z. Zhioua, Y. Roudier, and R. B. Ameur, Formal specication and verication of security guidelines, Dependable Computing (PRDC, pp.2017-2039, 2017.

, Pacic Rim International Symposium on. IEEE, pp.267-273

. .. , 208 10.1.1 Squelettes fonctionnels résultants de l'analyse groupe par groupe208 10.1.2 Squelettes résultants de l'analyse inter-groupes, INSA Lyon, tous droits réservés Figures et Tables supplémentaires Sommaire 10.1 Squelettes de modèles d'état, p.211, 2018.

.. .. Variables,

. .. Transitions-de-groupe,

. .. Modèles-d'état-fonctionnels-préliminaires, , p.217

. .. Modèles-d'état-fonctionnels-vériés,

. .. Modèle-d'état-de-sûreté-véré, , p.223

. .. , Modèle d'état Complet version 12, vol.225, p.207

, TGFF11_12 := ( !(rte_def=0) | !(turn_indic & spd_veh) | !(dist_obj | veh_pos=5

|. Perc_cap,

, TGFF16_12 := (AD_activ & AD_button & gear_lev=1

, init(state) :=o

, INSA Lyon, tous droits réservés Exigences fonctionnelles SPEC AG((state=o & TGFF1_12) -> AF (state=not_available, 2018.

, SPEC AG((state=not_available & TGFF6_12)-> AF(state=available

, SPEC AG(((state = available) & TGFF11_12) -> AF (state = activatable

, SPEC AG((state = activatable & TGFF14_12) -> AF (state = not_available

, SPEC AG((state = activatable & TGFF16_12) -> AF (state = active

, SPEC AG((state = active & TGFF18_12) -> AF (state = not_available

, Exigences de sûreté SPEC AG((state = not_available & ctl_main_fail) -> AF(state = blockedm))

, SPEC AG((state = not_available & ctl_sub_fail) -> AF(state = blockeds

, SPEC AG((state = not_available & ctl_3_fail) -> AF(state = blocked3

, SPEC AG((state = not_available & ctl_ms_fail) -> AF(state = blockedms

, SPEC AG((state = available & ctl_main_fail) -> AF(state = blockedm

, SPEC AG((state = available & ctl_sub_fail) -> AF(state = blockeds

, SPEC AG((state = available & ctl_3_fail) -> AF(state = blocked3

, SPEC AG((state = available & ctl_ms_fail) -> AF(state = blockedms

, SPEC AG((state = activatable & ctl_main_fail) -> AF(state = blockedm

, SPEC AG((state = activatable & ctl_sub_fail) -> AF(state = blockeds

, SPEC AG((state = activatable & ctl_3_fail) -> AF(state = blocked3

, SPEC AG((state = activatable & ctl_ms_fail) -> AF(state = blockedms

, SPEC AG((state = active & ctl_main_fail) -> AF(state = MRMm

, SPEC AG((state = active & ctl_sub_fail) -> AF(state = MRMs

, SPEC AG((state = active & ctl_3_fail) -> AF(state = MRM3

, SPEC AG((state = active & ctl_ms_fail) -> AF(state = MRMms

, Exigences portant sur la fonction Main_AD Exigences fonctionnelles SPEC AG((state_m=o_m & TGFF1_12) -> AF(state_m=not_available_m

, SPEC AG((state_m=not_available_m & TGFF6_12

, AF(state_m=available_m)

, SPEC AG((state_m = available_m & TGFF11_12) -> AF(state_m = activatable_m

, SPEC AG((state_m = activatable_m & TGFF14_12) -> AF(state_m = not_available_m

, SPEC AG((state_m = active_m & TGFF18_12) -> AF(state_m = not_available_m

, Exigences de sûreté SPEC AG((state_m = not_available_m & (ctl_main_fail | ctl_ms_fail)) -> AF(state_m = silent_m))

, SPEC AG((state_m = available_m & (ctl_main_fail | ctl_ms_fail)) -> AF(state_m = silent_m

, SPEC AG((state_m = activatable_m & (ctl_main_fail | ctl_ms_fail)) -> AF(state_m = silent_m

, SPEC AG((state_m = active_m & (ctl_main_fail | ctl_ms_fail)) -> AF(state_m = silent_m

, SPEC AG((state_m = not_available_m & (ctl_3_fail | ctl_sub_fail)) -> AF(state_m = blocked_m

, SPEC AG((state_m = available_m & (ctl_3_fail | ctl_sub_fail)) -> AF (state_m = blocked_m

, SPEC AG((state_m = activatable_m & (ctl_3_fail | ctl_sub_fail)) -> AF(state_m = blocked_m

, SPEC AG((state_m = active_m & (ctl_3_fail | ctl_sub_fail)) -> AF(state_m = MRM_m

, Exigences portant sur la fonction Sub_AD Exigences fonctionnelles SPEC AG((state_s=o_s & TGFF1_12) -> AF(state_s=not_available_s

, SPEC AG((state_s=not_available_s & TGFF6_12)-> AF(state_s=available_s

, SPEC AG((state_s = available_s & TGFF11_12) -> AF(state_s = activatable_s

, SPEC AG((state_s = activatable_s & TGFF14_12) -> AF(state_s = not_available_s

, SPEC AG((state_s = activatable_s & TGFF16_12)-> AF(state_s = active_s

, SPEC AG((state_s = active_s & TGFF18_12)-> AF(state_s = not_available_s

, Exigences de sûreté SPEC AG((state_s = not_available_s & (ctl_sub_fail | ctl_ms_fail)) -> AF(state_s = silent_s))

, SPEC AG((state_s = available_s & (ctl_sub_fail | ctl_ms_fail)) -> AF(state_s = silent_s

, SPEC AG((state_s = activatable_s & (ctl_sub_fail | ctl_ms_fail)) -> AF(state_s = silent_s

, SPEC AG((state_s = active_s & (ctl_sub_fail | ctl_ms_fail)) -> AF(state_s = silent_s

, SPEC AG((state_s = not_available_s & (ctl_3_fail | ctl_main_fail)) -> AF(state_s = blocked_s

, SPEC AG((state_s = available_s & (ctl_3_fail | ctl_main_fail)) -> AF(state_s = blocked_s

, SPEC AG((state_s = activatable_s & (ctl_3_fail | ctl_main_fail)) -> AF(state_s = blocked_s

, SPEC AG((state_s = active_s & ctl_3_fail) -> AF(state_s = blocked_s

, SPEC AG((state_s = active_s & ctl_main_fail) -> AF(state_s = MRM_s

, Exigences portant sur la fonction AD-3

, Exigences fonctionnelles SPEC AG((state_3 = o_3 & TGFF1_12) -> AF(state_3 = not_available_3

, SPEC AG((state_3 = not_available_3 & TGFF16_12) -> AF(state_3 = available_3

, SPEC AG((state_3 = available_3 & TGFF18_12) -> AF(state_3 = not_available_3

, Exigences de sûreté SPEC AG((state_3 = not_available_3 & (ctl_sub_fail | ctl_main_fail | ctl_ms_fail)) -> AF(state_3 = blocked_3))

, SPEC AG((state_3 = available_3 & (ctl_sub_fail | ctl_main_fail)) -> AF(state_3 = blocked_3

, SPEC AG((state_3 = not_available_3 & ctl_3_fail) -> AF(state_3 = silent_3

, SPEC AG((state_3 = available_3 & ctl_3_fail) -> AF(state_3 = silent_3

, SPEC AG((state_3 = available_3 & ctl_ms_fail) -> AF(state_3 = MRM_3