Introduction We a r e i n terested in studying the fault diagnostics of platooning vehicles. It is understood that a platoon is a string of vehicles with distributed control strategies. Vehicles rely on real-time control data from other vehicles for correct execution of their control laws. A time-driven system is responsible for delivering the control data. This document formalizes the design and logical veri cation of a fault diagnosis and monitoring system for intra-platoon communication

more »

... ms. The design presented here is motivated by the ideas given in 1, 2, 3, 4 . The design is formally speci ed using the shift programming language, 5, 6, 7, 8 , for networks of hybrid automata. We e m bellish the shift speci cation with the meta language grizzly, 9 . Finally, t h e shift-kronos connection, 9, 1 0 , is used to verify the logical correctness of the design. One advantage of this approach is that the same speci cation is used for both veri cation and simulation. This aspect is emphasized since veri cation of the speci cation refers to the correctness of the underlying logic whereas simulation deals with performance issues. In addition, ongoing research a t P ATH will allow us to generate real-time code suitable for implementation from the same speci cation. The next section summarizes the system requirements for a category of intraplatoon communication systems studied at California PATH. By doing so we try to clarify and state precisely the diagnosis problem that is the subject of the remainder of this report. In Section 3 we revise our mathematical model for general diagnoser systems. In Section 4 we present in detail the complete design of our diagnoser system for intra-platoon communication systems. Section 6