Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
tree: b4d8dbfefb
Fetching contributors…

Cannot retrieve contributors at this time

81 lines (62 sloc) 4.521 kb
\documentclass[a4paper,10pt]{article}
\usepackage{ucs}
\usepackage[utf8x]{inputenc}
\usepackage[english]{babel}
\usepackage{fontenc}
\usepackage{graphicx}
\usepackage[dvips]{hyperref}
\usepackage{eventB}
\title{Requirements Document\\ProvenLift}
\author{Adrian Friedli\\Alexander Bernauer}
\begin{document}
\maketitle
\newpage
\section{Environmental Assumptions}
First, we enumerate all entities which are relevant to the system.
\env{There is an elevator with a door, a door engine and a cable engine.}
\env{There is a controller which executes the system.}
\env{There is a sequence of N+1 floor which are indexed from 0 to N. The floor with index 0 is at the bottom and the floor with index N is at the top.}
\env{On every floor except the one with index N there is a up-button. On every floor except the one with index 0 there is a down-button.}
\env{In the elevator there are N+1 so called floor buttons indexed from 0 to N.}
\env{For every botton there is a light.}
All the entities have different possible states.
\env{The elevator is either stopped, moving up or moving down.}
\env{The cable engine is either stopped, winding or unwinding.}
\env{The door engine is either opening, closing or stopped.}
\env{The door can be fully open, half open or closed.}
\env{Every button can be pressed or not pressed.}
\env{Every light is either on or off.}
Here are some basic relationships between the entities of the system.
\env{The elevator is either between two consequtive floors or at one floor.}
\env{If the door engine is opening the door status changes from closed to half open and/or from half open to open. If the door engine is closing the door status changes from open to half open and/or from half open to closed. If the door engine is stopped the door status does not change.}
\env{If the cable motor is stopped the elevator is stopped. If the cable motor is winding the elevator moves up. If the cable motor is unwinding the elevator moves down.}
Now we list all input information.
\env{For each entity except the lights there is a sensor which measures the state of the entity.}
\env{There is a sensor, called floor sensor, which measures the index of the floor if the elevator is at that floor. If the elevator is between two floors, the sensor measures the value -1.}
This interconnects the whole system.
\env{The controler can send commands to the cable engine, the door engine and the lights of the buttons in order to alter their state.}
\env{The controller is connected to all buttons, sensors and engines in the system.}
\section{Functional Requirements}
This is the basic functionality of the system.
\fun{Users signal requests for a floor by pressing the corresponding buttons of that floor. Every request is eventually served as the elevator goes to the corresponding floor and opens the door.}
\fun{If all requests are served the elevator waits at the current floor for new requests.}
Now we describe the schedule which is used by the elevator to serve requests.
\fun{There is an elevator schedule which can be either waiting, up or down.}
\fun{If there is no request then the elevator schedule is waiting.}
\fun{If there is no request and then a request for an upper/lower floor is signaled the elevator schedule is set to up/down.}
\fun{The elevator starts to move up/down only if the elevator schedule is up/down.}
\fun{The elevator stops at a floor iff there is a request for that floor.}
Once the elevator decided to schedule upwards it serves all upper floors until it starts to schedule downwards and vice versa.
\fun{The elevator schedule switches from up/down to down/up iff there is no request for a floor further up/down.}
These requirements handle the user interface.
\fun{If a button is pressed the corresponding light goes on.}
\fun{If the light corresponding to a button is on and the elevator is at the floor which corresponds to the button and the door is open, the light goes off.}
Finally, some security requirements.
\fun{When the cable engine is winding or unwinding then the door engine is closing.}
\fun{When the cable engine is winding or unwinding then the door is closed.}
\fun{If the elevator is between two floors the cable engine is not stopped.}
\fun{If the elevator is at the floor with index 0 the elevator will not move further down.}
\fun{If the elevator is at the floor with index N the elevator will not move further up.}
And of course, nobody want's to reboot the elevator ;-)
\fun{Once the system is started it never stops.}
\end{document}
Jump to Line
Something went wrong with that request. Please try again.