To support Model Based Design of Cyber-Physical Systems (CPSs) many simulation based approaches to System Level Formal Verification (SLFV) have been devised. Basically, these are Bounded Model Checking approaches (since simulation horizon is of course bounded) relying on simulators to compute the system dynamics and thereby verify the given system properties. The main obstacle to simulation based SLFV is the large number of simulation scenarios to be considered and thus the huge amount of simulation time needed to complete the verification task. To save on computation time, simulation based SLFV approaches exploit the capability of simulators to save and restore simulation states. Essentially, such a time saving is obtained by optimising the simulation script defining the simulation activity needed to carry out the verification task. Although such approaches aim to (bounded) formal verification, as a matter of fact, the proof of correctness of the methods to optimise simulation scripts basically relies on an intuitive semantics for simulation scripting languages. This hampers the possibility of formally showing that the optimisations introduced to speed up the simulation activity do not actually omit checking of relevant behaviours for the system under verification. The aim of this paper is to fill the above gap by presenting an operational semantics for simulation scripting languages and by proving soundness and completeness properties for it. This, in turn, enables formal proofs of equivalence between unoptimised and optimised simulation scripts.

为了支持基于模型的设计的网络-物理系统（CPS的）许多基于模拟的方法来系统级形式化验证（SLFV）已经被设计出来。基本上，这些是有边界的模型检查方法（因为模拟范围当然是有边界的），它们依靠模拟器来计算系统动力学，从而验证给定的系统属性。基于仿真的SLFV的主要障碍是要考虑的仿真场景数量众多，因此完成验证任务需要大量的仿真时间。为了节省计算时间，基于仿真的SLFV方法利用了仿真器的功能来保存和节省恢复模拟状态。本质上，这种时间节省是通过优化模拟脚本来实现的，该脚本定义了执行验证任务所需的模拟活动。尽管此类方法旨在（形式化）形式验证，但事实上，优化仿真脚本的方法的正确性证明基本上依赖于仿真脚本语言的直观语义。这妨碍了形式上表明为加快仿真活动而进行的优化实际上并未忽略对正在验证的系统的相关行为的检查的可能性。本文的目的是通过提供用于仿真脚本语言的操作语义并证明其健全性来填补上述空白和它的完整性属性。反过来，这可以使未经优化和经过优化的仿真脚本之间具有等效性的形式证明。