Our work is integrated into a global methodology to design synchronously executed embedded critical systems. It is used for the development of medical devices implanted into human body to perform functional electrical stimulation solutions (used in pacemakers, deep brain stimulation...). These systems are of course critical and real time, and the reliability of their behaviors must be guaranteed. These medical devices are implemented into a programmable logic circuit in a synchronous way, which allows efficient implementation (space, consumption and actual parallelism of tasks execution). This paper presents a solution that helps to prove that the behavior of the implemented system respects a set of properties, using Petri nets for modeling and analysis purposes. But one problem in formal methods is that the hardware target and the implementation strategy can have an influence on the execution of the system, but is usually not considered in the modeling and verification processes. Resolving this issue is the goal of this article. Our work has two main results: an operational one, and a theoretical one. First, we can now design critical controllers with hard safety or real time constraints, being sure the behavior is still guaranteed during the execution. Second, this work broadens the scope of expressivity and analyzability of Petri nets extensions. Until then, none managed in the same formalism, both for modeling and analysis, all the characteristics we have considered (weights on arcs, specific test and inhibitor arcs, interpretation, and time intervals, including the management of effective conflicts and the blocking of transitions).

我们的工作被整合到设计同步执行的嵌入式关键系统的全球方法中。它用于开发植入人体的医疗设备，以执行功能性电刺激解决方案（用于心脏起搏器、深部脑刺激……）。这些系统当然是关键的和实时的，必须保证其行为的可靠性。这些医疗设备以同步方式实现到可编程逻辑电路中，从而实现高效实现（空间、消耗和任务执行的实际并行性）。本文提出了一个解决方案，该解决方案使用 Petri 网进行建模和分析，有助于证明所实现系统的行为尊重一组属性。但是形式化方法的一个问题是硬件目标和实现策略会对系统的执行产生影响，但通常在建模和验证过程中没有考虑。解决这个问题是本文的目标。我们的工作有两个主要结果：操作性结果和理论性结果。首先，我们现在可以设计具有硬安全或实时约束的关键控制器，确保在执行期间仍然保证行为。其次，这项工作拓宽了 Petri 网扩展的表现力和可分析性的范围。在那之前，没有人以相同的形式管理，无论是建模还是分析，我们考虑的所有特征（弧上的权重，特定测试和抑制弧，解释和时间间隔，