TURTLE: Four Weddings and a Tutorial

The paper discusses an educational case study of protocol modelling in TURTLE, a real-time UML profile supported by the open source toolkit TTool. The method associated with TURTLE is step by step illustrated with the connection set up and handover procedures defined for the Future Air navigation Systems. The paper covers the following methodological stages: requirement modeling, use-case driven and scenario based analysis, object-oriented design and rapid prototyping in Java. Emphasis is laid on the formal verification of analysis and design diagrams

Airspace Technology Demonstration 3 (ATD-3): Dynamic Routes for Arrivals in Weather (DRAW) Technology Transfer Document Summary Version 2.0

Airspace Technology Demonstration 3 (ATD-3) is part of NASAs Airspace Operations and Safety Program (AOSP) specifically, its Airspace Technology Demonstrations (ATD) Project. ATD-3 is a multi-year research and development effort which proposes to develop and demonstrate automation technologies and operating concepts that enable air navigation service providers and airspace users to continuously assess weather, winds, traffic, and other information to identify, evaluate, and implement workable opportunities for flight plan route corrections that can result in significant flight time and fuel savings in en route airspace. In order to ensure that the products of this tech-transfer are relevant and useful, NASA has created strong partnerships with the FAA and key industry stakeholders. This summary document and accompanying technology artifacts satisfy the third Research Transition Product (RTP) defined in the Applied Traffic Flow Management (ATFM) Research Transition Team (RTT) Plan, which is Dynamic Routes for Arrivals in Weather (DRAW). This technology transfer consists of artifacts for DRAW Arrival Metering (AM) Operations delivered in June 2018, DRAW AM updates, and DRAW Extended Metering (XM) Operations. Blue highlighting indicates the new or modified deliverables. Some of the artifacts in this technology transfer have distribution restrictions that need to be followed. Distribution information is noted in each section. DRAW is a trajectory-based system that combines the legacy Dynamic Weather Routes (DWR) weather avoidance technology with an arrival-specific rerouting algorithm and arrival scheduler to improve traffic flows on weather-impacted arrival routes into major airports. First, DRAW identifies flights that could be rerouted to more efficient Standard Terminal Arrival Routes (STARs) that may have previously been impacted by weather. Second, when weather is impacting the arrival routing, DRAW proposes simple arrival route corrections that enable aircraft to stay on their flight plan while avoiding weather. The DRAW system proposes reroutes early enough to allow Time Based Flow Management (TBFM) to make the necessary schedule adjustments. As a result, metering operations can be sustained longer and more consistently in the presence of weather because the arrival schedule accounts for the dynamic routing intent of arrival flights to deviate around weather. The first DRAW tech transfer in June 2018 focused on arrival metering operations with the DRAW algorithm implemented in the NASA Center TRACON Automation System (CTAS) automation software. This tech transfer delivery includes updates for DRAW implemented in FAAs TBFM 4.7 automation software and preliminary research into DRAW for XM operations

Software Validation via Model Animation

This paper explores a new approach to validating software implementations that have been produced from formally-verified algorithms. Although visual inspection gives some confidence that the implementations faithfully reflect the formal models, it does not provide complete assurance that the software is correct. The proposed approach, which is based on animation of formal specifications, compares the outputs computed by the software implementations on a given suite of input values to the outputs computed by the formal models on the same inputs, and determines if they are equal up to a given tolerance. The approach is illustrated on a prototype air traffic management system that computes simple kinematic trajectories for aircraft. Proofs for the mathematical models of the system's algorithms are carried out in the Prototype Verification System (PVS). The animation tool PVSio is used to evaluate the formal models on a set of randomly generated test cases. Output values computed by PVSio are compared against output values computed by the actual software. This comparison improves the assurance that the translation from formal models to code is faithful and that, for example, floating point errors do not greatly affect correctness and safety properties

Exploiting programmable architectures for WiFi/ZigBee inter-technology cooperation

The increasing complexity of wireless standards has shown that protocols cannot be designed once for all possible deployments, especially when unpredictable and mutating interference situations are present due to the coexistence of heterogeneous technologies. As such, flexibility and (re)programmability of wireless devices is crucial in the emerging scenarios of technology proliferation and unpredictable interference conditions. In this paper, we focus on the possibility to improve coexistence performance of WiFi and ZigBee networks by exploiting novel programmable architectures of wireless devices able to support run-time modifications of medium access operations. Differently from software-defined radio (SDR) platforms, in which every function is programmed from scratch, our programmable architectures are based on a clear decoupling between elementary commands (hard-coded into the devices) and programmable protocol logic (injected into the devices) according to which the commands execution is scheduled. Our contribution is two-fold: first, we designed and implemented a cross-technology time division multiple access (TDMA) scheme devised to provide a global synchronization signal and allocate alternating channel intervals to WiFi and ZigBee programmable nodes; second, we used the OMF control framework to define an interference detection and adaptation strategy that in principle could work in independent and autonomous networks. Experimental results prove the benefits of the envisioned solution

Unmanned Aircraft Systems in the National Airspace System: A Formal Methods Perspective

As the technological and operational capabilities of unmanned aircraft systems (UAS) have grown, so too have international efforts to integrate UAS into civil airspace. However, one of the major concerns that must be addressed in realizing this integration is that of safety. For example, UAS lack an on-board pilot to comply with the legal requirement that pilots see and avoid other aircraft. This requirement has motivated the development of a detect and avoid (DAA) capability for UAS that provides situational awareness and maneuver guidance to UAS operators to aid them in avoiding and remaining well clear of other aircraft in the airspace. The NASA Langley Research Center Formal Methods group has played a fundamental role in the development of this capability. This article gives a selected survey of the formal methods work conducted in support of the development of a DAA concept for UAS. This work includes specification of low-level and high-level functional requirements, formal verification of algorithms, and rigorous validation of software implementations

The knowledge-based software assistant

Where the Knowledge Based Software Assistant (KBSA) is now, four years after the initial report, is discussed. Also described is what the Rome Air Development Center expects at the end of the first contract iteration. What the second and third contract iterations will look like are characterized

Proceedings of the 1994 Monterey Workshop, Increasing the Practical Impact of Formal Methods for Computer-Aided Software Development: Evolution Control for Large Software Systems Techniques for Integrating Software Development Environments

Office of Naval Research, Advanced Research Projects Agency, Air Force Office of Scientific Research, Army Research Office, Naval Postgraduate School, National Science Foundatio

DAIDALUS: Detect and Avoid Alerting Logic for Unmanned Systems

This paper presents DAIDALUS (Detect and Avoid Alerting Logic for Unmanned Systems), a reference implementation of a detect and avoid concept intended to support the integration of Unmanned Aircraft Systems into civil airspace. DAIDALUS consists of self-separation and alerting algorithms that provide situational awareness to UAS remote pilots. These algorithms have been formally specified in a mathematical notation and verified for correctness in an interactive theorem prover. The software implementation has been verified against the formal models and validated against multiple stressing cases jointly developed by the US Air Force Research Laboratory, MIT Lincoln Laboratory, and NASA. The DAIDALUS reference implementation is currently under consideration for inclusion in the appendices to the Minimum Operational Performance Standards for Unmanned Aircraft Systems presently being developed by RTCA Special Committee 228

Task 10: Research an Alternative Instructional Design Model

Under authority of the Federal Aviation Administration (FAA), the Center of Excellence (COE) Technical Training Human Performance (TTHP) Task 10 research team has prepared a comprehensive technical report and an executive summary for the Air Traffic Organization (ATO) concerning the instructional development (ID) of occupational education and training for Air Traffic (AT) controllers and Technical Operations (TO) technicians. Research included: • Front-end analysis of available FAA courses and government furnished information (GFI), including course-development documentation and associated guidance, policies, and regulations. • Structured and semi-structured data-gathering techniques in cooperation with Instructional Systems Specialists (ISS), ISS Managers, and Requirements personnel. • Informal observations of validation events for Air Traffic training. • Analysis of the relevant literature from academic, government, and industry domains. The executive summary describes the findings and observations of issues directly related to the ID process and potential solutions based on findings from this comparative analysis. The comprehensive report that follows includes these and additional observations and recommendations as well as the project overview, an introduction to best practice research, the research methodology, presentation and analysis of the results, and discussion of the findings and conclusions