Formal Methods in Industry

The application of formal methods in industry has progressed extensively over the past decade and the results are promising. But despite these achievements and it have been documented in numerous studies, it is still very common the skepticism about its usefulness and applicability. The goal of this paper is to show that its evolution over the past decade exceeds all previous processes and each time they do a better job to satisfy industrial needs. This is achieved by the description of some experiments and the result of various applications in industry and through an analyzing of the needs of companies that must be satisfy the research community in this field

Fourth NASA Langley Formal Methods Workshop

This publication consists of papers presented at NASA Langley Research Center's fourth workshop on the application of formal methods to the design and verification of life-critical systems. Topic considered include: Proving properties of accident; modeling and validating SAFER in VDM-SL; requirement analysis of real-time control systems using PVS; a tabular language for system design; automated deductive verification of parallel systems. Also included is a fundamental hardware design in PVS

ADGS-2100 Adaptive Display and Guidance System Window Manager Analysis

Recent advances in modeling languages have made it feasible to formally specify and analyze the behavior of large system components. Synchronous data flow languages, such as Lustre, SCR, and RSML-e are particularly well suited to this task, and commercial versions of these tools such as SCADE and Simulink are growing in popularity among designers of safety critical systems, largely due to their ability to automatically generate code from the models. At the same time, advances in formal analysis tools have made it practical to formally verify important properties of these models to ensure that design defects are identified and corrected early in the lifecycle. This report describes how these tools have been applied to the ADGS-2100 Adaptive Display and Guidance Window Manager being developed by Rockwell Collins Inc. This work demonstrates how formal methods can be easily and cost-efficiently used to remove defects early in the design cycle

Flight Guidance System Validation Using SPIN

To verify the requirements for the mode control logic of a Flight Guidance System (FGS) we applied SPIN, a widely used software package that supports the formal verification of distributed systems. These requirements, collectively called the FGS specification, were developed at Rockwell Avionics & Communications and expressed in terms of the Consortium Requirements Engineering (CoRE) method. The properties to be verified are the invariants formulated in the FGS specification, along with the standard properties of consistency and completeness. The project had two stages. First, the FGS specification and the properties to be verified were reformulated in PROMELA, the input language of SPIN. This involved a semantics issue, as some constructs of the FGS specification do not have well-defined semantics in CoRE. Then we attempted to verify the requirements' properties using the automatic model checking facilities of SPIN. Due to the large size of the state space of the FGS specification an exhaustive state space analysis with SPIN turned out to be impossible. So we used the supertrace model checking procedure of SPIN that provides for a partial analysis of the state space. During this process, we found some subtle errors in the FGS specification

Formal Methods Specification and Analysis Guidebook for the Verification of Software and Computer Systems

This guidebook, the second of a two-volume series, is intended to facilitate the transfer of formal methods to the avionics and aerospace community. The 1st volume concentrates on administrative and planning issues [NASA-95a], and the second volume focuses on the technical issues involved in applying formal methods to avionics and aerospace software systems. Hereafter, the term "guidebook" refers exclusively to the second volume of the series. The title of this second volume, A Practitioner's Companion, conveys its intent. The guidebook is written primarily for the nonexpert and requires little or no prior experience with formal methods techniques and tools. However, it does attempt to distill some of the more subtle ingredients in the productive application of formal methods. To the extent that it succeeds, those conversant with formal methods will also nd the guidebook useful. The discussion is illustrated through the development of a realistic example, relevant fragments of which appear in each chapter. The guidebook focuses primarily on the use of formal methods for analysis of requirements and high-level design, the stages at which formal methods have been most productively applied. Although much of the discussion applies to low-level design and implementation, the guidebook does not discuss issues involved in the later life cycle application of formal methods

Development of an evaluation technique for strapdown guidance systems Interim scientific report

Evaluation technique to measure performance of strapdown guidance systems designed for unmanned interplanetary mission

Advanced Integrated Power and Attitude Control System (IPACS) study

Integrated Power and Attitude Control System (IPACS) studies performed over a decade ago established the feasibility of simultaneously satisfying the demands of energy storage and attitude control through the use of rotating flywheels. It was demonstrated that, for a wide spectrum of applications, such a system possessed many advantages over contemporary energy storage and attitude control approaches. More recent technology advances in composite material rotors, magnetic suspension systems, and power control electronics have triggered new optimism regarding the applicability and merits of this concept. This study is undertaken to define an advanced IPACS and to evaluate its merits for a space station application. System and component designs are developed to establish the performance of this concept and system trade studies conducted to examine the viability of this approach relative to conventional candidate systems. It is clearly demonstrated that an advanced IPACS concept is not only feasible, but also offers substantial savings in mass and life-cycle cost for the space station mission

Design-driven Development of Dependable Applications: A Case Study in Avionics

International audienceMaking an application dependable demands that its functional and non-functional requirements be stringently fulfilled throughout its development process. In this context, a design-driven development approach has the key advantage of enabling requirements to be traced from their high-level design forms to the resulting executable artifact. However, because such approaches are mostly general purpose, they provide little design guidance, if any. This situation makes unpredictable the coherence and the conformance of an application with respect to its requirements. To address this situation, we propose an approach that leverages a design-driven development process dedicated to a specific paradigm. This approach guides the verification of the coherence and conformance of an application throughout its development. We demonstrate the benefits of our approach by applying it to a realistic case study in the avionics domain

The 1982 NASA/ASEE Summer Faculty Fellowship Program

A NASA/ASEE Summer Faculty Fellowship Research Program was conducted to further the professional knowledge of qualified engineering and science faculty members, to stimulate an exchange of ideas between participants and NASA, to enrich and refresh the research and teaching activities of participants' institutions, and to contribute to the research objectives of the NASA Centers