Reducing V&V Cost of Flight Critical Systems: Myth or Reality?

This paper presents an overview of NASA research program on the V&V of flight critical systems. Five years ago, NASA started an effort to reduce the cost and possibly increase the effectiveness of V&V for flight critical systems. It is the right time to take a look back and realize what progress has been made. This paper describes our overall approach and the tools introduced to address different phases of the software lifecycle. For example, we have improved testing by developing a statistical learning approach tor defining test cases. The tool automatically identifies possible unsafe conditions by analyzing outliers in output data; using an iterative learning process, it can then generate more test cases that represent potentially unsafe regions of operation. At the code level, we have developed and made available as open source a static analyzer for C and C++ programs called IKOS. We have shown that IKOS is very precise in the analysis of embedded C programs (very few false positives) and a bit less for regular C and C++ code. At the design level, in collaboration with our NRA partners, we have developed a suite of analysis tools for Simulink models. The analysis is done in a compositional framework for scalability

An overview of the V&V of Flight-Critical Systems effort at NASA

As the US is getting ready for the Next Generation (NextGen) of Air Traffic System, there is a growing concern that the current techniques for verification and validation will not be adequate for the changes to come. The JPDO (in charge of implementing NextGen) has given NASA a mandate to address the problem and it resulted in the formulation of the V&V of Flight-Critical Systems effort. This research effort is divided into four themes: argument-based safety assurance, distributed systems, authority and autonomy, and, software intensive systems. This paper presents an overview of the technologies that will address the problem

Advanced Software V&V for Civil Aviation and Autonomy

With the advances in high-computing platform (e.g., advanced graphical processing units or multi-core processors), computationally-intensive software techniques such as the ones used in artificial intelligence or formal methods have provided us with an opportunity to further increase safety in the aviation industry. Some of these techniques have facilitated building safety at design time, like in aircraft engines or software verification and validation, and others can introduce safety benefits during operations as long as we adapt our processes. In this talk, I will present how NASA is taking advantage of these new software techniques to build in safety at design time through advanced software verification and validation, which can be applied earlier and earlier in the design life cycle and thus help also reduce the cost of aviation assurance. I will then show how run-time techniques (such as runtime assurance or data analytics) offer us a chance to catch even more complex problems, even in the face of changing and unpredictable environments. These new techniques will be extremely useful as our aviation systems become more complex and more autonomous

Verifying the Safety of a Flight-Critical System

This paper describes our work on demonstrating verification technologies on a flight-critical system of realistic functionality, size, and complexity. Our work targeted a commercial aircraft control system named Transport Class Model (TCM), and involved several stages: formalizing and disambiguating requirements in collaboration with do- main experts; processing models for their use by formal verification tools; applying compositional techniques at the architectural and component level to scale verification. Performed in the context of a major NASA milestone, this study of formal verification in practice is one of the most challenging that our group has performed, and it took several person months to complete it. This paper describes the methodology that we followed and the lessons that we learned.Comment: 17 pages, 5 figure

The Alteration History of Clovis Class Rocks in Gusev Crater as Determined by Ti-Normalzed Mass Balance Analysis

The West Spur Clovis class rocks in Gusev Crater are some of the most altered rocks in Gusev Crater and likely contain a mixed sulfate and phyllosilicate mineralogy [1,2]. The high S and Cl content of the Clovis rocks suggests that acidic vapors or fluids of H2SO4 and HCl reacted with the Clovis parent rock to form Ca, Mg,- sulfates, iron-oxyhydroxides and secondary aluminosilicates (approx.60 wt.%) of a poorly crystalline nature (e.g., allophane) [1]. Up to 14-17 wt.% phyllosilicates (e.g., kaolinite, chlorite, serpentine) are hypothesized to exist in the Clovis materials suggesting that Clovis parent materials while possibly exposed to acidic pHs were likely neutralized by basalt dissolution which resulted in mildly acidic pHs (4-6) [1, 2]. This work proposes that subsequent to the alteration of the Clovis rocks, alteration fluids became concentrated in ions resulting in the addition of silicate and salts. The objective of this work is to utilize Ti-normalized mass balance analysis to evaluate (1) mineral gains and losses and (2) elemental gains and losses in the Clovis rocks. Results of this work will be used evaluate the nature of geochemical conditions that affect phyllosilicate and sulfate formation at Gusev crater

IKOS: A Framework for Static Analysis based on Abstract Interpretation (Tool Paper)

The RTCA standard (DO-178C) for developing avionic software and getting certification credits includes an extension (DO-333) that describes how developers can use static analysis in certification. In this paper, we give an overview of the IKOS static analysis framework that helps developing static analyses that are both precise and scalable. IKOS harnesses the power of Abstract Interpretation and makes it accessible to a larger class of static analysis developers by separating concerns such as code parsing, model development, abstract domain management, results management, and analysis strategy. The benefits of the approach is demonstrated by a buffer overflow analysis applied to flight control systems

Adaptive Stress Testing of Airborne Collision Avoidance Systems

This paper presents a scalable method to efficiently search for the most likely state trajectory leading to an event given only a simulator of a system. Our approach uses a reinforcement learning formulation and solves it using Monte Carlo Tree Search (MCTS). The approach places very few requirements on the underlying system, requiring only that the simulator provide some basic controls, the ability to evaluate certain conditions, and a mechanism to control the stochasticity in the system. Access to the system state is not required, allowing the method to support systems with hidden state. The method is applied to stress test a prototype aircraft collision avoidance system to identify trajectories that are likely to lead to near mid-air collisions. We present results for both single and multi-threat encounters and discuss their relevance. Compared with direct Monte Carlo search, this MCTS method performs significantly better both in finding events and in maximizing their likelihood

Pollen viability, germination and pollination in Myristica fatua Houtt. var. magnifica (Beddome) Sinclair - a threatened taxon of Western Ghats, India

A study of anthesis, pollen viability and pollination in Myristica fatua var. magnifica showed that anthesis took place early in the morning and anther dehiscence about 36-48 h prior to anthesis. The pollen grains held inside the flower get released as a cloud at the time of anthesis. Male flowers are shed 36-48 h after anthesis. The pollen grains are sticky, pilated in sculpture, spherical and without any visible aperture. Pollen germination commenced 2 h after dusting the grains on slides containing sucrose solution and was completed in about 6 h. Maximum germination (67.3 per cent) was obtained in 5% sucrose solution and the length of pollen tube was also maximum in this concentration. The stained and unstained pollen grains varied in size and the former measured more than the latter. The viability of freshly collected pollen as determined by their stainability in acetocarmine was 94.3 per cent. Among the 10 species of insects collected from trees during flowering, Cremastogaster sp., Sima nigra and Syrphissp. were most common. &nbsp

The unusual 2006 dwarf nova outburst of GK Perseii

The 2006 outburst of GK Perseii differed significantly at optical and ultraviolet wavelengths from typical outbursts of this object. We present multi-wavelength (X-ray, UV and optical) Swift and AAVSO data, giving unprecedented broad-band coverage of the outburst, allowing us to follow the evolution of the longer-than-normal 2006 outburst across these wavelengths. In the optical and UV we see a triple-peaked morphology with maximum brightness ~1.5 magnitudes lower than in previous years. In contrast, the peak hard X-ray flux is the same as in previous outbursts. We resolve this dichotomy by demonstrating that the hard X-ray flux only accounts for a small fraction of the total energy liberated during accretion, and interpret the optical/UV outburst profile as arising from a series of heating and cooling waves traversing the disc, caused by its variable density profile.Comment: 9 pages, 7 figures, accepted for publication in MNRA