Skip to main content
SpringerLink
Log in

Proving the Shalls

  • Conference paper
  • First Online:
FME 2003: Formal Methods (FME 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2805))

Included in the following conference series:

Abstract.

This paper describes an experiment conducted to determine how effectively formal methods could be used to capture and validate the requirements of a typical embedded system. A model of the mode logic of a Flight Guidance System was specified in the RSML − e notation and translated into the NuSMV model checker and the PVS theorem prover. These tools were then used to verify several hundred properties of the RSML − e model. In the process, several errors were discovered and corrected in the original model. This demonstrates that formal requirements models can be written for real problems and that formal analysis tools have matured to the point where they can be used to find errors before implementation. It also points out a clear relationship between requirements stated informally as "shalls", formal properties, and requirements models.

This project was partially funded by the NASA Langley Research Center under contract NCC1-01001 of the Aviation Safety Program.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Brooks, F.: No Silver Bullet: Essence and Accidents of Software Engineering. IEEE Computer, Los Alamitos (April 1987)

    Google Scholar 

  2. Boehm, B.: Software Engineering Economics. Prentice-Hall, Englewood Cliffs (1981)

    MATH  Google Scholar 

  3. Davis, A.: Software Requirements (Revised): Object, Functions, and States. Prentice-Hall, Englewood Cliffs (1993)

    Google Scholar 

  4. van Schouwen, A.: The A-7 Requirements Model: Re-examination for Real-Time Systems and an Application to Monitoring Systems, Technical Report 90-276, Queens University, Hamilton, Ontario (1990)

    Google Scholar 

  5. Ramamoorthy, C., Prakesh, A., Tsai, W., Usuda, Y.: Software Engineering: Problems and Perspectives, October 1984, pp. 191–209. IEEE Computer, Los Alamitos (1984)

    Google Scholar 

  6. Leveson, N.: Safeware: System Safety and Computers. Addison-Wesley Publishing Company, Reading (1995)

    Google Scholar 

  7. Lutz, R.: Analyzing Software Requirements Errors in Safety-Critical, Embedded, Systems. In: IEEE International Symposium on Requirements Engineering, San Diego, CA (January 1993)

    Google Scholar 

  8. Heitmeyer, C., Jeffords, R., Labaw, B.: Automated Consistency Checking of Requirements Specification. ACM Transactions on Software Engineering and Methodology (TOSEM) 5(3), 231–261 (1996)

    Article  Google Scholar 

  9. Parnas, D., Madey, J.: Functional Documentation for Computer Systems Engineering (Vol. 2), Technical Report CRL 237, McMaster University, Hamilton, Ontario (September 1991)

    Google Scholar 

  10. Faulk, S., Brackett, J., Ward, P., Kirby, J.: The CoRE Method for Real-Time Requirements. IEEE Software 9(5), 22–33 (1992)

    Article  Google Scholar 

  11. Faulk, S., Finneran, L., Kirby, J., Shah, S., Sutton, J.: Experience Applying the CoRE Method to the Lockheed C-130J Software Requirements. In: Proceedings of the Ninth Annual Conference on Computer Assurance, Gaithersburg, MD, June 1994, pp. 3–8 (1994)

    Google Scholar 

  12. Leveson, N., Heimdahl, M., Hildreth, H., Reese, J.: Requirements Specifications for Process- Control Systems. IEEE Transactions on Software Engineering 20(9), 684–707 (1994)

    Article  Google Scholar 

  13. Harel, H., Naamad, A.: The STATEMATE Semantics of Statecharts. ACM Transactions on Software Engineering and Methodology 5(4), 293–333 (1996)

    Article  Google Scholar 

  14. Miller, S.: Specifying the Mode Logic of a Flight Guidance System in CoRE and SCR. In: Proceedings of The Second Annual Workshop on Formal Methods in Software Practice (FMSP 1998), Clearwater Beach, Florida, March 4-5 (1998)

    Google Scholar 

  15. Butler, R., Miller, S., Potts, J., Carreno, V.: A Formal Methods Approach to the Analysis of Mode Confusion. In: Proceedings of the 17th AIAA/IEEE Digital Avionics Systems Conference, Bellevue, WA (October 1998)

    Google Scholar 

  16. Miller, S., Tribble, A.: A Methodology for Improving Mode Awareness in Flight Guidance Design. In: Proceedings of the 21st Digital Avionics Systems Conference (DASC 2002), Irvine, CA (October 2002)

    Google Scholar 

  17. Tribble, A., Lempia, D., Miller, S.: Software Safety Analysis of a Flight Guidance System. In: Proceedings of the 21st Digital Avionics Systems Conference (DASC 2002), Irvine, CA (October 2002)

    Google Scholar 

  18. Thompson, J., Heimdahl, M., Miller, S.: Specification Based Prototyping for Embedded Systems. In: Nierstrasz, O., Lemoine, M. (eds.) ESEC 1999 and ESEC-FSE 1999. LNCS, vol. 1687, p. 163. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  19. Berry, G., Gonthier, G.: The Synchronous Programming Lanugage Esterel: Design, Semantics, and Implementation. Science of Computer Programming 19, 87–152 (1992)

    Article  Google Scholar 

  20. Thompson, J., Heimdahl, M., Miller, S.: Specification Based Prototyping for Embedded Systems. In: Nierstrasz, O., Lemoine, M. (eds.) ESEC 1999 and ESEC-FSE 1999. LNCS, vol. 1687, p. 163. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  21. Clarke, E., Grumberg, O., Peled, P.: Model Checking. The MIT Press, Cambridge (2001)

    Book  Google Scholar 

  22. Anonymous, NuSMV Home Page, http://nusmv.irst.itc.it/

  23. Owre, S., Rushby, J., Shankar, N., Henke, F.: Formal Verification for Fault-Tolerant Architectures: Prolegomena to the Design of PVS. IEEE Transactions on Software Engineering 21(2), 107–125 (1995)

    Article  Google Scholar 

  24. Anonymous, PVS Home Page, http://www.csl.sri.com/projects/pvs/

  25. Miller, S., Tribble, A., Carlson, T., Danielson, E.: Flight Guidance System Requirements Specification Final Report, NASA Contractor Report (November 2001)

    Google Scholar 

  26. Heimdahl, M., Rayadurgam, S., Choi, Y., Joshi, A., Devaraj, G.: Proof and Model Checking Tools Final Report, NASA Contractor Report (November 2002)

    Google Scholar 

  27. Tribble, A.: FGS Safety Analysis Final Report, NASA Contractor Report (November 2002)

    Google Scholar 

  28. Billings, C.: Aviation Automation: the Search for a Human Centered Approach. Lawrence Erlbaum Associates, Inc., Mahwah (1997)

    Google Scholar 

  29. Sarter, N., Woods, D.: Pilot Interaction with Cockpit Automation: Operational Experiences with the Flight Management System. The International Journal of Aviation Psychology 2(4), 303–331 (1992)

    Article  Google Scholar 

  30. Sarter, N., Woods, D.: Pilot Interaction with Cockpit Automation II: An Experimental Study of Pilots’ Model and Awareness of the Flight Management System. The International Journal of Aviation Psychology 4(1), 1–28 (1994)

    Article  Google Scholar 

  31. Sarter, N., Woods, D.: How in the World Did I Ever Get Into That Mode? Mode Error and Awareness in Supervisory Control, Human Factors 37(1), 5–19 (1995)

    Google Scholar 

  32. Miller, S.: Taxonomy of Mode Confusion Sources Final Report, NASA Contractor Report (February 2001)

    Google Scholar 

  33. Leveson, N., et al.: Analyzing Software Specifications for Mode Confusion Potential. In: Johnson, C.W. (ed.) Proceedings of a Workshop on Human Error and System Development, Glasgow, Scotland, March 1997, pp. 132–146 (1997)

    Google Scholar 

  34. Rushby, J.: Analyzing Cockpit Interfaces Using Formal Methods. Electronic Notes in Theoretical Computer Science 43 (2001), URL: http://wwww.elsevier.nl/locate/entcs/volume43.html

  35. Rushby, J.: Using Model Checking to Help Discover Mode Confusions and Other Automation Surprises. In: The Proceedings of the 3rd Workshop on Human Error, Safety, and System Development (HESSD 1999), Liege, Belgium, June 7-8 (1999)

    Google Scholar 

  36. Rushby, J., Crow, J., Palmer, E.: An Automated Method to Detect Potential Mode Confusion. In: The Proceedings of the 18th AIAA/IEEE Digital Avionics Systems Conference (DASC), St. Louis, MO (October 1999)

    Google Scholar 

  37. Miller, S., Joshi, A.: FGS Mode Awareness Final Report, NASA Contractor Report (November 2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Rockwell Collins, 400 Collins Road NE, 52498, Cedar Rapids, Iowa, USA

    Steven P. Miller & Alan C. Tribble

  2. Department of Computer Science and Engineering, University of Minnesota, 4-192 EE/CSci Bldg, 200 Union Street S.E., 55455, Minneapolis, Minnesota, USA

    Mats P. E. Heimdahl

Authors
  1. Steven P. Miller
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alan C. Tribble
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mats P. E. Heimdahl
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Communication Engineering, Graduate School of Information Science and Electrical Engineering, Kyushu University, 6-10-1-Hakozaki, Higashi-ku, 812-8581, Fukuoka, Japan

    Keijiro Araki

  2. Istituto di Scienza e Tecnologie dell’Informazione “A. Faedo”, ISTI - CNR, Pisa, Italy

    Stefania Gnesi

  3. Dipartimento di Elettronica e Informazione, Politecnico di Milano, Italy

    Dino Mandrioli

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Miller, S.P., Tribble, A.C., Heimdahl, M.P.E. (2003). Proving the Shalls. In: Araki, K., Gnesi, S., Mandrioli, D. (eds) FME 2003: Formal Methods. FME 2003. Lecture Notes in Computer Science, vol 2805. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45236-2_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-45236-2_6

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-40828-4

  • Online ISBN: 978-3-540-45236-2

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation