Abstract
This paper describes the use of Obstacle Analysis to identify anomaly handling requirements for a safety-critical, autonomous system. The software requirements for the system evolved during operations due to an on-going effort to increase the autonomous system’s robustness. The resulting increase in autonomy also increased system complexity. This investigation used Obstacle Analysis to identify and to reason incrementally about new requirements for handling failures and other anomalous events. Results reported in the paper show that Obstacle Analysis complemented standard safety-analysis techniques in identifying undesirable behaviors and ways to resolve them. The step-by-step use of Obstacle Analysis identified potential side effects and missing monitoring and control requirements. Adding an Availability Indicator and feature-interaction patterns proved useful for the analysis of obstacle resolutions. The paper discusses the consequences of these results in terms of the adoption of Obstacle Analysis to analyze anomaly handling requirements in evolving systems.
Similar content being viewed by others
References
Parnas DL, Wurges H (2001) Response to undesired events in software systems. In: Hoffmann DM, Weiss DM (eds) Software fundamentals, collected papers by David L. Parnas, Addison-Wesley, Reading, pp 231–246
Dearden R et al (2002) Contingency planning for planetary rovers. In: Proceedings of the 3rd Int’l NASA workshop planning and scheduling for space, Houston
Johnson T, Sutherland H, Bush S (2001) The TRAC mission manager autonomous control executive. In: Proceedings of the IEEE aerospace conference, Big Sky, MT, USA
van Lamsweerde A, Letier E (2000) Handling obstacles in goal-oriented requirements engineering. IEEE TSE 26(10):978–1005
Whalley M, Freed M, Takahashi M, Christian D, Patterson-Hine A, Schulein G, Harris R (2003) The NASA/Army autonomous rotorcraft project. In: Proceedings place of American helicopter society 59th annual forum, Phoenix, AZ, USA
Letier E, van Lamsweerde A (2002) Agent-based tactics for goal-oriented requirements elaboration. In: Proceedings of the 24th ICSE. ACM Press, New York, pp 83–93
Letier E, van Lamsweerde A (2002) High assurance requires goal orientation. In: Proceedings of the international workshop requirements for high assurance system, Essen, Germany
Easterbrook S, Lutz R, Covington R, Kelly J, Ampo A, Hamilton D (1998) Experiences using lightweight methods for requirements modeling. IEEE Trans Softw Eng 24(I):4–14
Lutz R, Woodhouse R (1997) Requirements analysis using forward and backward search. Ann Softw Eng 3:459–475
Lutz R, Shaw H-Y (1999) Applying adaptive safety analysis techniques. In: Proceedings of the 10th international symposium software reliability Eng (ISSRE’99), Boca Raton, FL, USA
Patterson-Hine A, Hindson W, Sanderfer D, Deb S, Domagala C (2001) A model-based health monitoring and diagnostic system for the UH-60 Helicopter. In: Proceedings of the American helicopter society 57th annual forum. AHS, Washington
Van Lamsweerde A (2004) Goal-oriented requirements engineering: a roundtrip from research to practice. In: Proceedings of the 12th IEEE international requirements engineering conference, Kyoto, Japan
Doerr J (2002) Requirements engineering for product lines. Diploma thesis, University of Kaiserslautern
Mylopoulos J, Chung L, Yu E (1999) From object-oriented to goal-oriented requirements analysis, CACM 31–37
Anton A, Potts C (1998) The use of goals to surface requirements for evolving systems. In: Proceedings of the 20th ICSE, Computer Society, Silver Spring, pp 157–166
Carter A, Anton A, Dagnino A, Williams L (2001) Evolving beyond requirements creep: a risk-based evolutionary prototyping model. In: Proceedings of ISRE, Toronto, Canada, pp 94–101
Cleland-Huang J, Chang C, Christensen M (2003) Event-based traceability for managing evolutionary change. IEEE Trans Softw Eng 29(9):796–810
Bennett K, Rajlich V (2000) Software maintenance and evolution: a roadmap. In: Finkelstein AF (ed) The future of software engineering. ACM Press, New York, pp 75–87
Lehman MM, Ramil JF (2001) Rules and tools for software evolution planning and management. Ann Softw Eng 11:15–44
Feather M, Fickas S (1995) Requirements monitoring in dynamic environments. In: Proceedings of the ICRE, York, UK, pp 140–147
Heninger K (2001) Specifying software requirements for complex systems: new techniques and their application. In: Hoffmann DM, Weiss DM (eds) Software fundamentals, collected papers by David L. Parnas. Addison-Wesley, Reading, pp 111–135
Berry DM, Cheng BHC, Zhang J (2005) The four levels of requirements engineering for and in dynamic adaptive systems. In: Proceedings of the workshop on the design and evolution of autonomic application software, St Louis, MO, USA
Hui B, Liaskos S, Mylopoulos J (2003) Requirements analysis for customizable software goals-skills-preferences framework. In: Proceedings of the 11th IEEE international requirements engineering conference (RE’03), Monterey Bay, CA, USA, pp 117–126
deLemos R (2000) Safety analysis of an evolving software architecture. In: Proceedings of the 5th IEEE International symposium high assurance systems, Computer Society, Silver Spring, pp 159–167
Lutz R, Mikulski I (2003) Operational anomalies as a cause of safety-critical requirements evolution. J Syst Softw 65(2):155–161
Lutz R, Mikulski I (2004) Empirical analysis of safety-critical anomalies during operations. IEEE TSE 30(3):172–180
Brat G, Drusinsky D, Giannakopoulou D, Goldberg A, Havelund K, Lowry M, Pasareanu C, Venet A, Visser W, Washington R (2004) Experimental evaluation of verification and validation tools on Martian rover software. Formal Methods Sys Design 25(2–3):167–198
Chien S et al (2001) Onboard autonomy on the three corner sat mission. In: Proceedings of the international symposium AI, robotics, and automation for space. IEEE, Montreal
Verma V, Langford J, Simmons R (2001) Non-parametric fault identification for space rovers. In: Proceedings of the international symposium AI and robotics in space, Montreal, Quebec, Canada
Fox J, Das S (2000) Safe and sound, artificial intelligence in hazardous applications. AAAI Press, Menlo Park
Schreckenghost D, Malin J, Thronesbery C, Watts G, Fleming L (2001) Adjustable control autonomy for anomaly response in space-based life support systems. In: IJCAI-01 workshop autonomy, delegation and control: interacting with autonomous agents, Seattle, Washington, USA
Software product assurance for autonomy on-board spacecraft, European space agency ESTEC. ftp.estec.esa.nl/pub/tos-qq/qqs/SPAAS/StudyOutputs
Qualtech Systems Inc, http://www.teamqsi.com
Lutz R, Patterson-Hine A, Bajwa A (2006) Tool-supported verification of contingency software design in evolving, autonomous systems. In: Proceedings of the 17th IEEE international symposium software reliability engineering (ISSRE’06), Raleigh, NC, USA
Dixon RW, Hill T, Williams KA, Kahle W, Patterson-Hine A, Hayden S (2003) Demonstration of an SLI vehicle health management system with in-flight and ground-based subsystem interfaces. In: Proceedings of the IEEE aerospace conference, Big Sky
Acknowledgments
The research described in this paper was carried out in part at the Jet Propulsion Laboratory, California Institute of Technology, under a contract with the National Aeronautic and Space Administration and funded by NASA’s Office of Safety and Mission Assurance Software Assurance Research Program. The first author’s research is supported in part by National Science Foundation Grants 0204139, 0205588, and 0541163. The authors thank Matt Whalley and the other members of the Autonomous Rotorcraft Project team for sharing their expertise and enthusiasm. The authors thank QSI for assistance with the TEAMS toolset. The first author also thanks Martin Feather and Axel van Lamsweerde for insightful feedback on an early draft.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Lutz, R., Patterson-Hine, A., Nelson, S. et al. Using obstacle analysis to identify contingency requirements on an unpiloted aerial vehicle. Requirements Eng 12, 41–54 (2007). https://doi.org/10.1007/s00766-006-0039-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00766-006-0039-4