Experiences and lessons from the analysis of TCAS II

Author:
Mats P. E. Heimdahl

Department of Computer Science, Wells Hall A-714, Michigan State University, East Lansing, MI

Department of Computer Science, Wells Hall A-714, Michigan State University, East Lansing, MI
View Profile

ISSTA '96: Proceedings of the 1996 ACM SIGSOFT international symposium on Software testing and analysisMay 1996Pages 79–83https://doi.org/10.1145/229000.226304

Published:01 May 1996Publication History

ISSTA '96: Proceedings of the 1996 ACM SIGSOFT international symposium on Software testing and analysis

Pages 79–83

ABSTRACT

This report highlights some of the experiences gathered while analyzing the requirements specification for a commercial avionics system called TCAS II (Traffic alert and Collision Avoidance System II) for consistency and completeness. Completeness in this context is defined as a complete set of requirements, that is, there is a behavior specified for every possible input and input sequence.Under the leadership of Dr. Nancy G. Leveson, the Irvine Safety Research Group has developed a state-based requirements specification language RSML (Requirements State Machine Language) using TCAS II as a testbed [6]. The TCAS requirements specification project was very successful; RSML was well liked by all participants in the project, and the formal specification has been adopted as the official TCAS II requirements. The requirements document has been delivered to the FAA and has undergone an extensive independent validation and verification effort (IV&V).In a previous investigation, we defined procedures for analyzing state-based requirements specifications for completeness and consistency [5]. To demonstrate that our approach is feasible and is applicable to realistic systems, we have implemented a draft analysis tool and we have applied the analysis to the TCAS II requirements. The initial results from the analysis effort were encouraging [4, 5] and scaled well to a large requirements specification. The most complex parts of the TCAS requirements specification have recently been analyzed. Even though the effort was largely successful, some limitations with the approach have surfaced. Most importantly, the accuracy of the analysis algorithms needs improvement. When analyzing the most complex parts of the TCAS requirements, the number of spurious error reports can occasionally be overwhelming. Furthermore, we discovered that once the analysis has identified problems, it has been unexpectedly difficult to correct some of them.

References

1.R. E. Bryant. Graph-based algorithms for boolean function manipulation. IEEE Transactions on Computers, C-35(8):677-691, August 1986. Google ScholarDigital Library
2.D. Harel. Statecharts: A visual formalism for complex systems. Science of Computer Programming, 8:231-274, 1987. Google ScholarDigital Library
3.D. Harel. On visual formalisms. Communications of the ACM, 31(5):514-530, May 1988. Google ScholarDigital Library
4.Mats P.E. Heimdahl. Static Analysis of State- Based Requirements: Analysis for Completeness and Consistency. PhD thesis, University of California, Irvine, 1994. Google ScholarDigital Library
5.Mats P.E. Heimdahl and Nancy G. Leveson. Completeness and Consistency Analysis of State-Based Requirements. In Proceedings of the 17th International Conference on Software Engineering, April 1995. Google ScholarDigital Library
6.N. G. Leveson, M. P.E. Heimdahl, H. Hildrcth, and J. D. Reese. Requirements specification for processcontrol systems. IEEE Transactions on Software Engineering, 20(9), September 1994. Google ScholarDigital Library

Index Terms

Experiences and lessons from the analysis of TCAS II
1. Social and professional topics
  1. Professional topics
    1. Management of computing and information systems
      1. Project and people management
        Systems analysis and design
2. Software and its engineering
  1. Software creation and management

Recommendations

Experiences and lessons from the analysis of TCAS II

This report highlights some of the experiences gathered while analyzing the requirements specification for a commercial avionics system called TCAS II (Traffic alert and Collision Avoidance System II) for consistency and completeness. Completeness in ...
Read More
Experiences with analysis of formal specifications in Astral
RTCSA '97: Proceedings of the 4th International Workshop on Real-Time Computing Systems and Applications

An important issue in the design and implementation of real-time software is the verification of (temporal) properties. Our research of the past few years focused on requirements specification of real-time software and the use of tools in modeling and ...
Read More
Experiences in applying formal methods to the analysis of software and system requirements
WIFT '95: Proceedings of the 1st Workshop on Industrial-Strength Formal Specification Techniques

In an effort to improve the quality of software and system requirements, formal methods (FM) is being investigated by NASA because evidence existed that FM is useful in creating consistent and verifiable specifications. This investigation of FM consists ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
ISSTA '96: Proceedings of the 1996 ACM SIGSOFT international symposium on Software testing and analysis
May 1996
294 pages
ISBN:0897917871
DOI:10.1145/229000
Editors:
Steve J. Zeil
Old Dominion Univ., Norfolk, VA
,
Will Tracz
Loral Federal Systems, Owego, NY
ACM SIGSOFT Software Engineering Notes Volume 21, Issue 3
May 1996
293 pages
ISSN:0163-5948
DOI:10.1145/226295
Editors:
Steven J. Zeil
Old Dominion Univ., Norfolk, VA
,
Will Tracz
Loral Federal Systems, Owego, NY
Issue’s Table of Contents
Copyright © 1996 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 1 May 1996
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- Article
Conference

Acceptance Rates
Overall Acceptance Rate58of213submissions,27%
Upcoming Conference
ISSTA '24

Sponsor:

sigsoft

33rd ACM SIGSOFT International Symposium on Software Testing and Analysis

September 16 - 20, 2024

Vienna , Austria
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 14
  Total Citations
  View Citations
- 559
  Total Downloads
- Downloads (Last 12 months)38
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Experiences and lessons from the analysis of TCAS II

ISSTA '96: Proceedings of the 1996 ACM SIGSOFT international symposium on Software testing and analysis

ABSTRACT

References

Cited By

Index Terms

Recommendations

Experiences and lessons from the analysis of TCAS II

Experiences with analysis of formal specifications in Astral

Experiences in applying formal methods to the analysis of software and system requirements