Advertisement

The COMPASS Approach: Correctness, Modelling and Performability of Aerospace Systems

  • Marco Bozzano
  • Alessandro Cimatti
  • Joost-Pieter Katoen
  • Viet Yen Nguyen
  • Thomas Noll
  • Marco Roveri
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5775)

Abstract

We report on a model-based approach to system-software co-engineering which is tailored to the specific characteristics of critical on-board systems for the aerospace domain. The approach is supported by a System-Level Integrated Modeling (SLIM) Language by which engineers are provided with convenient ways to describe nominal hardware and software operation, (probabilistic) faults and their propagation, error recovery, and degraded modes of operation.

Correctness properties, safety guarantees, and performance and dependability requirements are given using property patterns which act as parameterized “templates” to the engineers and thus offer a comprehensible and easy-to-use framework for requirement specification. Instantiated properties are checked on the SLIM specification using state-of-the-art formal analysis techniques such as bounded SAT-based and symbolic model checking, and probabilistic variants thereof. The precise nature of these techniques together with the formal SLIM semantics yield a trustworthy modeling and analysis framework for system and software engineers supporting, among others, automated derivation of dynamic (i.e., randomly timed) fault trees, FMEA tables, assessment of FDIR, and automated derivation of observability requirements.

Keywords

Model Check Linear Temporal Logic Fault Tree Symbolic Model Check Bound Model Check 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Audemard, G., Cimatti, A., Kornilowicz, A., Sebastiani, R.: Bounded Model Checking for Timed Systems. In: Peled, D.A., Vardi, M.Y. (eds.) FORTE 2002. LNCS, vol. 2529. Springer, Heidelberg (2002)Google Scholar
  2. 2.
    Baier, C., Haverkort, B., Hermanns, H., Katoen, J.-P.: Model-checking algorithms for continuous-time Markov chains. IEEE TSE 29(6), 524–541 (2003)zbMATHGoogle Scholar
  3. 3.
    Bertoli, P., Bozzano, M., Cimatti, A.: A Symbolic Model Checking Framework for Safety Analysis, Diagnosis, and Synthesis. In: Edelkamp, S., Lomuscio, A. (eds.) MoChArt IV. LNCS (LNAI), vol. 4428, pp. 1–18. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  4. 4.
    Biere, A., Cimatti, A., Clarke, E., Zhu, Y.: Symbolic Model Checking without BDDs. In: Cleaveland, W.R. (ed.) TACAS 1999. LNCS, vol. 1579, pp. 193–207. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  5. 5.
    Biere, A., Heljanko, K., Junttila, T.A., Latvala, T., Schuppan, V.: Linear encodings of bounded LTL model checking. Logical Methods in Comp. Sc. 2(5) (2006)Google Scholar
  6. 6.
    Boudali, H., Crouzen, P., Stoelinga, M.: Dynamic fault tree analysis using input/output interactive Markov chains. In: DSN, pp. 708–717. IEEE, Los Alamitos (2007)Google Scholar
  7. 7.
    Bozzano, M., Cimatti, A., Nguyen, V.Y., Noll, T., Katoen, J.P., Roveri, M.: Codesign of Dependable Systems: A Component-Based Modeling Language. In: Proc. MEMOCODE 2009 (2009)Google Scholar
  8. 8.
    Bozzano, M., Villafiorita, A.: The FSAP/NuSMV-SA Safety Analysis Platform. International Journal on Software Tools for Technology Transfer 9(1), 5–24 (2007)CrossRefGoogle Scholar
  9. 9.
    Bryant, R.: Symbolic Boolean Manipulation with Ordered Binary Decision Diagrams. ACM Computing Surveys 24(3), 293–318 (1992)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Cavada, R., Cimatti, A., Franzén, A., Kalyanasundaram, K., Roveri, M., Shyamasundar, R.K.: Computing Predicate Abstractions by Integrating BDDs and SMT Solvers. In: Proc. FMCAD, pp. 69–76. IEEE Computer Society, Los Alamitos (2007)Google Scholar
  11. 11.
    Cimatti, A., Roveri, M., Schuppan, V., Tonetta, S.: Boolean abstraction for temporal logic satisfiability. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 532–546. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  12. 12.
    Cimatti, A., Roveri, M., Tonetta, S.: Symbolic Compilation of PSL. IEEE Trans. on CAD of Integrated Circuits and Systems 27(10), 1737–1750 (2008)CrossRefGoogle Scholar
  13. 13.
    Clarke, E., Emerson, E., Sistla, A.: Automatic verification of finite-state concurrrent systems using temporal logic specifications. ACM Transactions on Programming Languages and Systems 8(2), 244–263 (1986)CrossRefzbMATHGoogle Scholar
  14. 14.
    Clarke, E., Grumberg, O., Jha, S., Lua, Y., Veith, H.: Counterexample-guided abstraction refinement for symbolic model checking. JACM, 752–794 (2003)Google Scholar
  15. 15.
    Clarke, E., Grumberg, O., Peled, D.: Model Checking. MIT Press, Cambridge (2000)Google Scholar
  16. 16.
    Dugan, J., Bavuso, S., Boyd, M.: Dynamic fault-tree models for fault-tolerant computer systems. IEEE Transactions on Reliability 41(3), 363–377 (1992)CrossRefzbMATHGoogle Scholar
  17. 17.
    Dwyer, M., Avrunin, G., Corbett, J.: Patterns in property specifications for finite-state verification. In: Proc. ICSE, pp. 411–420. IEEE, Los Alamitos (1999)Google Scholar
  18. 18.
    Eén, N., Sörensson, N.: Temporal induction by incremental SAT solving. Electronic Notes in Theoretical Computer Science 89(4) (2003)Google Scholar
  19. 19.
    The FSAP/NuSMV-SA platform, http://sra.itc.it/tools/FSAP
  20. 20.
    Grunske, L.: Specification patterns for probabilistic quality properties. In: ICSE 2008: Proceedings of the 30th international conference on Software engineering, pp. 31–40. ACM, New York (2008)Google Scholar
  21. 21.
    Hansson, H., Jonsson, B.: A logic for reasoning about time and reliability. Formal Aspects of Computing 6(5), 512–535 (1994)CrossRefzbMATHGoogle Scholar
  22. 22.
    Heljanko, K., Junttila, T.A., Latvala, T.: Incremental and complete bounded model checking for full PLTL. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 98–111. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  23. 23.
    Katoen, J.-P., Khattri, M., Zapreev, I.: A Markov reward model checker. In: QEST, pp. 243–244. IEEE CS, Los Alamitos (2005)Google Scholar
  24. 24.
    Manian, R., Dugan, J., Coppit, D., Sullivan, K.: Combining Various Solution Techniques for Dynamic Fault Tree Analysis of Computer Systems. In: Proc. High-Assurance Systems Engineering Symposium (HASE 1998), pp. 21–28. IEEE Computer Society Press, Los Alamitos (1998)Google Scholar
  25. 25.
  26. 26.
    The NuSMV model checker, http://nusmv.itc.it
  27. 27.
    Pill, I., Semprini, S., Cavada, R., Roveri, M., Bloem, R., Cimatti, A.: Formal analysis of hardware requirements. In: Proc. DAC, pp. 821–826. ACM, New York (2006)Google Scholar
  28. 28.
    Pnueli, A.: A temporal logic of concurrent programs. Th. Comp. Sc. 13, 45–60 (1981)CrossRefzbMATHGoogle Scholar
  29. 29.
    RAT: Requirements Analysis Tool, http://rat.itc.it
  30. 30.
    Architecture Analysis and Design Language (AADL) V2. SAE Draft Standard AS5506 V2, International Society of Automotive Engineers (March 2008)Google Scholar
  31. 31.
    Sigref — A Symbolic Bisimulation Tool, http://sigref.gforge.avacs.org/

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Marco Bozzano
    • 1
  • Alessandro Cimatti
    • 1
  • Joost-Pieter Katoen
    • 2
  • Viet Yen Nguyen
    • 2
  • Thomas Noll
    • 2
  • Marco Roveri
    • 1
  1. 1.Fondazione Bruno KesslerTrentoItaly
  2. 2.Software Modeling and Verification GroupRWTH Aachen UniversityGermany

Personalised recommendations