A Formally Verified Hybrid System for the Next-Generation Airborne Collision Avoidance System

  • Jean-Baptiste Jeannin
  • Khalil Ghorbal
  • Yanni Kouskoulas
  • Ryan Gardner
  • Aurora Schmidt
  • Erik Zawadzki
  • André Platzer
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9035)

Abstract

The Next-Generation Airborne Collision Avoidance System (ACAS X) is intended to be installed on all large aircraft to give advice to pilots and prevent mid-air collisions with other aircraft. It is currently being developed by the Federal Aviation Administration (FAA). In this paper we determine the geometric configurations under which the advice given by ACAS X is safe under a precise set of assumptions and formally verify these configurations using hybrid systems theorem proving techniques. We conduct an initial examination of the current version of the real ACAS X system and discuss some cases where our safety theorem conflicts with the actual advisory given by that version, demonstrating how formal, hybrid approaches are helping ensure the safety of ACAS X. Our approach is general and could also be used to identify unsafe advice issued by other collision avoidance systems or confirm their safety.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Chludzinski, B.J.: Evaluation of TCAS II version 7.1 using the FAA fast-time encounter generator model. Tech. Rep. ATC-346, MIT Lincoln Laboratory (April 2009)Google Scholar
  2. 2.
    Dowek, G., Muñoz, C., Carreño, V.: Provably safe coordinated strategy for distributed conflict resolution. In: AIAA Guidance Navigation, and Control Conference and Exhibit (2005)Google Scholar
  3. 3.
    von Essen, C., Giannakopoulou, D.: Analyzing the next generation airborne collision avoidance system. In: Ábrahám, E., Havelund, K. (eds.) TACAS 2014. LNCS, vol. 8413, pp. 620–635. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  4. 4.
    Federal Aviation Administration: Introduction to TCAS II, version 7.1 (February 2011)Google Scholar
  5. 5.
    Federal Aviation Administration TCAS Program Office: Algorithm design description for the surveillance and tracking module of ACAS X, run12 (July 2014)Google Scholar
  6. 6.
    Federal Aviation Administration TCAS Program Office: Algorithm design description for the threat resolution module of ACAS X, version 3 Rev. 1 (May 2014)Google Scholar
  7. 7.
    Galdino, A.L., Muñoz, C., Ayala-Rincón, M.: Formal verification of an optimal air traffic conflict resolution and recovery algorithm. In: Leivant, D., de Queiroz, R. (eds.) WoLLIC 2007. LNCS, vol. 4576, pp. 177–188. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. 8.
    Ghorbal, K., Jeannin, J.B., Zawadzki, E., Platzer, A., Gordon, G.J., Capell, P.: Hybrid theorem proving of aerospace systems: Applications and challenges. Journal of Aerospace Information Systems (2014)Google Scholar
  9. 9.
    Holland, J.E., Kochenderfer, M.J., Olson, W.A.: Optimizing the next generation collision avoidance system for safe, suitable, and acceptable operational performance. Air Traffic Control Quarterly (2014)Google Scholar
  10. 10.
    Jeannin, J.B., Ghorbal, K., Kouskoulas, Y., Garnder, R., Schmidt, A., Zawadzki, E., Platzer, A.: A formally verified hybrid system for the next-generation airborne collision avoidance system. Tech. Rep. CMU-CS-14-138, School of Computer Science, Carnegie Mellon University, Pittsburgh, PA (2014), http://reports-archive.adm.cs.cmu.edu/anon/2014/CMU-CS-14-138.pdf, KeYmaera files available at http://www.ls.cs.cmu.edu/pub/acasx.zip
  11. 11.
    Kochenderfer, M.J., Espindle, L.P., Kuchar, J.K., Griffith, J.D.: Correlated encounter model for cooperative aircraft in the national airspace system version 1.0. Tech. Rep. ATC-344, MIT Lincoln Laboratory (October 2008)Google Scholar
  12. 12.
    Kochenderfer, M.J., Chryssanthacopoulos, J.P.: Robust airborne collision avoidance through dynamic programming. Tech. Rep. ATC-371, MIT Lincoln Laboratory (January 2010)Google Scholar
  13. 13.
    Kochenderfer, M.J., Holland, J.E., Chryssanthacopoulos, J.P.: Next generation airborne collision avoidance system. Lincoln Laboratory Journal 19(1), 17–33 (2012)Google Scholar
  14. 14.
    Kochenderfer, M.J., Monath, N.: Compression of optimal value functions for Markov decision processes. In: Data Compression Conference, Snowbird, Utah (2013)Google Scholar
  15. 15.
    Loos, S.M., Renshaw, D.W., Platzer, A.: Formal verification of distributed aircraft controllers. In: HSCC, pp. 125–130. ACM (2013)Google Scholar
  16. 16.
    Lygeros, J., Lynch, N.: On the formal verification of the TCAS conflict resolution algorithms. In: IEEE Decision and Control, vol. 2, pp. 1829–1834. IEEE (1997)Google Scholar
  17. 17.
    Platzer, A.: Differential dynamic logic for hybrid systems. J. Autom. Reas. 41(2), 143–189 (2008)CrossRefMATHMathSciNetGoogle Scholar
  18. 18.
    Platzer, A.: Logical Analysis of Hybrid Systems: Proving Theorems for Complex Dynamics. Springer (2010)Google Scholar
  19. 19.
    Platzer, A.: Logics of dynamical systems. In: LICS, pp. 13–24. IEEE (2012)Google Scholar
  20. 20.
    Platzer, A., Clarke, E.M.: Formal verification of curved flight collision avoidance maneuvers: A case study. In: Cavalcanti, A., Dams, D.R. (eds.) FM 2009. LNCS, vol. 5850, pp. 547–562. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  21. 21.
    Platzer, A., Quesel, J.-D.: KeYmaera: A hybrid theorem prover for hybrid systems (System description). In: Armando, A., Baumgartner, P., Dowek, G. (eds.) IJCAR 2008. LNCS (LNAI), vol. 5195, pp. 171–178. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  22. 22.
    Tomlin, C., Pappas, G.J., Sastry, S.: Conflict resolution for air traffic management: A study in multiagent hybrid systems. IEEE Transactions on Automatic Control 43(4), 509–521 (1998)CrossRefMATHMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2015

Authors and Affiliations

  • Jean-Baptiste Jeannin
    • 1
  • Khalil Ghorbal
    • 1
  • Yanni Kouskoulas
    • 2
  • Ryan Gardner
    • 2
  • Aurora Schmidt
    • 2
  • Erik Zawadzki
    • 1
  • André Platzer
    • 1
  1. 1.Carnegie Mellon UniversityPittsburghUSA
  2. 2.The Johns Hopkins University Applied Physics LaboratoryLaurelUSA

Personalised recommendations