Analysing sanity of requirements for avionics systems

Barnat, Jǐŕı; Bauch, Petr; Beneš, Nikola; Brim, Luboš; Beran, Jan; Kratochvíla, Tomáš

doi:10.1007/s00165-015-0348-9

Cited by 20 publications

(21 citation statements)

References 36 publications

(53 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Coverage checking for LTL can be integrated into model checking [11]. Algorithms for automatically checking LTL coverage and completeness have been successfully used in industry for sanity checking, e.g., the requirements for an airplane control system [6].…”

Section: Specification Qualitymentioning

confidence: 99%

Specification: The Biggest Bottleneck in Formal Methods and Autonomy

Rozier

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Advancement of AI-enhanced control in autonomous systems stands on the shoulders of formal methods, which make possible the rigorous safety analysis autonomous systems require. An aircraft cannot operate autonomously unless it has design-time reasoning to ensure correct operation of the autopilot and runtime reasoning to ensure system health management, or the ability to detect and respond to off-nominal situations. Formal methods are highly dependent on the specifications over which they reason; there is no escaping the "garbage in, garbage out" reality. Specification is difficult, unglamorous, and arguably the biggest bottleneck facing verification and validation of aerospace, and other, autonomous systems.This VSTTE invited talk and paper examines the outlook for the practice of formal specification, and highlights the on-going challenges of specification, from design-time to runtime system health management. We exemplify these challenges for specifications in Linear Temporal Logic (LTL) though the focus is not limited to that specification language. We pose challenge questions for specification that will shape both the future of formal methods, and our ability to more automatically verify and validate autonomous systems of greater variety and scale. We call for further research into LTL Genesis. Abstract. Advancement of AI-enhanced control in autonomous systems stands on the shoulders of formal methods, which make possible the rigorous safety analysis autonomous systems require. An aircraft cannot operate autonomously unless it has design-time reasoning to ensure correct operation of the autopilot and runtime reasoning to ensure system health management, or the ability to detect and respond to off-nominal situations. Formal methods are highly dependent on the specifications over which they reason; there is no escaping the "garbage in, garbage out" reality. Specification is difficult, unglamorous, and arguably the biggest bottleneck facing verification and validation of aerospace, and other, autonomous systems. This VSTTE invited talk and paper examines the outlook for the practice of formal specification, and highlights the on-going challenges of specification, from design-time to runtime system health management. We exemplify these challenges for specifications in Linear Temporal Logic (LTL) though the focus is not limited to that specification language. We pose challenge questions for specification that will shape both the future of formal methods, and our ability to more automatically verify and validate autonomous systems of greater variety and scale. We call for further research into LTL Genesis.

show abstract

Section: Specification Qualitymentioning

confidence: 99%

Specification: The Biggest Bottleneck in Formal Methods and Autonomy

Rozier

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Traceability also helps to establish the reason why a particular software algorithm should exist in the product. However, traces alone do not provide ways of ascertaining completeness; the degree to which the requirements have been implemented in the system so far (Barnat et al, 2015). Estimating completeness and other metrics can be complex and time-consuming, yet they are crucial in order to successfully deliver a product that meets the expectations of all of its stakeholders (M. J.…”

Section: Introductionmentioning

confidence: 99%

TORUS: Tracing Complex Requirements for Large Cyber-Physical Systems

Dowdeswell

Sinha

Haemmerle³

2016

2016 21st International Conference on Engineering of Complex Computer Systems (ICECCS)

View full text Add to dashboard Cite

“…Checking for satisfiability (also called consistency) means checking whether all the requirements can be implemented at once. If the set of requirements is unsatisfiable, the extraction of MUSes helps to identify and fix the conflicts among the requirements [5,9].…”

Section: Requirements Analysis Use Case (Ltl)mentioning

confidence: 99%

“…Further improvements to Hou's algorithm were presented later by Han and Lee [24] and by de la Banda et al [17]. A similar solution based on step-by-step traversal of the power set was proposed by Barnat et al [5]. However, the explicit exploration of the power set is the bottleneck for all of these algorithms since the power set is exponentially large w.r.t.…”

Section: Evaluated Algorithmsmentioning

confidence: 99%

“…We selected the three constraint domains because several applications of MUSes arised in these domains recently [26,37,17,4,36,28,35,5,9,1] (below, we provide two example use cases). Also, the three domains vary in the complexity of the satisfiability problem going from relatively effectively solvable NP-complete problem in the SAT domain to PSPACE-complete problem in the LTL domain.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Evaluation of Domain Agnostic Approaches for Enumeration of Minimal Unsatisfiable Subsets

Bendík¹,

Černá²

EPiC Series in Computing

View full text Add to dashboard Cite

In many different applications we are given a set of constraints with the goal to decide whether the set is satisfiable. If the set is determined to be unsatisfiable, one might be interested in analysing this unsatisfiability. Identification of minimal unsatisfiable subsets (MUSes) is a kind of such analysis. The more MUSes are identified, the better insight into the unsatisfiability is obtained. However, the full enumeration of all MUSes is often intractable. Therefore, algorithms that identify MUSes in an online fashion, i.e., one by one, are needed. Moreover, since MUSes find applications in various constraint domains, and new applications still arise, there is a desire for domain agnostic MUS enumeration approaches.In this paper, we present an experimental evaluation of four state-of-the-art domain agnostic MUS enumeration algorithms: MARCO, TOME, ReMUS, and DAA. The evalu- ation is conducted in the SAT, SMT, and LTL constraint domains. The results evidence that there is no silver-bullet algorithm that would beat all the others in all the domains.

show abstract

Analysing sanity of requirements for avionics systems

Cited by 20 publications

References 36 publications

Specification: The Biggest Bottleneck in Formal Methods and Autonomy

Specification: The Biggest Bottleneck in Formal Methods and Autonomy

TORUS: Tracing Complex Requirements for Large Cyber-Physical Systems

Evaluation of Domain Agnostic Approaches for Enumeration of Minimal Unsatisfiable Subsets

Contact Info

Product

Resources

About