• Corpus ID: 239016788

A Methodology for Developing a Verifiable Aircraft Engine Controller from Formal Requirements

  title={A Methodology for Developing a Verifiable Aircraft Engine Controller from Formal Requirements},
  author={Matt Luckcuck and Marie Farrell and Oisin Sheridan and Rosemary Monahan},
Verification of complex, safety-critical systems is a significant challenge. Manual testing and simulations are often used, but are only capable of exploring a subset of the system’s reachable states. Formal methods are mathematically-based techniques for the specification and development of software, which can provide proofs of properties and exhaustive checks over a system’s state space. In this paper, we present a formal requirements-driven methodology, applied to a model of an aircraft… 
FRETting about Requirements: Formalised Requirements for an Aircraft Engine Controller
The use of FRET is evaluated to bridge the communication gap between formal methods experts and aerospace industry specialists and the journey from ambiguous, natural-language requirements to concise, formalised FRET requirements is described.
Towards Refactoring FRETish Requirements
Like software, requirements evolve and change frequently during the development process. Refactoring is the process of reorganising software without changing its behaviour, to make it easier to


Formal verification of control systems' properties with theorem proving
This paper presents the deductive formal verification of high-level properties of control systems with theorem proving, using the Why3 tool, and presents a methodology to specify the properties in the model and a library of relevant assertion blocks (logic expressions), currently in development.
Compositional Verification of Architectural Models
A design flow and supporting tools to significantly improve the design and verification of complex cyber-physical systems and the compositional reasoning framework that is developed for proving the correctness of a system design are described.
Formal Verification of Discrete-Time MATLAB/Simulink Models Using Boogie
This paper presents an automatic transformation of discrete-time Matlab/Simulink models into the intermediate verification language Boogie, which enables them to use the Boogie verification framework and inductive invariant checking for the automatic formal verification of Mat lab/SimULink models.
Requirements Analysis of a Quad-Redundant Flight Control System
The goal of this paper is to show the benefits of a compositional verification approach applied to a realistic avionics system and to demonstrate the effectiveness of the AGREE tool in performing this analysis.
A PVS-Simulink Integrated Environment for Model-Based Analysis of Cyber-Physical Systems
The ultimate aim of this work is to facilitate the introduction of formal verification technologies in the software development process of cyber-physical systems, which typically requires the integrated use of different formalisms and tools.
Integrating Formal Verification and Assurance: An Inspection Rover Case Study
This paper uses the AdvoCATE assurance case tool to guide the analyses and to integrate the artifacts from the formal methods that it uses, namely: fret, cocosim and Event-B, to develop a justifiable assurance case.
Deductive Verification of Hybrid Control Systems Modeled in Simulink with KeYmaera X
An approach to map the informally defined execution semantics of hybrid Simulink models into the formally well-defined semantics of differential dynamic logic ( Open image in new window ); in doing so, this work provides a formal foundation for Simulinks, and enables deductive formal verification of hybridSimulinks models with an interactive theorem prover for hybrid systems.
Tool for Translating Simulink Models into Input Language of a Model Checker
A tool is presented that automatically translates certain Simulink models into input language of a suitable model checker and formal verification of safety critical avionics components becomes faster and less error prone with this tool.
Bit-precise formal verification of discrete-time MATLAB/Simulink Models using SMT Solving
This approach enables a combination of bounded model checking and inductive invariant checking for the automatic verification of Matlab/Simulink models and successfully verified the absence of one of the most common errors, i.
A corroborative approach to verification and validation of human–robot teams
Conducting formal verification (model checking), simulation-based testing, and user validation in experiments with a real robot allows V&V of the human–robot interaction task at different levels of modeling detail and thoroughness of exploration, thus overcoming the individual limitations of each technique.