Formalizing Space Shuttle software requirements: Four case studies

ACM Transactions on Software Engineering and Methodology

Volumn 7, Issue 3, 1998, Pages 296-332

  Crow, Judith ^a   Di Vito, Ben ^b  

^a SRI INTERNATIONAL   (United States)

^b VIGYAN INC   (United States)

Author keywords

D.2.1 Software Engineering : Requirements Specifications methodologies; F.3.1 Logics and Meanings of Programs : Specifying and Verifying and Reasoning about Programs logics of programs; Mechanical verification; Specification techniques; Tools

Indexed keywords

COMPUTER PROGRAMMING; FORMAL LOGIC; MATHEMATICAL MODELS; REQUIREMENTS ENGINEERING; SPACE SHUTTLES; TECHNOLOGY TRANSFER; THEOREM PROVING;

FLIGHT SOFTWARE SUBSYSTEMS; FORMAL METHODS; REQUIREMENT ANALYSIS; STATE EXPLORATION;

COMPUTER AIDED SOFTWARE ENGINEERING;

EID: 0032108080     PISSN: 1049331X     EISSN: None     Source Type: Journal    
DOI: 10.1145/287000.287023     Document Type: Article

References (43)

1. AGERHOLM, S. AND LARSEN, P. G. 1997. Modeling and validating SAFER in VDM-SL. In Proceedings of the 4th NASA Langley Formal Methods Workshop (LFM '97) (Hampton, VA, Sept.), C. M. Holloway and K. J. Hayhurst, Eds. NASA Langley Research Center, Hampton, VA, 51-64. Available via http://atb-www.larc.nasa.gov/lfm97/proceedings.
2. ALUR, R. AND HENZINGER, T. A., EDS. 1996. Computer-Aided Verification (CAV '96) (New Brunswick, NJ, July-Aug.). Lecture Notes in Computer Science, vol. 1102. Springer-Verlag, New York, NY.
3. BROCK, B., KAUFMANN, M., AND MOORE, J. S. 1996. ACL2 theorems about commercial microprocessors. In Formal Methods in Computer-Aided Design (FMCAD '96) (Palo Alto, CA, Nov.), M. Srivas and A. Camilleri, Eds. Lecture Notes in Computer Science, vol. 1166. Springer-Verlag, New York, NY, 275-293.
4. BROOKES, T., FITZGERALD, J., AND LARSEN, P. 1996. Formal and informal specification of a secure system component: Final results in a comparative study. In Formal Methods Europe (FME '96) (Oxford, England, Mar.). Lecture Notes in Computer Science, vol. 1051. Springer-Verlag, New York, NY, 214-227.
5. BUTLER, R. W., CALDWELL, J. L., CARREÑO, V. A., HOLLOWAY, C. M., MINER, P. S., AND DI VITO, B. L. 1995. NASA Langley's research and technology transfer program in formal methods. In Proceedings of the 10th Annual Conference on Computer Assurance (COMPASS '95) (Gaithersburg, MD, June 1995), 135-149.
6. CLARKE, E. M., GERMAN, S. M., AND ZHAO, X. 1996a. Verifying the SRT division algorithm using theorem proving techniques. In Computer-Aided Verification (CAV '96) (New Brunswick, NJ, July/Aug.), R. Alur and T. A. Henzinger, Eds. Lecture Notes in Computer Science, vol. 1102. Springer-Verlag, New York, NY, 111-122.
7. CLARKE, E., WING, J. M., ALUR, R., CLEAVELAND, R., DILL, D., EMERSON, A., GARLAND, S., GERMAN, S., GUTTAG, J., HALL, A., HENZINGER, T., HOLZMANN, G., JONES, C., KURSHAN, R., LEVESON, N., MCMILLAN, K., MOORE, J., PELED, D., PNUELI, A., RUSHBY, J., SHANKAR, N., SIFAKIS, J., SISTLA, P., STEFFEN, B., WOLPER, P., WOODCOCK, J., AND ZAVE, P. 1996b. Formal methods: State of the art and future directions. ACM Comput. Surv. 28, 4 (Dec.), 626-643.
8. CRAIGEN, D., GERHART, S., AND RALSTON, T. 1993a. An international survey of industrial applications of formal methods. Vol. 1, Purpose, approach, analysis and conclusions. Tech. Rep. NIST GCR 93/626. National Institute of Standards and Technology, Gaithersburg, MD.
9. CRAIGEN, D., GERHART, S., AND RALSTON, T. 1993b. An international survey of industrial applications of formal methods. Vol. 2, Case studies. Tech. Rep. NIST GCR 93/626. National Institute of Standards and Technology, Gaithersburg, MD.
10. CROW, J. 1995. Finite-state analysis of space shuttle contingency guidance requirements. Tech. Rep. SRI-CSL-95-17, Computer Science Laboratory, SRI International, Menlo Park, CA. Also available as Contractor Rep. 4741, NASA Langley Research Center, Hampton, VA, May 1996.
11. CURZON, P. 1994. The formal verification of the Fairisle ATM switching element: An overview. Tech. Rep. 328, Univ. of Cambridge Computer Laboratory, Cambridge, UK. Available via http://www.cl.cam.ac.uk/users/pc/el1tr94.html
12. DI VITO, B. L. 1996. Formalizing new navigation requirements for NASA's space shuttle. In Formal Methods Europe (FME '96) (Oxford, England, Mar.). Lecture Notes in Computer Science, vol. 1051. Springer-Verlag, New York, NY, 160-178.
13. DI VITO, B. L. AND ROBERTS, L. W. 1996. Using formal methods to assist in the requirements analysis of the space shuttle GPS change request. Contractor Rep. 4752, NASA Langley Research Center, Hampton, VA.
14. DILL, D. L. 1996. The Murø verification system. In Computer-Aided Verification (CAV '96) (New Brunswick, NJ, July/Aug.), R. Alur and T. A. Henzinger, Eds. Lecture Notes in Computer Science, vol. 1102. Springer-Verlag, New York, NY, 390-393.
15. DILL, D. L., DREXLER, A. J., HU, A. J., AND YANG, C. H. 1992. Protocol verification as a hardware design aid. In Proceedings of the 1992 IEEE International Conference on Computer Design: VLSI in Computers and Processors (Cambridge, MA, Oct. 11-14). IEEE Computer Society, Washington, DC, 522-525.
16. DUTERTRE, B. AND STAVRIDOU, V. 1997. Formal requirements analysis of an avionics control system. IEEE Trans. Softw. Eng. 23, 5 (May), 267-278.
17. HAMILTON, D., COVINGTON, R., AND KELLY, J. 1995a. Experiences in applying formal methods to the analysis of software and system requirements. In Proceedings of the Workshop on Industrial-Strength Formal Specification Techniques (WIFT '95) (Boca Raton, FL). IEEE Computer Society, Washington, DC, 30-43.
18. HAMILTON, D., COVINGTON, R., AND LEE, A. 1995b. Experience report on requirements reliability engineering using formal methods. In Proceedings of the International Conference on Software Reliability Engineering (ISSRE '95) (Toulouse, France). IEEE Computer Society, Washington, DC.
19. HAVELUND, K. AND SHANKAR, N. 1996. Experiments in theorem proving and model checking for protocol verification. In Formal Methods Europe (FME '96) (Oxford, England, Mar.). Lecture Notes in Computer Science, vol. 1051. Springer-Verlag, New York, NY, 662-681.
20. HEIMDAHL, M. P. E. AND LEVESON, N. G. 1996. Completeness and consistency in hierarchical state-based requirements. IEEE Trans. Softw. Eng. 22, 6 (June), 363-377.
21. HENINGER, K. L. 1980. Specifying software requirements for complex systems: New techniques and their application. IEEE Trans. Softw. Eng. SE-6, 1 (Jan.), 2-13.
22. HINCHEY, M. G. AND BOWEN, J. P., EDS. 1995. Applications of Formal Methods. Prentice-Hall International Series in Computer Science. Prentice Hall International (UK) Ltd., Hertfordshire, UK.
23. HINCHEY, M. G. AND BOWEN, J. P., EDS. 1997. Industrial Strength Formal Methods. Academic Press, Inc., Orlando, FL.
24. IP, C. N. AND DILL, D. L. 1993. Better verification through symmetry. In Proceedings of the llth Conference on Computer Hardware Description Languages and Their Applications (CHDL '93). International Federation for Information Processing, Laxenburg, Austria, 87-100.
25. JACKY, J. 1995. Specifying a safety-critical control system in Z. IEEE Trans. Softw. Eng. 21, 2 (Feb.), 99-106.
26. KROPF, T., ED. 1997. Formal Hardware Verification: Methods and Systems in Comparison. Springer Lecture Notes in Computer Science, vol. 1287. Springer-Verlag, New York, NY.
27. LADKIN, P. B. 1995. Analysis of a technical description of the airbus A320 braking system. High Integrity Syst. 1, 4, 331-349.
28. LUTZ, R. R. AND AMPO, Y. 1994. Experience report: Using formal methods for requirements analysis of critical spacecraft software. In Proceedings of the 19th Annual Software Engineering Workshop. NASA GSFC, Greenbelt, MD, 231-248.
29. k86 floating-point division algorithm. Tech. Rep. Available via http://devil.ece.utexas.edu:80/∼lynch/divide/divide_paper.ps
30. NASA. 1993. Formal methods demonstration project for space applications - Phase I case study: Space Shuttle orbit DAP jet select. NASA Code Q Final Rep (Unnumbered), National Aeronautics and Space Administration, Washington, DC. Jet Select requirements specification appears as Appendix B.
31. NRCC. 1993. An Assessment of Space Shuttle Flight Software Development Practices. National Academy Press, Washington, DC.
32. OWRE, S., RUSHBY, J., SHANKAR, N., AND VON HENKE, F. 1995. Formal verification for fault-tolerant architectures: Prolegomena to the design of PVS. IEEE Trans. Softw. Eng. 21, 2 (Feb.), 107-125.
33. OWRE, S., SHANKAR, N., AND RUSHBY, J. M. 1993a. User Guide for the PVS Specification and Verification System. Vol. 1, Language Reference Manual. Computer Science Laboratory, SRI International, Menlo Park, CA.
34. OWRE, S., SHANKAR, N., AND RUSHBY, J. M. 1993b. User Guide for the PVS Specification and Verification System. Vol. 2, System Reference Manual. Computer Science Laboratory, SRI International, Menlo Park, CA.
35. OWRE, S., SHANKAR, N., AND RUSHBY, J. M. 1993c. User Guide for the PVS Specification and Verification System. Vol. 3, Prover Reference Manual. Computer Science Laboratory, SRI International, Menlo Park, CA.
36. PARNAS, D. L. 1995. Using mathematical models in the inspection of critical software. In Applications of Formal Methods, M. G. Hinchey and J. P. Bowen, Eds. Prentice-Hall International Series in Computer Science. Prentice Hall International (UK) Ltd., Hertford-shire, UK, 17-31.
37. ROBERTS, L. W. AND BEIMS, M. 1996. Using formal methods to assist in the requirements analysis of the space shuttle HAC change request (CR90960E). JSC Tech. Rep. Loral Space Information Systems, Houston, TX.
38. RUSHBY, J. 1996. Automated deduction and formal methods. In Computer-Aided Verification (CAV '96) (New Brunswick, NJ, July/Aug.), R. Alur and T. A. Henzinger, Eds. Lecture Notes in Computer Science, vol. 1102. Springer-Verlag, New York, NY, 169-183.
39. SCHNEIDER, F., EASTERBROOK, S., CALLAHAN, J., AND HOLZMANN, G. 1998. Validating requirements for fault tolerant systems using model checking. In Proceedings of the 3rd International Conference on Requirements Engineering (ICRE '98). IEEE Computer Society, Washington, DC.
40. SREEMANI, T. AND ATLEE, J. M. 1996. Feasibility of model checking software requirements. In Proceedings of the 11th Annual Conference on Computer Assurance (Gaithersburg, MD, June). IEEE Computer Society, Washington, DC, 77-88.
41. SRIVAS, M. K. AND MILLER, S. P. 1995. Formal verification of the AAMP5 microprocessor. In Applications of Formal Methods, M. G. Hinchey and J. P. Bowen, Eds. Prentice-Hall International Series in Computer Science. Prentice Hall International (UK) Ltd., Hertford-shire, UK, 125-180.
42. SRIVAS, M. K. AND MILLER, S. P. 1996. Applying formal verification to the AAMP5 microprocessor: A case study in the industrial use of formal methods. Formal Methods Syst. Des. 8, 2, 153-188.
43. VAN SCHOUWEN, A. J. 1990. The A-7 requirements model: Re-examination for real-time systems and an application to monitoring systems. Tech. Rep. 90-276, Dept. of Computing and Information Science. Queen's University, Kingston, Ontario, Canada.