Abstract
Mode confusion is a serious problem in aviation safety. Today’s complex avionics systems make it difficult for pilots to maintain awareness of the actual states, or modes, of the flight deck automation. NASA explores how formal methods, especially theorem proving, can be used to discover mode confusion. The present paper investigates whether state-exploration techniques, e.g., model checking, are better able to achieve this task than theorem proving and also to compare the verification tools MurØ, SMV, and Spin for the specific application. While all tools can handle the task well, their strengths are complementary.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
R.E. Bryant. Graph-based algorithms for boolean function manipulation. IEEE Transactions on Computers, C-35(8), 1986.
R.W. Butler, S.P. Miller, J.N. Potts, and V.A. Carreño. A formal methods approach to the analysis of mode confusion. In DASC’ 98, 1998. IEEE.
E.M. Clarke, E.A. Emerson, and A.P. Sistla. Automatic verification of-nitestate concurrent systems using temporal logic specifications. ACM Transactions on Programming Languages and Systems, 8(2):244–263, 1986.
D.L. Dill. The Murphi verification system. In CAV’ 96, vol. 1102 of LNCS, pages 390–393, 1996. Springer-Verlag.
E.A. Emerson. Temporal and modal logic. In Handbook of Theoretical Computer Science, vol. B, pages 995–1072, 1990. North-Holland.
F. Fung and D. Jamsek. Formal specification of a flight guidance system. NASA Contractor Report NASA/CR-1998-206915, 1998.
G. Holzmann. Design and Validation of Computer Protocols. Prentice Hall, 1991.
G. Holzmann. The model checker Spin. IEEE Transactions on Software Engineering, 23(5):279–295, 1997.
N.G. Leveson, L.D. Pinnel, S.D. Sandys, S. Koga, and J.D. Reese. Analyzing software specifications for mode confusion potential. In Workshop on Human Error and System Development, 1997.
G. Luttgen and V.A. Carreño. Murphi, SMV, and Spin models of the mode logic. See http://www.icase.edu/~luettgen/publications/publications.html.
K.L. McMillan. Symbolic Model Checking: An Approach to the State-Explosion Problem. PhD thesis, Carnegie-Mellon University, 1992.
S.P. Miller. Specifying the mode logic of a flight guidance system in CoRE and SCR. In FMSP’ 98, pages44–53, 1998. ACM Press.
S.P. Miller and J.N. Potts. Detecting mode confusion through formal modeling and analysis. NASA Contractor Report NASA/CR-1999-208971, 1999.
Mur-. Project Page at http://sprout.stanford.edu/dill/murphi.html.
D. Naydich and J. Nowakowski. Flight guidance system validation using Spin. NASA Contractor Report NASA/CR-1998-208434, 1998.
S. Owre, J. Rushby, N. Shankar, and F. von Henke. Formal verification for faulttolerant systems: Prolegomena to the design of PVS. IEEE Transactions on Software Engineering, 21(2):107–125, 1995.
SMV. Project Page at http://www.cs.cmu.edu/~modelcheck/smv.html.
Spin. Project Page at http://netlib.bell-labs.com/netlib/spin/whatispin.html.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lüttgen, G., Carreño, V. (1999). Analyzing Mode Confusion via Model Checking. In: Dams, D., Gerth, R., Leue, S., Massink, M. (eds) Theoretical and Practical Aspects of SPIN Model Checking. SPIN 1999. Lecture Notes in Computer Science, vol 1680. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48234-2_9
Download citation
DOI: https://doi.org/10.1007/3-540-48234-2_9
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66499-4
Online ISBN: 978-3-540-48234-5
eBook Packages: Springer Book Archive