research-article

Open access

Analysing sanity of requirements for avionics systems

Authors:

Tomáš KratochvílaAuthors Info & Claims

Formal Aspects of Computing, Volume 28, Issue 1

Pages 45 - 63

https://doi.org/10.1007/s00165-015-0348-9

Published: 01 March 2016 Publication History

Abstract

In the last decade it became a common practice to formalise software requirements to improve the clarity of users’ expectations. In this work we build on the fact that functional requirements can be expressed in temporal logic and we propose new sanity checking techniques that automatically detect flaws and suggest improvements of given requirements. Specifically, we describe and experimentally evaluate approaches to consistency and redundancy checking that identify all inconsistencies and pinpoint their exact source (the smallest inconsistent set). We further report on the experience obtained from employing the consistency and redundancy checking in an industrial environment. To complete the sanity checking we also describe a semi-automatic completeness evaluation that can assess the coverage of user requirements and suggest missing properties the user might have wanted to formulate. The usefulness of our completeness evaluation is demonstrated in a case study of an aeroplane control system.

References

References

[1]

Abadi M, Lamport L, Wolper P (1989) Realizable and unrealizable specifications of reactive systems. In: Proceedings of ICALP, pp 1–17

[2]

Bormann J, Busch H (2009) Method for the determination of the quality of a set of properties, usable for the verification and specification of circuits. U. S. Patent No. 7,571,398 B2

[3]

Barnat J, Bauch P, Brim L (2012) Checking sanity of software requirements. In: Proceedings of SEFM, pp 48–52

[4]

Barnat J, Beran J, Brim L, Kratochvíla T, Ročkai P (2012) Tool chain to support automated formal verification of avionics simulink designs. In: Proceedings of FMICS, pp 78–92

[5]

Barnat J, Brim L, Češka M, Ročkai P (2010) DiVinE: parallel distributed model checker. In: Proceedings of HiBi/PDMC, pp 4–7

[6]

Beer I, Ben-David S, Eisner C, and Rodeh Y Efficient detection of vacuity in temporal model checking Form. Methods Syst. Des 2001 18 2 141-163

Digital Library

[7]

Bloem R, Cimatti A, Greimel K, Hofferek G, Könighofer R, Roveri M, Schuppan V, Seeber R (2010) RATSY—a new requirements analysis tool with synthesis. In: Proceedings of CAV, pp 425–429

[8]

Blom S, Fokkink W, Groote J, van Langevelde I, Lisser B, and van de Pol J μCRL: a toolset for analysing algebraic specifications CAV, vol 2102 of LNCS 2001 New York Springer 250-254

[9]

Chan W, Anderson RJ, Bea P, Burns S, Modugno F, Notkin D, and Reese JD Model checking large software specifications IEEE Trans. Softw Eng 1989 24 498-520

Digital Library

[10]

Cimatti A, Clarke EM, Giunchiglia E, Giunchiglia F, Pistore M, Roveri M, Sebastiani R, and Tacchella A NuSMV 2: an opensource tool for symbolic model checking CAV, vol 2404 of LNCS 2002 New York Springer 241-268

[11]

Chockler H, Kupferman O, Kurshan R, and Vardi MY A practical approach to coverage in model checking CAV, vol 2102 of LNCS 2001 New York Springer 66-78

[12]

Chockler H, Kupferman O, and Vardi MY Coverage metrics for temporal logic model checking TACAS, vol 2031 of LNCS 2001 New York Springer 528-542

[13]

Cimatti A, Roveri M, Schuppan V, Tchaltsev A (2008) Diagnostic information for realizability. In: Proceedings of VMCAI, pp 52–67

[14]

Courcoubetis C, Vardi MY, Wolper P, and Yannakakis M Memory-efficient algorithms for the verification of temporal properties Form. Method Syst. Des 1992 1 275-288

Digital Library

[15]

Dwyer MB, Avrunin GS, Corbett JC (1998) Property specification patterns for finite-state verification. In: Proceedings of FMSP, pp 7–15

[16]

Duret-Lutz A (2011) LTL translation improvements in spot. In: Proceedings of VECoS, pp 72–83

[17]

Feierbach G, Gupta V (2003) True coverage: a goal of verification. In: Proceedings of ISQED, pp 75–78

[18]

Hinchey M, Jackson M, Cousot P, Cook B, Bowen JP, and Margaria T Software engineering and formal methods Communun. ACM 2008 51 54-59

Digital Library

[19]

Heimdahl MPE, Leveson NG (1995) Completeness and consistency analysis of state-based requirements. In: Proceedings of ICSE, pp 3–14

[20]

Katz S, Grumberg O, Geist D (1999) “Have I Written Enough Properties?”—a method of comparison between specification and implementation. In: Proceedings of CHARME, pp 280–297

[21]

Konighofer R, Hofferek G, Bloem R (2009) Debugging formal specifications using simple counterstrategies. In: Proceedings of FMCAD, pp 152–159

[22]

Kupferman O Sanity checks in formal verification CONCUR, vol 4137 of LNCS 2006 New York Springer 37-51

[23]

Kupferman O and Vardi MY Vacuity detection in temporal model checking STTT 2003 4 224-233

[24]

Leveson N (2000) Completeness in formal specification language design for process-control systems. In: Proceedings of FMSP, pp 75–87

[25]

Lynce I, Marques-Silva JP (2004) On computing minimum unsatisfiable cores. In: Proceedings of SAT, pp 305–310

[26]

Liffiton M and Sakallah K Algorithms for computing minimal unsatisfiable subsets of constraints J. Autom. Reasoning 2008 40 1 1-33

Digital Library

[27]

Miller SP, Tribble AC, and Heimdahl MPE Proving the shalls FME, vol 2805 of LNCS 2003 New York Springer 75-93

[28]

Roy S, Das S, Basu P, Dasgupta P, Chakrabarti PP (2005) SAT based solutions for consistency problems in formal property specifications for open systems. In: Proceedings of ICCAD, pp 885–888

[29]

Regimbal S, Lemire J-F, Savaria Y, Bois G, Aboulhamid E, Baron A (2003) Automating functional coverage analysis based on an executable specification. In Proceedings of IWSOC, pp 228–234

[30]

Rozier K and Vardi MY LTL satisfiability checking SPIN, vol 4595 of LNCS 2007 New York Springer 149-167

[31]

Rajan A, Whalen MW, Heimdahl MPE (2007) Model validation using automatically generated requirements-based tests. In: Proceedings of HASE, pp 95–104

[32]

Schuppan V Towards a notion of unsatisfiable and unrealizable cores for LTL Sci. Comput. Program 2012 77 7-8 908-939

Digital Library

[33]

Tasiran S and Keutzer K Coverage metrics for functional validation of hardware designs IEEE Des. Test. Comput 2001 18 4 36-45

Digital Library

[34]

Whalen MW, Rajan A, Heimdahl MPE, Miller SP (2006) Coverage metrics for requirements-based testing. In: Proceedings of ISSTA, pp 25–36

Cited By

Chen XZhang JJin ZZhang MLi TChen XZhou T(2023)Empowering Domain Experts With Formal Methods for Consistency Verification of Safety RequirementsIEEE Transactions on Intelligent Transportation Systems10.1109/TITS.2023.332402224:12(15146-15157)Online publication date: 7-Nov-2023
https://dl.acm.org/doi/10.1109/TITS.2023.3324022
Bendík JMeel K(2023)Hashing-based approximate counting of minimal unsatisfiable subsetsFormal Methods in System Design10.1007/s10703-023-00419-w63:1-3(5-39)Online publication date: 19-Apr-2023
https://dl.acm.org/doi/10.1007/s10703-023-00419-w
Bendík JSencan AGol EČerná I(2021)Timed Automata Relaxation for ReachabilityTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-030-72016-2_16(291-310)Online publication date: 27-Mar-2021
https://dl.acm.org/doi/10.1007/978-3-030-72016-2_16
Show More Cited By

Index Terms

Analysing sanity of requirements for avionics systems
1. Software and its engineering
  1. Software creation and management
    1. Designing software
      1. Requirements analysis
    2. Software verification and validation
  2. Software organization and properties
    1. Software functional properties
2. Theory of computation
  1. Logic
  2. Semantics and reasoning
    1. Program reasoning

Index terms have been assigned to the content through auto-classification.

Recommendations

Exploiting resolution proofs to speed up LTL vacuity detection for BMC

When model-checking reports that a property holds on a model, vacuity detection increases user confidence in this result by checking that the property is satisfied in the intended way. While vacuity detection is effective, it is a relatively expensive ...
LTL satisfiability checking

We report here on an experimental investigation of LTL satisfiability checking via a reduction to model checking. By using large LTL formulas, we offer challenging model-checking benchmarks to both explicit and symbolic model checkers. For symbolic ...
Sanity checks in formal verification
CONCUR'06: Proceedings of the 17th international conference on Concurrency Theory

One of the advantages of temporal-logic model-checking tools is their ability to accompany a negative answer to the correctness query by a counterexample to the satisfaction of the specification in the system. On the other hand, when the answer to the ...

Comments

Information & Contributors

Information

Published In

cover image Formal Aspects of Computing

Formal Aspects of Computing Volume 28, Issue 1

Mar 2016

174 pages

ISSN:0934-5043

EISSN:1433-299X

Issue’s Table of Contents

© British Computer Society 2015.

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 01 March 2016

Accepted: 03 November 2015

Received: 29 August 2013

Published in FAC Volume 28, Issue 1

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
80
Total Downloads

Downloads (Last 12 months)39
Downloads (Last 6 weeks)5

Reflects downloads up to 22 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Chen XZhang JJin ZZhang MLi TChen XZhou T(2023)Empowering Domain Experts With Formal Methods for Consistency Verification of Safety RequirementsIEEE Transactions on Intelligent Transportation Systems10.1109/TITS.2023.332402224:12(15146-15157)Online publication date: 7-Nov-2023
https://dl.acm.org/doi/10.1109/TITS.2023.3324022
Bendík JMeel K(2023)Hashing-based approximate counting of minimal unsatisfiable subsetsFormal Methods in System Design10.1007/s10703-023-00419-w63:1-3(5-39)Online publication date: 19-Apr-2023
https://dl.acm.org/doi/10.1007/s10703-023-00419-w
Bendík JSencan AGol EČerná I(2021)Timed Automata Relaxation for ReachabilityTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-030-72016-2_16(291-310)Online publication date: 27-Mar-2021
https://dl.acm.org/doi/10.1007/978-3-030-72016-2_16
Bendík JMeel K(2020)Approximate Counting of Minimal Unsatisfiable SubsetsComputer Aided Verification10.1007/978-3-030-53288-8_21(439-462)Online publication date: 21-Jul-2020
https://dl.acm.org/doi/10.1007/978-3-030-53288-8_21
Bendík JČerná I(2020)MUST: Minimal Unsatisfiable Subsets Enumeration ToolTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-030-45190-5_8(135-152)Online publication date: 25-Apr-2020
https://dl.acm.org/doi/10.1007/978-3-030-45190-5_8
Iqtidar KAzam FAnwar MAmjad A(2019)Model-Driven approach to Integrate Requirements for Safety-Critical SystemsProceedings of the 7th International Conference on Computer and Communications Management10.1145/3348445.3351305(58-62)Online publication date: 27-Jul-2019
https://dl.acm.org/doi/10.1145/3348445.3351305
Chen XZhong ZJin ZZhang MLi TChen XZhou T(2019)Automating Consistency Verification of Safety Requirements for Railway Interlocking Systems2019 IEEE 27th International Requirements Engineering Conference (RE)10.1109/RE.2019.00040(308-318)Online publication date: Sep-2019
https://doi.org/10.1109/RE.2019.00040
Narizzano MPulina LTacchella AVuotto S(2019)Property specification patterns at work: verification and inconsistency explanationInnovations in Systems and Software Engineering10.1007/s11334-019-00339-115:3-4(307-323)Online publication date: 1-Sep-2019
https://dl.acm.org/doi/10.1007/s11334-019-00339-1
Filipovikj PRodriguez-Navas GNyberg MSeceleanu C(2018)Automated SMT-based consistency checking of industrial critical requirementsACM SIGAPP Applied Computing Review10.1145/3183628.318363017:4(15-28)Online publication date: 29-Jan-2018
https://dl.acm.org/doi/10.1145/3183628.3183630
Cavezza DAlrajeh DGyörgy A(2018)A Weakness Measure for GR(1) FormulaeFormal Methods10.1007/978-3-319-95582-7_7(110-128)Online publication date: 12-Jul-2018
https://doi.org/10.1007/978-3-319-95582-7_7
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents