1 Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin Challenges in the Verification of Pre-Existing Aerospace Systems.

Slides:

Advertisements

Similar presentations

CSC321: Introduction to Neural Networks and Machine Learning Lecture 24: Non-linear Support Vector Machines Geoffrey Hinton.

Advertisements

NEURAL NETWORKS Perceptron

ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.

Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.

May 11, ACL2 Panel: What is the Future of Theorem Proving? Arvind Computer Science & Artificial Intelligence Laboratory.

The Future of Formal: Academic, IC, EDA, and Software Perspectives Ziyad Hanna VP of Research and Chief Architect Jasper Design Automation Ziyad Hanna.

Robust Hybrid and Embedded Systems Design Jerry Ding, Jeremy Gillula, Haomiao Huang, Michael Vitus, and Claire Tomlin MURI Review Meeting Frameworks and.

1 Introduction to Computability Theory Lecture15: Reductions Prof. Amos Israeli.

Understand the football simulation source code. Understand the football simulation source code. Learn all the technical specifications of the system components.

Chapter 1 pp 1-14 Properties of Algorithms Pseudocode.

1 Compositional Verification of Hybrid Systems Using Simulation Relations Doctorate Defense Goran Frehse Radboud Universiteit, Nijmegen, Oct. 10, 2005.

Unit 2 Lesson 3 Models and Simulations. To Be a Model Scientist … Use Models! Copyright © Houghton Mifflin Harcourt Publishing Company Why do scientists.

School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification

Reinforcement Learning (1)

SMART OBJECTS Greg Berryman Erin Cavanaugh Mary Beth Mathias Matt Tryniecki.

TCAS Basics Capt Craig Hinkley. 2 TCAS HISTORY  Two planes collided over the Grand Canyon  Alternative airborne version using transponders.

TCAS SSGT Hromek. TCAS = Traffic Collision Avoidance System.

Improving the TCAS System: A Work Domain Analysis Approach (TCAS: Traffic Alerts and Collision Avoidance System) Course: COG SCI 600 Instructor: Prof.

FASEP Presents Is FASEP a 6-sensors or an 8-sensors type Measuring Device?

ECE 720T5 Winter 2014 Cyber-Physical Systems Rodolfo Pellizzoni.

Process Flowsheet Generation & Design Through a Group Contribution Approach Lo ï c d ’ Anterroches CAPEC Friday Morning Seminar, Spring 2005.

Swarat Chaudhuri Roberto Lublinerman Pennsylvania State University Sumit Gulwani Microsoft Research CAUCHY Continuity analysis of programs.

Outline Announcements: –Homework I on web, due Fri., 5PM by –Small error on homework –Wed and Fri in ACCEL, Attendance required –LAST DAY TO ADD/DROP!

Copyright © 2010, 2007, 2004 Pearson Education, Inc. Chapter 6 Normal Probability Distributions 6-1 Review and Preview 6-2 The Standard Normal.

An Automated Airspace Concept for the Next Generation Air Traffic Control System Todd Farley, David McNally, Heinz Erzberger, Russ Paielli SAE Aerospace.

(c) 2007 Mauro Pezzè & Michal Young The Big Picture.

West Virginia University Towards Practical Software Reliability Assessment for IV&V Projects B. Cukic, E. Gunel, H. Singh, V. Cortellessa Department of.

SUPERCOMPUTING CHALLENGE KICKOFF 2015 A Model for Computational Science Investigations Oct 2015 © challenge.org Supercomputing Around.

On the computation of the defining polynomial of the algebraic Riccati equation Yamaguchi Univ. Takuya Kitamoto Cybernet Systems, Co. LTD Tetsu Yamaguchi.

A Model for Computational Science Investigations Supercomputing Challenge

December 9, 2014Computer Vision Lecture 23: Motion Analysis 1 Now we will talk about… Motion Analysis.

Writing Systems Software in a Functional Language An Experience Report Iavor Diatchki, Thomas Hallgren, Mark Jones, Rebekah Leslie, Andrew Tolmach.

Quality Assurance.

Seven Myths of Formal Methods - by Anthony Hall, Praxis Systems Presented by Shanmughapriya Senthil.

1 V&V Needs for NextGen of 2025 and Beyond A JPDO Perspective Maureen Keegan JPDO Integration Manager October 13, 2010.

Author: Alex Groce, Daniel Kroening, and Flavio Lerda Computer Science Department, Carnegie Mellon University Pittsburgh, PA Source: R. Alur and.

CSCI1600: Embedded and Real Time Software Lecture 8: Modeling III: Hybrid Systems Steven Reiss, Fall 2015.

Open Incremental Model Checking (OIMC) and the Role of Contracts Model-Based Programming and Verification.

CSCI1600: Embedded and Real Time Software Lecture 28: Verification I Steven Reiss, Fall 2015.

One Sample Mean Inference (Chapter 5)

1 Effects of Error, Variability, Testing and Safety Factors on Aircraft Safety Erdem Acar, Amit Kale and Raphael T. Haftka

Higher Computing Science 2016 Prelim Revision. Topics to revise Computational Constructs parameter passing (value and reference, formal and actual) sub-programs/routines,

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

COMPUTER SCIENCE AND AIRPLANES - TRAFFIC COLLISION AVOIDANCE SYSTEM (TCAS) YIXIN ZENG.

Christoph F. Eick: Thoughts on the Rook Project Challenges of Playing Bridge Well 

1 Roma, 3-5 April 2006 – ASAS TN2, 2 nd Workshop, Session 1 – When ASAS meets ACAS When ASAS meets ACAS Thierry Arino (Sofréavia, IAPA Project Manager)

Cognitive & Organizational Challenges of Big Data in Cyber Defence. YALAVARTHI ANUSHA 1.

Big Data Quality Panel Norman Paton University of Manchester.

Reasoning in Psychology Using Statistics Psychology

Solving Weakened Cryptanalysis Problems for the Bivium Keystream Generator in the Volunteer Computing Project Oleg Zaikin, Alexander Semenov,

Speaker: Nansen Huang VLSI Design and Test Seminar (ELEC ) March 9, 2016 Simulation-Based Equivalence Checking.

A Model for Computational Science Investigations Supercomputing Challenge 2007.

WoPANets: Decision-support Tool for real-time Networks Design

Aircraft Sequencing Problem Near Terminal Area

Oleg Zaikin, Alexander Semenov, Mikhail Posypkin

Albert M. K. Cheng Embedded Real-Time Systems

Coupling and Cohesion 1.

Unit 2 Lesson 3 Models and Simulations

Verifying REACT Aleks Milisevic Will Noble Martin Rinard

Reasoning in Psychology Using Statistics

Policy Compression for MDPs

Introduction to Software Testing

Parameterised Complexity

Closure Representations in Higher-Order Programming Languages

Exploring Possibilities of Weather in the Cockpit with FPAW at NBAA

Reasoning in Psychology Using Statistics

CSCI1600: Embedded and Real Time Software

CSCI1600: Embedded and Real Time Software

Automatic Abstraction of Microprocessors for Verification

Presentation transcript:

1 Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin CPS V&V I&F workshop, December 11th, 2014

2 Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin Verifying Pre-Existing Systems ! Verified idealized system System that actually runs on the airplane

3 Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin Next-Generation Airborne Collision Avoidance System (ACAS X) Industrial system developed by the FAA replacing TCAS Designed to prevent collisions between aircraft Based on optimizing a Markov Decision Process to create a big table (several millions of entries) that is then interpolated to make decisions at runtime

4 Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin COC DNC DND DES1500 CL1500 COC Next-Generation Airborne Collision Avoidance System (ACAS X) Only vertical advisories are allowed Separation property based on a puck Table in 7 dimensions with millions of entries How do we verify such a huge table?

5 Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin COC DNC DND DES1500 CL1500 COC ACAS X Verification with KeYmaera ① For each action, identify a region where it is safe ② Formally prove in KeYmaera that the safe regions are correct ③ Compare the safe regions with the ACAS X decision table safe CL1500 CL1500

6 Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin Computing the Safe Region: for a Climbing RA parabola at acceleration straight up at target vertical velocity half parabola horizontal of width straight up at target vertical velocity

7 Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin Comparison: ACAS X issues CL1500 Initial advisory begins to induce NMAC

8 Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin Challenge: Verifying Pre-Existing Systems Solution 1: Verify the system directly Problem: its design is often ill-suited for verification Solution 2: Show that the system is subsumed by a more general, verified system Problem: we need to identify this more general system Solution 3: …

9 Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin Challenge: Modeling Uncertainties Uncertainty due to uncertain parameters or unpredictable events: wind, component faults… Sensor uncertainty: sensors are never perfect, they only give values within a certain margin of error

10 Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin Challenge: Human in the Loop Airplanes have pilots who follow precise procedures: in theory their behavior is easy to model However it is difficult to quantify the behavior of a human (reaction times, minimum performance,…) What about modeling reaction to unusual or stressful events?

11 Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin Challenge: Numerical issues A computer cannot effectively perform real number computations Instead, computers use floats How do we transfer a proof using exact-precision real numbers to a system using limited-precision floats?

12 Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin Challenge: Scalability and Automation Aerospace systems are big systems Natural approach is to verify a simplified system How do we make sure a proof on a simplified system still applies to the complete system? At some point, systems are too big and intractable for manual proofs: need proof automation

13 Challenges in the Verification of Pre-Existing Aerospace Systems Jean-Baptiste Jeannin Challenges and Conclusion To bridge the gap between verified systems and implemented systems, we need to be able to: –Verify complex systems –Verify pre-existing systems To make our proofs more applicable, we need to take into account: –Uncertainties of parameters and sensors –Humans in the Loop –Numerical Issues –Scalability and Automation