Computational Logic QMUL 26 Mar 04 Verification of Safety Critical Software Nick Tudor tel: +44 1684 894489

Slides:



Advertisements
Similar presentations
Certifying Auto-generated Flight Code Ewen Denney Robust Software Engineering NASA Ames Research Center California, USA.
Advertisements

Sustainability and Energy ServicesSustainability and Energy Services.
© Chinese University, CSE Dept. Software Engineering / Software Engineering Topic 1: Software Engineering: A Preview Your Name: ____________________.
Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.
Metrics for Process and Projects
An Integration of Program Analysis and Automated Theorem Proving Bill J. Ellis & Andrew Ireland School of Mathematical & Computer Sciences Heriot-Watt.
Measurement in Practice. Siemens Experience Application - systems software - size: 10,000 to 5 million lines of code software engineers/support.
Software Quality Metrics
NexGen ATM System A Perspective National Workshop on Aviation Software Systems: Design for Certifiably Dependable Systems October 5-6, 2006 Presented by.
Automated V&V for High Integrity Systems A Targeted Formal Methods Approach Simon Burton Research Associate Rolls-Royce University Technology Centre University.
© Copyright QinetiQ limited 2010 Formal Methods Tool Qualification for DO178B & DO178C Nick Tudor tel:
Testing an individual module
RESOURCE MEASUREMENT: PRODUCTIVITY, TEAMS AND TOOLS.
School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification
The Systems Assurance Group Dr Jaspal Sagoo Systems Assurance Group QinetiQ Trusted Information Management Malvern Technology Centre.
CBAP and BABOK Presented to the Albany Capital District Chapter of the IIBA February 3, 2009.
Software Verification and Validation (V&V) By Roger U. Fujii Presented by Donovan Faustino.
Continuing Professional Development Standards, principles, and practices.
Page - 1 Rocketdyne Propulsion & Power Role of EASY5 in Integrated Product Development Frank Gombos Boeing Canoga Park, CA.
Concept of Computer Programming November 2, 2011.
CS527: (Advanced) Topics in Software Engineering Overview of Software Quality Assurance Tao Xie ©D. Marinov, T. Xie.
Expert System Presentation On…. Software Certification for Industry - Verification and Validation Issues in Expert Systems By Anca I. Vermesan Presented.
On-line Award in Food Industry Fundamentals Level 3 on EQF 3Dec2014.
University of Palestine software engineering department Testing of Software Systems Fundamentals of testing instructor: Tasneem Darwish.
Project Management Project Management involves the planning, monitoring, and control of the people, process, and events that occur as software evolves.
Software Utilities Pages 65 to 73 Looking After Your Computer Nick Sims.
1 © Quality House QUALITY HOUSE The best testing partner in Bulgaria.
© Andrew IrelandDependable Systems Group Proof Automation for the SPARK Approach to High Integrity Ada Andrew Ireland Computing & Electrical Engineering.
© Andrew IrelandDependable Systems Group Cooperative Reasoning for Automatic Software Verification Andrew Ireland School of Mathematical & Computer Sciences.
SDLC: System Development Life Cycle Dr. Dania Bilal IS 582 Spring 2007.
© Andrew IrelandDependable Systems Group ITI Techmedia and Technology Transfer Andrew Ireland Dependable Systems Group School of Mathematical & Computer.
(On secondment at) Praxis High Integrity Systems Bath Dependable Systems Group School of Mathematical & Computer Sciences Heriot-Watt University Edinburgh.
1 New Development Techniques: New Challenges for Verification and Validation Mats Heimdahl Critical Systems Research Group Department of Computer Science.
2012: J Paul GibsonTSP: MSC SAI Mathematical FoundationsMAT7003.ProofsWithRodin.1 MAT 7003 : Mathematical Foundations (for Software Engineering) J Paul.
Framework for the Development and Testing of Dependable and Safety-Critical Systems IKTA 065/ Supported by the Information and Communication.
Coverage Criteria for Testing of Object Interactions in Sequence Diagrams Atanas (Nasko) Rountev Scott Kagan Jason Sawin Ohio State University.
1 Hybrid-Formal Coverage Convergence Dan Benua Synopsys Verification Group January 18, 2010.
Occupational Health & Safety requirement for Work Experience.
1 Introduction to Software Engineering Lecture 1.
© Andrew IrelandDependable Systems Group On the Scalability of Proof Carrying Code for Software Certification Andrew Ireland School of Mathematical & Computer.
Page 1 5/2/2007  Kestrel Technology LLC A Tutorial on Abstract Interpretation as the Theoretical Foundation of CodeHawk  Arnaud Venet Kestrel Technology.
Computing System Fundamentals 3.1 Language Translators.
Modularity Status Update Extension Module Webinar 25 th of February 2010.
PRJ566 Project Planning & Management Software Architecture.
Improving Dependability in Service Oriented Architectures using Ontologies and Fault Injection Binka Gwynne Jie Xu School of Computing University of Leeds.
1 Technology Infusion of the Software Developer’s Assistant (SDA) into the MOD Software Development Process NASA/JSC/MOD/Brian O’Hagan 2008 Software Assurance.
QinetiQ in confidence © Copyright QinetiQ November 2008 Challenges Colin O’Halloran Aerospace Consulting Practice.
Properties Incompleteness Evaluation by Functional Verification IEEE TRANSACTIONS ON COMPUTERS, VOL. 56, NO. 4, APRIL
© Andrew IrelandGrand Challenges for Computing Research 2004 The Verifying Compiler Andrew Ireland Dependable Systems Group School of Mathematical & Computer.
© 2009 Artisan Software Tools. All rights reserved. Testing Solutions with UML/SysML Andrew Stuart, Matthew Hause.
© Chinese University, CSE Dept. Software Engineering / Software Engineering Topic 1: Software Engineering: A Preview Your Name: ____________________.
Chapter 16 Staff training and certification. Outline The objectives of training and certification The training and certification process Determine professional.
QTP and Its Importance – QTP Online Training. QTP – Quick Test Professional is an automated testing tool launched by HP that helps to perform automated.
Programming paradigms
PREPARED BY G.VIJAYA KUMAR ASST.PROFESSOR
Introduction Edited by Enas Naffar using the following textbooks: - A concise introduction to Software Engineering - Software Engineering for students-
SDLC: System Development Life Cycle
Software engineering – 1
Why Do We Measure? assess the status of an ongoing project
Introduction Edited by Enas Naffar using the following textbooks: - A concise introduction to Software Engineering - Software Engineering for students-
Business Growth Through Apprenticeships
QGen and TQL-1 Qualification
Verification and Validation Unit Testing
Lockheed Martin Canada’s SMB Mentoring Program
QGen and TQL Qualification
DOCUMENTAL SOLUTIONS Market Analysis Intelligence & Tools
Why Do We Measure? assess the status of an ongoing project
Verification & Validation
Human Computer Interaction Lecture 14 HCI in Software Process
BLAST: A Software Verification Tool for C programs
Presentation transcript:

Computational Logic QMUL 26 Mar 04 Verification of Safety Critical Software Nick Tudor tel:

Computational Logic QMUL 26 Mar 04 The Agenda The NDI Control Law A Path Finding Experiment Benefits Resistance Questions

Computational Logic QMUL 26 Mar 04 The NDI Control Law

Computational Logic QMUL 26 Mar 04 Control software Example of successful application Verification of autocoded Non-linear Dynamic Inversion Control Laws embedded in Vectored thrust Aircraft Advanced flight Control (VAAC) Harrier

Computational Logic QMUL 26 Mar 04 Part of NDI Control Law

Computational Logic QMUL 26 Mar 04 Year 1999 One man ; 3 months Used RTW Ada autocoder –Produced 3 procedures, Step, Control Law & End –800 LOC Used manual refinement Interactive proof to discharge the 36 VCs Print out of instructions to ProofPower took ~180 pages

Computational Logic QMUL 26 Mar 04 Year 2000 Outstanding MSc Student at the world renowned Computer Science Dept, University of York Modules in the Simulink could be replicated in the autocode –5 Modules –Used packages to get 3 procedures per package –1200 LOC –43 VCs (not proven) Now meant that effort could be divided and system upgraded in modular fashion (modular certification)

Computational Logic QMUL 26 Mar 04 Meanwhile – Reverse Engineered Safety Evidence Fortran not used in development for 25 procedures Procedure results for remaining 331 procedures –Positive compliance: 88% –Negative compliance: 2% –Tool problems: 2% –Inconclusive: 7% Verification condition results (16,000 VCs) –Totally automatic proofs: 95.7% –Part-automatic, part-interactive proofs: 3.1% –Unproven: 1.2%

Computational Logic QMUL 26 Mar 04 Year people; 1 week Still using RTW Ada autocoder –Produced 8 procedures –850 LOC Used refinement script to drive automatic refinement Automatic proof using Supertac to discharge 94% of 373 VCs (21 remained) –Improvements since then

Computational Logic QMUL 26 Mar 04 A Path Finding Experiment

Computational Logic QMUL 26 Mar 04 Why do an experiment? The embryonic technique has been applied to experimental control laws (…….and it worked!!) No metrics were gathered, therefore: “How good is it for my project?” No independent assessment by industry or MOD on a real project Safety/certification issues to be addressed Applicability: Safety/non-safety critical?

Computational Logic QMUL 26 Mar 04 The Comparison Translation to Simulink {Done in 2001} Manually Code into SPARK Ada Confirmed equivalent Requirement - Fortran Iterate Unit test Autocode/Autoprove 100% pass

Computational Logic QMUL 26 Mar 04 Manhours comparison

Computational Logic QMUL 26 Mar 04 Conventiona l PRICE-S ROM Comparison Based on one result extrapolated to 1KLOC – Dates are irrelevant

Computational Logic QMUL 26 Mar 04 Results Interpretation CAVEAT: THIS IS ONE EXPERIMENT WITH CONSTRAINTS Two separate analysis were carried out on the results: –BAES/York University and PFG SW Cost Forecasting Represents 2 1 / / 2 times faster than existing process for Design, Code & Unit Test (BAES/York) Based on a nominal 1000LOCs, code development effort reduced to 28% (ie 72% savings) (PFG) Typically would expect 0.33 LOC per person per hour; CLawZ is at worst 40 and at best 100 times faster (PFG) Translates to approx 30-40% savings in software life cycle costs (CADMID) (PFG)

Computational Logic QMUL 26 Mar 04 Benefits

Computational Logic QMUL 26 Mar 04 Model development and proof V&V vs Traditional development and V&V Concept/Req Design Flight Test Rig Tests Proof and limited tests Mathematical Specification, Simulink autocode

Computational Logic QMUL 26 Mar 04 Resistance “…is futile” – The Borg Collective

Computational Logic QMUL 26 Mar 04 Barriers to be overcome Industrial investment in existing tools, processes, people, training NIH Not C – yet! Certification and tool qualification How do I know I have got the right Simulink……? ….and are safety properties in the Simulink reflected in the code…and can I demonstrate that to certifier?

Computational Logic QMUL 26 Mar 04 Proving Properties - Certification G{S}H{S} Property needs to be provable in the code Safety Case

Computational Logic QMUL 26 Mar 04 Safety gap Mind the Gap!

Computational Logic QMUL 26 Mar 04 Verification of Safety Critical Software Nick Tudor tel: Any Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.