Abstract
The Speci cation and Analysis of Requirements (SpeAR) tool is a requirements prototyping and analysis tool based on the formal semantics of the Lustre language. It features a domain speci c language that formally captures functional requirements of systems or software. Once formalized, requirements can be analyzed to demonstrate correct- ness, consistency, and traceability using in nite-state model checking tools, such as JKind. The formal notation and analyses that SpeAR supports can be used to automate activities related to certi cation of safety critical software as suggested by DO-178C: Software Considera- tions in Airborne Systems and Equipment Certi cation. This standard de nes a rigorous software development process that ensures that soft- ware development activities produce object code that implement sys- tem requirements correctly, while introducing no additional functional- ity. Recent updates to the guidance allow for the use of formal methods to satisfy DO-178C certi cation objectives as outlined in DO-333: For- mal Methods Supplement to DO-178C and DO-278A. This paper walks through an e ort in which SpeAR is used to automate certi cation ac- tivities for production avionics software. It focuses on the use of SpeAR to address veri cation objectives related to the software design artifacts of DO-178C, replacing manual peer review activities with more rigorous formal-methods based analyses.
- Fifarek, A.W.,Wagner, L.G., Ho man, J.A., Rodes, B.D., Aiello, M.A., Davis, J.A. In: SpeAR v2.0: Formalized Past LTL Speci cation and Analysis of Requirements. Springer International Publishing, Cham (2017) 420{426Google Scholar
- Halbwachs, N., Caspi, P., Raymond, P., Pilaud, D.: The synchronous data ow programming language Lustre. Proceedings of the IEEE 79(9) (Sep 1991) 1305{ 1320Google Scholar
- Gacek, A.: The JKind model checker. loonwerks.com/tools/jkind.html (2014)Google Scholar
- RTCA DO-178C: Software Considerations in Airborne Systems and Equipment Certi cation, Washington, DC. (December 2011)Google Scholar
- RTCA DO-333: Formal Methods Supplement to DO-178C and DO-278A, Wash- ington, DC. (December 2011)Google Scholar
- Cofer, D., Miller, S. In: DO-333 Certi cation Case Studies. Springer International Publishing, Cham (2014) 1{15Google Scholar
- Wagner, L., Mebsout, A., Tinelli, C., Cofer, D., Slind, K. In: Quali cation of a Model Checker for Avionics Software Veri cation. Springer International Publish- ing, Cham (2017) 404{419Google Scholar
- Ghassabani, E., Gacek, A., Whalen, M.W.: E cient generation of inductive validity cores for safety properties. In: Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering. FSE 2016, New York, NY, USA, ACM (2016) 314{325Google Scholar
Digital Library
- Gacek, A., Katis, A.,Whalen, M.W., Backes, J., Cofer, D. In: Towards Realizability Checking of Contracts Using Theories. Springer International Publishing, Cham (2015) 173{187Google Scholar
Cross Ref
- Kahsai, T., Tinelli, C.: Pkind: A parallel k-induction based model checker. In Barnat, J., Heljanko, K., eds.: Proceedings 10th International Workshop on Paral- lel and Distributed Methods in veri Cation, Snowbird, Utah, USA, July 14, 2011. Volume 72 of Electronic Proceedings in Theoretical Computer Science., Open Pub- lishing Association (2011) 55{62Google Scholar
- Sheeran, M., Singh, S., St almarck, G. In: Checking Safety Properties Using In- duction and a SAT-Solver. Springer Berlin Heidelberg, Berlin, Heidelberg (2000) 127{144Google Scholar
- Hagen, G., Tinelli, C.: Scaling up the formal veri cation of lustre programs with smt-based techniques. In: Proceedings of the 2008 International Conference on Formal Methods in Computer-Aided Design. FMCAD '08, Piscataway, NJ, USA, IEEE Press (2008) 15:1{15:9Google Scholar
Digital Library
- Bradley, A.R. In: SAT-Based Model Checking without Unrolling. Springer Berlin Heidelberg, Berlin, Heidelberg (2011) 70{87Google Scholar
Cross Ref
- Cimatti, A., Griggio, A. In: Software Model Checking via IC3. Springer Berlin Heidelberg, Berlin, Heidelberg (2012) 277{293Google Scholar
Digital Library
- Whalen, M.W., Rajan, A., Heimdahl, M.P., Miller, S.P.: Coverage metrics for requirements-based testing. In: Proceedings of the 2006 International Symposium on Software Testing and Analysis. ISSTA '06, New York, NY, USA, ACM (2006) 25{36Google Scholar
Digital Library
- Wagner, L.: SpeAR github repository. www.github.com/lgwagner/spear (2017)Google Scholar
Recommendations
Creating Safety Requirements Traceability for Assuring and Recertifying Legacy Safety-Critical Systems
RE '10: Proceedings of the 2010 18th IEEE International Requirements Engineering ConferenceThe assurance, reuse, and recertification of legacy safety-critical computer systems are problems affecting government and industry. The assurance and recertification processes involve gathering existing data from such systems, and evaluating how the ...
Fault Injection for Software Certification
As software becomes more pervasive and complex, it's increasingly important to ensure that a system will be safe even in the presence of residual software faults (or bugs). Software fault injection consists of the deliberate introduction of software ...
Certifiably safe software-dependent systems: challenges and directions
FOSE 2014: Future of Software Engineering ProceedingsThe amount and impact of software-dependence in critical systems impinging on daily life is increasing rapidly. In many of these systems, inadequate software and systems engineering can lead to economic disaster, injuries or death. Society generally ...






Comments