skip to main content
research-article

Formal Verification of Spacecraft Control Programs

Published:15 October 2020Publication History
Skip Abstract Section

Abstract

Verification of correctness of control programs is an essential task in the development of space electronics; it is difficult and typically outweighs design and programming tasks in terms of development hours. This article presents a verification approach designed to help spacecraft engineers reduce the effort required for formal verification of low-level control programs executed on custom hardware.

The verification approach is demonstrated on an industrial case study. We present a REDuced instruction set for Fixed-point and INteger arithmetic (REDFIN), a processing core used in space missions, and its formal semantics expressed using the proposed metalanguage for state transformers, followed by examples of verification of simple control programs.

References

  1. Alasdair Armstrong, Thomas Bauereiss, Brian Campbell, Alastair Reid, Kathryn E. Gray, Robert M. Norton, Prashanth Mundkur, Mark Wassell, Jon French, Christopher Pulte, Shaked Flur, Ian Stark, Neel Krishnaswami, and Peter Sewell. 2019. ISA semantics for ARMv8-a, RISC-v, and CHERI-MIPS. In Proceedings of the ACM Program. Lang. 3, POPL, Article 71 (Jan. 2019), 31 pages. DOI:https://doi.org/10.1145/3290384Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Roberto Baldoni, Emilio Coppa, Daniele Cono D’Elia, Camil Demetrescu, and Irene Finocchi. 2018. A survey of symbolic execution techniques. ACM Computing Surveys 51, 3, Article 50 (2018).Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Mordechai Ben-Ari. 2001. The bug that destroyed a rocket. SIGCSE Bull. 33, 2 (June 2001), 58--59.Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Edwin Brady. 2013. Idris, a general-purpose dependently typed programming language: Design and implementation. Journal of Functional Programming 23 (9 2013), 552--593. Issue 5.Google ScholarGoogle Scholar
  5. David Currie, Xiushan Feng, Masahiro Fujita, Alan J. Hu, Mark Kwan, and Sreeranga Rajan. 2006. Embedded software verification using symbolic execution and uninterpreted functions. International Journal of Parallel Programming 34, 1 (2006), 61--91.Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Leonardo De Moura and Nikolaj Bjørner. 2008. Z3: An efficient SMT solver. Tools and Algorithms for the Construction and Analysis of Systems (2008), 337--340.Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Ulan Degenbaev. 2012. Formal Specification of the x86 Instruction Set Architecture. Ph.D. Dissertation. Saarland University.Google ScholarGoogle Scholar
  8. Stephen Diehl. 2017. Monads to Machine Code. Retrieved from https://web.archive.org/web/20171207020256/http://www.stephendiehl.com/posts/monads_machine_code.html.Google ScholarGoogle Scholar
  9. Levent Erkok. 2019. SBV: SMT Based Verification in Haskell. Retrieved from http://leventerkok.github.io/sbv/.Google ScholarGoogle Scholar
  10. Anthony Fox and Magnus O. Myreen. 2010. A trustworthy monadic formalization of the ARMv7 instruction set architecture. In Proceedings of the International Conference on Interactive Theorem Proving. Springer, 243--258.Google ScholarGoogle Scholar
  11. Tikhon Jelvis. 2016. Analyzing Programs with Z3 (video recording of Compose Conference talk). Retrieved from http://jelv.is/talks/compose-2016.Google ScholarGoogle Scholar
  12. Andrew Kennedy, Nick Benton, Jonas B Jensen, and Pierre-Evariste Dagand. 2013. Coq: The world’s best macro assembler? In Proceedings of the 15th Symposium on Principles and Practice of Declarative Programming. ACM, 13--24.Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Nancy G. Leveson. 2004. Role of software in spacecraft accidents. Journal of Spacecraft and Rockets 41, 4 (2004), 564--575.Google ScholarGoogle ScholarCross RefCross Ref
  14. MIT. 2017. A formal specification of the RISC-V ISA written in Haskell. Retrieved from https://github.com/mit-plv/riscv-semantics.Google ScholarGoogle Scholar
  15. Andrey Mokhov, Georgy Lukyanov, and Jakob Lechner. 2019. Formal verification of spacecraft control programs (experience report). In Proceedings of the 12th ACM SIGPLAN International Symposium on Haskell (Haskell 2019). ACM, New York, NY, 139--145. DOI:https://doi.org/10.1145/3331545.3342593Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. NASA. 1999. Mars Climate Orbiter Mishap Investigation Board Phase I Report. Technical Report.Google ScholarGoogle Scholar
  17. Alastair Reid. 2017. Who guards the guards? Formal validation of the arm V8-m architecture specification. ACM Programming Languages 1, OOPSLA (2017), 88:1--88:24.Google ScholarGoogle Scholar
  18. Alastair Reid, Rick Chen, Anastasios Deligiannis, David Gilday, David Hoyes, Will Keen, Ashan Pathirane, Owen Shepherd, Peter Vrabel, and Ali Zaidi. 2016. End-to-end verification of processors with ISA-Formal. In Proceedings of the International Conference on Computer Aided Verification. Springer, 42--58.Google ScholarGoogle ScholarCross RefCross Ref
  19. Niki Vazou, Eric L. Seidel, Ranjit Jhala, Dimitrios Vytiniotis, and Simon Peyton-Jones. 2014. Refinement types for Haskell. In ACM SIGPLAN Notices, Vol. 49. ACM, 269--282.Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Philip Wadler. 1990. Comprehending monads. In Proceedings of the 1990 ACM Conference on LISP and Functional Programming. ACM, 61--78.Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Lewis Wall. 2017. An ASM Monad. Retrieved from http://wall.org/ lewis/2013/10/15/asm-monad.html.Google ScholarGoogle Scholar

Index Terms

  1. Formal Verification of Spacecraft Control Programs

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      HTML Format

      View this article in HTML Format .

      View HTML Format
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!