Exploring Model Quality for ACAS X

The next generation airborne collision avoidance system, ACAS X, aims to provide robustness through a probabilistic model that represents sources of uncertainty. From this model, dynamic programming produces a look-up table that is used to give advisories to the pilot in real time. The model is not present in the final system and is therefore not included in the standard certification processes. Rather, the model is checked indirectly, by ensuring that ACAS X performs as well as, or better than, the state-of-the-art, TCAS. We claim that to build confidence in such systems, it is important to target model quality directly. We investigate this issue of model quality as part of our research on informing certification standards for autonomy. Using ACAS X as our driving example, we study the relationship between the probabilistic model and the real world, in an attempt to characterize the quality of the model for the purpose of building ACAS X. This paper presents model conformance metrics, their application to ACAS X, and the results that we obtained from our study.

[1]  Dimitra Giannakopoulou,et al.  Test-case generation for runtime analysis and vice versa: verification of aircraft separation assurance , 2015, ISSTA.

[2]  Jean-Baptiste Jeannin,et al.  A Formally Verified Hybrid System for the Next-Generation Airborne Collision Avoidance System , 2015, TACAS.

[3]  Christian von Essen,et al.  Probabilistic verification and synthesis of the next generation airborne collision avoidance system , 2015, International Journal on Software Tools for Technology Transfer.

[4]  Jean-Baptiste Jeannin,et al.  Hybrid Theorem Proving of Aerospace Systems: Applications and Challenges , 2014, J. Aerosp. Inf. Syst..

[5]  Christian von Essen,et al.  Analyzing the Next Generation Airborne Collision Avoidance System , 2014, TACAS.

[6]  Scott A. Smolka,et al.  Tools and Algorithms for the Construction and Analysis of Systems , 2013, Lecture Notes in Computer Science.

[7]  S. Shankar Sastry,et al.  Conflict resolution for air traffic management: a study in multiagent hybrid systems , 1998, IEEE Trans. Autom. Control..

[8]  Mykel J. Kochenderfer,et al.  Robust Airborne Collision Avoidance through Dynamic Programming , 2011 .

[9]  André Platzer,et al.  Formal verification of distributed aircraft controllers , 2013, HSCC '13.

[10]  César A. Muñoz,et al.  Formal Verification of an Optimal Air Traffic Conflict Resolution and Recovery Algorithm , 2007, WoLLIC.

[11]  Edmund M. Clarke,et al.  Formal Verification of Curved Flight Collision Avoidance Maneuvers: A Case Study , 2009, FM.

[12]  Zvonimir Rakamaric,et al.  Taming test inputs for separation assurance , 2014, ASE.

[13]  Ole J. Mengshoel,et al.  Adaptive stress testing of airborne collision avoidance systems , 2015 .

[14]  Jonathan P. How,et al.  Decision Making Under Uncertainty: Theory and Application , 2015 .

[15]  Johann Schumann,et al.  Formal testing for separation assurance , 2011, Annals of Mathematics and Artificial Intelligence.

[16]  James K. Kuchar,et al.  The Traffic Alert and Collision Avoidance System , 2007 .

[17]  Nancy A. Lynch,et al.  On the formal verification of the TCAS conflict resolution algorithms , 1997, Proceedings of the 36th IEEE Conference on Decision and Control.