Formal Methods Case Studies for DO-333

RTCA DO-333, Formal Methods Supplement to DO-178C and DO-278A provides guidance for software developers wishing to use formal methods in the certification of airborne systems and air traffic management systems. The supplement identifies the modifications and additions to DO-178C and DO-278A objectives, activities, and software life cycle data that should be addressed when formal methods are used as part of the software development process. This report presents three case studies describing the use of different classes of formal methods to satisfy certification objectives for a common avionics example - a dual-channel Flight Guidance System. The three case studies illustrate the use of theorem proving, model checking, and abstract interpretation. The material presented is not intended to represent a complete certification effort. Rather, the purpose is to illustrate how formal methods can be used in a realistic avionics software development project, with a focus on the evidence produced that could be used to satisfy the verification objectives found in Section 6 of DO-178C.

[1]  韓國航空大學 航空 械工學科 美聯邦航空廳(Federal Aviation Administration)의 航空機 製作檢査 制度의 現況 , 1979 .

[2]  Joe Hurd,et al.  Composable Packages for Higher Order Logic Theories , 2012, VERIFY@IJCAR.

[3]  Thomas F. Melham Higher Order Logic and Hardware Verification , 1993, Cambridge Tracts in Theoretical Computer Science.

[4]  Michael J. C. Gordon,et al.  Why higher-order logic is a good formalism for specifying and verifying hardware , 1985 .

[5]  George Edward Hagen,et al.  Verifying safety properties of Lustre programs: An SMT-based approach , 2008 .

[6]  Jon Damon Reese,et al.  Analyzing Software Specifications for Mode Confusion Potential , 1998 .

[7]  Shankar Natarajan,et al.  The Formal Semantics of PVS , 1999 .

[8]  Demoz Gebre-Egziabher,et al.  An airborne experimental test platform: From theory to flight , 2013, 2013 American Control Conference.

[9]  M. Gordon,et al.  Introduction to HOL: a theorem proving environment for higher order logic , 1993 .

[10]  John Harrison,et al.  HOL Light: A Tutorial Introduction , 1996, FMCAD.

[11]  Darren D. Cofer,et al.  Software model checking takes off , 2010, Commun. ACM.

[12]  Lawrence Charles Paulson,et al.  Isabelle/HOL: A Proof Assistant for Higher-Order Logic , 2002 .

[13]  Michael W. Whalen,et al.  Formal Verification of Flight Critical Software , 2005 .

[14]  Steven Obua,et al.  Importing HOL into Isabelle/HOL , 2006, IJCAR.

[15]  Steven P. Miller,et al.  Flight Guidance System Requirements Specification , 2003 .

[16]  Cesare Tinelli,et al.  Scaling Up the Formal Verification of Lustre Programs with SMT-Based Techniques , 2008, 2008 Formal Methods in Computer-Aided Design.