Servizio Comunitario di Informazione in materia di Ricerca e Sviluppo - CORDIS

Case study: the MARS system

The case study is the Medium Altitude Reconnaissance System (MARS), software that controls a photo camera embedded in a fighter aircraft. The experiments with the OMEGA tools have concentrated on the self-monitoring functions of the system. The system performs asynchronous data acquisition from the avionics data bus (altitude data and navigation data), while performing cyclical internal processing of the hardware failure detection (data bus controller Built-In-Test status). The data bus status monitoring functions involve functional as well as time-dependent system behaviour. The system environment (namely the data bus controller and data sources) exhibits non-deterministic functional and timing properties.

The verification and validation activities comprised application of the OMEGA tools to the case study model in the series of verification experiments. The objective of these experiments was to evaluate the following aspects of the application of the new OMEGA technologies in the industrial context:

relevance to the case study domain;
applicability to the issues of the industrial software development;
usability in the industrial setting;
OMEGA tools in the industrial software development lifecycle.

The most important issue of this case study was related to verification of the model with non-deterministic environment. The main source of non-determinism lied in the fact that the data sources were independent, unsynchronised, provided cyclical data with non-deterministic timing jitter (bounded to ±10ms), and had a possibility of non-deterministic data loss.

The UVE tool
An untimed version of the case study UML model has been developed in the Rhapsody tool and verified with the UVE tool. The tool provides possibility to specify the non-deterministic external stimuli to drive the system model behaviour. The tool allows verification of safety and liveness properties of a UML model, and provides facilities to specify assumptions on the model behaviour as well as on the environment (external stimuli).

The IF/IFx tool:
A timed version of the UML model has been developed and verified with the IF/IFx tool. The tool allows a more realistic modelling of time dependent behaviour in the self-monitoring components, as well as a more explicit environment modelling. The latter is possible as the tool provides support for non-deterministic behaviour in a closed UML model, including timing non-determinism. Several timing properties have been specified and verified using observers.

The academic partners experimented successfully alternative more compositional models allowing obtaining more general verification results using compositional verification and abstraction. They showed also the usefulness of the combined use of all the validation tools developed in the project, including the proving based ones

Informazioni correlate

Reported by

Anthony Fokkerweg 2