Proving the shalls: Early validation of requirements through formal methods

  • Authors:

  • Steven P. Miller;Alan C. Tribble;Michael W. Whalen;Mats P. E. Heimdahl

  • Affiliations:

  • Rockwell Collins Inc., 400 Collins Road NE, 52498, Cedar Rapids, IA, USA;Rockwell Collins Inc., 400 Collins Road NE, 52498, Cedar Rapids, IA, USA;Rockwell Collins Inc., 400 Collins Road NE, 52498, Cedar Rapids, IA, USA;University of Minnesota, Department of Computer Science and Engineering, 4-192 EE/CSci Bldg, 200 Union Street S.E., 55455, Minneapolis, MN, USA

  • Venue:
  • International Journal on Software Tools for Technology Transfer (STTT) - A View from Formal Methods 2003 (pp 301-354); Special Section on Recent Advances in Hardware Verification (pp 355-447)
  • Year:
  • 2006

Quantified Score

Hi-index 0.00

Visualization

Abstract

Incomplete, inaccurate, ambiguous, and vola-tile requirements have plagued the software industry since its inception. The convergence of model-based development and formal methods offers developers of safety-critical systems a powerful new approach to the early validation of requirements. This paper describes an exercise conducted to determine if formal methods could be used to validate system requirements early in the lifecycle at reasonable cost. Several hundred functional and safety requirements for the mode logic of a typical flight guidance system were captured as natural language “shall” statements. A formal model of the mode logic was written in the RSML−e language and translated into the NuSMV model checker and the PVS theorem prover using translators developed as part of the project. Each “shall” statement was manually translated into a NuSMV or PVS property and proven using these tools. Numerous errors were found in both the original requirements and the RSML−e model. This demonstrates that formal models can be written for realistic systems and that formal analysis tools have matured to the point where they can be effectively used to find errors before implementation.