Post on 20-Aug-2018
1DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
Integrity Service Excellence
Certification Technology for
Complex Systems
Overview
14 Jun 11
Jacob Hinchman
2DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
Purpose
Provide insight into our future strategic goals in
order to solicit participation in the research of flight
critical verification and validation techniques and
applications.
– Bridging the gap between V&V theory and practical
application.
3DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
Solu
tio
ns
• User Certification Challenges
– Unaware of Advanced V&V
technologies
– Unsure how to apply various
techniques
• Basic Research Developing
Large Research Base
– No applicable Challenge
Problems
– Techniques extremely difficult to
apply to current “Challenges”
• RB Bridging the Gap between
Basic Research and the Users
Needs
Tech
Certification Challenges
Survey of RB, ASC, Industry
Selection of V&V Vectors
EmergingCertification Technologies
MonitoringDARPA, Universities,
NSF, NASA, NSA, other AFRL activities
RB Research &National Plan
AFRL RB V&VGaps Analysis
4DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
Certification Pillars
• Is the system built to the right
requirements?
• Does software do the correct thing?
• Is the information correct that is
feeding the flight controls/software?
• Will the design lend itself to
certification?
Requirements Validation
Software and Hardware
Composable Architectures
CLAWS, Models, and
Software Verification Tools and
Techniques
InformationAnd System
IntegrityManagement
S/W V&V
Architecture Certification
Data Integrity
5DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
Software V&V Area
• Goal:
– Reduce the effort required to verify and
validate safety critical flight software
Thrust
Pillar Software V&V
Enhanced Analysis
FY10 - FY15
Real time Assurance
FY12 – FY14
Requirements validation
FY13 – FY17
6DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
Data Integrity Area
• Goal:
– Develop a set of tools and techniques for
verifying/correlating single source data allowing for
safety assurance where traditional redundancy
does not work
Thrust
Pillar Data Integrity
Single Source Data
FY12 – FY18
Virtual Channels
FY15 – FY20
7DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
Software and Hardware
Composable Architecture Area
• Goal:
– Reduce certification efforts through
purposefully designing the architecture for
certification while maintaining functionality
and reducing SWAP
Thrust
Pillar Architecture Certification
Safe Interaction& Separation
FY10 – FY12
Formalized Composition
FY12 – FY17
System of Systems Certification
FY14 – FY20
8DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
Certification Technology
for Complex Systems
Certification
Software V&V
EnhancedAnalysis
Model Checkers
Theorem Provers
Run time Assurance
Wrappers
Requirements Validation
Composable Architectures
Safe Interaction& Separation
Distributed Data Flow Partitioning
Formalized Composition
System of Systems Certification
IntegritySingle Source
DataIntegrity
Phase I SBIR
Ve
ctors / Tasks
9DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
Tech Area Roadmap
Pillars FY11 – FY13 FY14 – FY16 FY16 – FY19
Software V&V
ArchitectureCertification
Data Integrity
Formal Method Toolkit Development
Req. Validation and Decomposition
Data FlowRTI Phase II SBIR
Formal Composition
SoS/Modular Certification“Plug ‘n Play”
Integrity SBIR IIntegrity SBIR
II
AAR RelNav Integrity
Single Source Data Integrity Program
ISHM Integrity / Reasoner
R-T Assurance Tech Base
Automated Req. Validation and FM V&V
R-T Assurance Common Applicability
Automated Verification
Modular Design w/ Principles Based on
Certification
Non-Safety Critical Sensors
Feeding Flt CLAWS
10DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
Enhanced Analysis
Model Checkers
• Automated Testing of Models developed in Matlab/Simulink
– Determines all reachable states
– Identifies when model properties are violated
• Provides a counter-example with conditions under which the properties fail
• Using Rockwell Collins “Gryphon” translator tool
– Gryphon translates a model developed in Matlab Simulink & Stateflow
into a model analyzable by the NuSMV model checker
– Develop several test cases
• ACAT, AAR, etc.
Gryphon
11DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
Model Checking Vector
Model Checkers
DoAll Properties
Hold?
12DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
Run-Time Assurance
Decision Maker
• Run-Time Assurance Wrappers
– Encapsulate advanced software functionality with a simple, deterministic monitor and safe backup system to ensure the safety of the vehicle
– contain the V&V costs on systems that leverage adaptive, learning control algorithms
• Decision logic is difficult– When to switch and still be safe?
– What is the switching criteria?
– Bounding the advanced controller
– Switching stability
• Impact– Redundancy vs Advanced capabilities tradeoff
– Increases overall capability but eases verification
through simplified controllers and decision logic
• Previous work is based on projected trajectory– ACAT/ACAS, AAR, CerTA FCS
– Barron Associates• Also focused on reactive, non-trajectory based
theory
How do you develop a complete set of decision logic for predictive, non-trajectory basedRun-Time Assurance Wrappers?
13DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
Technology
Milestones 11 12 13 14
Technology Investment Schedule (FY) As of Mar 11
• Assists with Requirements Validation and Traceability
• Starts bridging the gap between requirements generation and advanced software V&V
• Provides AFRL an understanding of the difficulty of the problem
• Reqs. Decomposition Survey
• Problem Set Development
• Manual Decomposition
• Investigate ways of translating requirements into model properties for use in model checkers
• This program will provide technical base for future programs in automated requirements decomposition
Automated Modeling of Requirements
Certa AMOR
• Formal method verification of software
• Automated Model-based verification
• Generalized Formal Requirements Specification Syntax
Description Benefits to the WarFighter
Certa AMOR
Requirements Translator
Requirements
14DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
Summary
• National Plan
– Establish multi-agency visions and vectors
– Multi-agency roadmap and S&T plan to meet future Air Worthiness V&V
Certification challenges
– Leveraging Government, Academia, and Industry to solve Aviation V&V challenges
• RB Current Focus
– Enhanced Analysis Software V&V (Formal Methods, Model Checking, Theorem
Proving, etc.)
– Run-Time Assurance
• RB Future Focus
– Automated Model of Requirements (CerTa AMOR)
– Data Integrity
– Architectures CertificationWe need your Help!
Identifying needs and sharing solutions
15DISTRIBUTION STATEMENT A. Approved for public release; distribution unlimited. Case #: 88ABW-2011-3380)
JACOB HINCHMAN
Office: (937) 255-8427
Jacob.Hinchman@wpafb.af.mil
DAVID HOMAN, CHIEF - Control Automation Section
Office: (937) 255-4026
david.homan@wpafb.af.mil
RUSS URZI
Office: (937) 255-8294
Russell.Urzi@wpafb.af.mil
BRIAN HULBERT
Office: (937) 255-4605
brian.hulbert@wpafb.af.mil
JON HOFFMAN
Office: (937) 255-2541
Jonathon.Hoffman@wpafb.af.mil
MATT CLARK
Office: (937) 255-8439
matthew.clark3@wpafb.af.mil
Control Systems Development and Applications Branch
Air Force Research Laboratory AFRL/RBCCZ2130 Eighth St.
Wright Patterson AFB, OH 45433-7542
FAX: (937) 656-7505
V&V TEAM