Verification Guided Refinement of Flight Safety Assessment and Management System for Takeoff

Abstract

Systems that make safety-critical decisions must undergo a rigorous verification and validation process to ensure automation decisions do not jeopardize the nominal safe state of operation. Flight safety assessment and management is a high-level decision-making system to reduce loss of control risk. This paper demonstrates how tools from formal verification can be used to guide the design of a takeoff flight safety assessment and management system implemented as a deterministic Moore machine. Finite state abstractions of simplified takeoff dynamics under different control authorities (i.e., pilot vs safety controller) are computed and composed with the Moore machine. By construction, the composition captures all behaviors of simplified takeoff dynamics. Then, a model checking tool analyzes whether this composition satisfies the takeoff safety requirements specified by federal aviation regulations. The results of model checking together with the abstraction are used to refine the Moore machine to ensure sa...