Computer Science

Computer Science ›› 2025, Vol. 52 ›› Issue (12): 48-59.doi: 10.11896/jsjkx.250600027

• Computer Software & Architecture • Previous Articles     Next Articles

Transition and Verification Method from RSML-e to Lustre Model for Flight Mode Transition

WANG Zhiyi, HU Jun, XU Heng   

  1. School of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing 211106, China
  • Received:2025-06-04 Revised:2025-09-10 Online:2025-12-15 Published:2025-12-09
  • About author:WANG Zhiyi,born in 2000,postgra-duate.His main research interests include software analysis,model checking and formal verification.
    HU Jun,born in 1973,Ph.D,associate professor,is a senior member of CCF.His main research interests include intelligent computing and analysis for advanced systems,model-based systems engineering,and system safety modeling and analysis.
  • Supported by:
    This work was supported by the Joint Founds of the National Natural Science Foundation of China(U22412044).

PDF (PC)

31

Abstract: The automatic flight system is the core system of flight control for modern large aircraft.The flight guidance system,as the core subsystem of the automatic flight system,manages and controls the mode transition of the automatic flight system.The different flight stages of an automatic flight system are essentially flight mode transition,which determine the flight safety of the aircraft.However,flight mode transition has the essential characteristics of a multi-dimensional complex static structure that is coupled and compatible,as well as a multi-level dynamic combination of interactive cooperation and transitional switching.Therefore,ensuring the correctness of flight mode transition is of crucial importance.The model-driven software modeling method models the flight mode transition requirements as semi-formal or formal models,thereby analyzing and verifying the properties satisfied by the model.The existing methods face two challenges:1)The modeling from natural language requirements to semi-formal requirement models is mostly done manually,and there are differences among the requirement models established by different modeling languages;2)The semi-formal requirements model cannot be directly used for model checking.It needs to be transitioned into the input model of the model checking tool,and the verification efficiency of different verification tools also varies.Based on the RSML-e requirement model of automatic flight mode transition,this paper proposes a systematic method for transitioning the RSML-e model into the Lustre synchronous data flow language.Firstly,mapping rules are constructed from multiple dimensions such as data types,variables,logical phrases,AND-OR tables,and macros.It transitions the elements in the RSML-e model one by one into the forms supported by the Lustre synchronous data stream language,and reduces the number of variables when describing the safety properties.Secondly,after the model transition,the Lustre model and safety properties obtained from the transition are input into the Jkind model checking tool for verification.Based on the various optimization techniques built into the Jkind model checking tool,the problem of state space explosion during the model verification process is better alleviated,and efficient verification of large-scale models is achieved.Ultimately,the safety properties related to the mode transition requirements of the automatic flight system are successfully verified through this process,ensuring the operational reliability of the system under various working conditions.

Key words: Formal verification, RSML-e, Lustre, Model transition, Safety, Automatic flight system

CLC Number: 

  • TP311
[1]BOWEN J,STAVRIDOU V.Safety-critical systems,formalmethods and standards[J].IEE Software Engineering Journal,1993,8(4):189-209.
[2]PREDUT S N,IPATE F,GHEORGHE M,et al.Formal modelling of cruise control system using Event-B and Rodin platform[C]//2018 IEEE 20th International Conference on High Performance Computing and Communications;IEEE 16th International Conference on Smart City;IEEE 4th International Confe-rence on Data Science and Systems(HPCC/SmartCity/DSS).IEEE,2018:1541-1546.
[3]BONFANTI S,GARGANTINI A,MASHKOOR A.Design and validation of a C++ code generator from abstract state machines specifications[J].Journal of Software:Evolution and Process,2020,32(2):e2205.
[4]SYRIANI E,SOUSA V,LÚCIO L.Structure and behavior preserving statecharts refinements[J].Science of Computer Programming,2019,170:45-79.
[5]HOARE CAR.Communicating sequential processes[M]//Theories of Programming:The Life and Works of Tony Hoare.2021:157-186.
[6]GORRIERI R,VERSARI C.CCS:a calculus of communicating systems[M]//Introduction to Concurrency Theory:Transition Systems and CCS.2015:81-161.
[7]STEWART D,LIU J J,COFER D,et al.AADL-Based safetyanalysis using formal methods applied to aircraft digital systems[J].Reliability Engineering & System Safety,2021,213:107649.
[8]HEIMDAHL M P E,LEVESON N G,REESE J D.Experiences from specifying the TCAS II requirements using RSML[C]//17th DASC.AIAA/IEEE/SAE.Digital Avionics Systems Conference.Proceedings(Cat.No.98CH36267).IEEE,1998:C43/1-C43/8.
[9]MILLER S,TRIBBLE A,CARLSON T,et al.Flight guidance system requirements specification:NAS/CR-2003-212426[R].Washington DC:National Aeronautics and Space Adminis-tration,Langley Research Center,2003.
[10]BU L,WANG Q,REN X,et al.Scenario-based online reachability validation for CPS fault prediction[J].IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2019,39(10):2081-2094.
[11]LI Z,LIU B,LU M,et al.Modeling and verification of de-icing software safety requirement based on expanded Petri net[J].Journal of Beijing University of Aeronautics and Astronautics,2012,38(1):64-69.
[12]CHEN Z,GU Y,HUANG Z,et al.Model checking aircraft controller software:A case study[J].Software:Practice and Experience,2015,45(7):989-1017.
[13]HU J,ZHANG W J,LI W Q.A requirement oriented formalmodeling and verification method for safety critical systems[J].Computer Engineering & Science,2019,41(8):1426-1433.
[14]CHEN S,HU J,TANG H Y,et al.Transformation method for AltaRica3.0 model to NuSMV model[J].Computer Science,2020,47(12):73-86.
[15]LIU C,JIANG Y P,MA C Y,et al.Formal verification of AADL models by NuSMV[J].Acta Aeronautica et Astronautica Sinica,2022,43(1):451-466.
[16]ZHANG Y,HU J,WANG L S,et al.Formal verification method for SCR requirement model[J].Journal of Chinese Computer Systems,2022,43(1):193-202.
[17]LI J A,HU J,WANG L S,et al.Formal Modeling and Verification of Automatic Flight Mode Transition Logic[J].Journal of Nanjing University of Aeronautics & Astronautics/Nanjing Hangkong Hangtian Daxue Xuebao,2023,55(5):768-779.
[18]RAN D,CHEN Z,SUN Y,et al.SCADE Model Checking Based on Program Transformation[J].Computer Science,2021,48(12):125-130.
[19]TRIBBLE A C,LEMPIA D L,MILLER S P.Software safetyanalysis of a flight guidance system[C]//Proceedings.The 21st Digital Avionics Systems Conference.IEEE,2002:13C1-13C1.
[20]LUTZ R R.Analyzing software requirements errors in safety-critical,embedded systems[C]//Proceedings of the IEEE International Symposium on Requirements Engineering.IEEE,1993:126-133.
[21]GACEK A,BACKES J,WHALEN M,et al.TheJKind model checker[C]//Computer Aided Verification:30th International Conference.Springer,2018:20-27.
[22]HALBWACHS N,CASPI P,RAYMOND P,et al.The synchronous data flow programming language LUSTRE[C]//Procee-dings of the IEEE.1991:1305-1320.
[23]ANDREWS S,SOTOUDEH M,BARRETT C.Efficient sat-based bounded model checking of evolving systems[C]//2025 Design,Automation & Test in Europe Conference(DATE).IEEE,2025:1-7.
[24]CHATTERJEE P,ROY S,DIEP B P,et al.Distributed bounded model checking[J].Formal Methods in System Design,2024,64(1):50-72.
[25]HSU T H,SÁNCHEZ C,BONAKDARPOUR B.Bounded mo-del checking for hyperproperties[C]//International Conference on Tools and Algorithms for the Construction and Analysis of Systems.Cham:Springer,2021:94-112.
[26]KAHSAI T,GAROCHE P L,TINELLI C,et al.Incremental verification with mode variable invariants in state machines[C]//NASA Formal Methods:4th International Symposium.Berlin:Springer,2012:388-402.
[27]EÉN N,MISHCHENKO A,BRAYTON R.Efficient implementation of property directed reachability[C]//2011 Formal Me-thods in Computer-Aided Design(FMCAD).IEEE,2011:125-134.
[28]CIMATTI A,GRIGGIO A,MOVER S,et al.IC3 modulo theories via implicit predicate abstraction[C]//Tools and Algorithms for the Construction and Analysis of Systems:20th International Conference.Berlin:Springer,2014:46-61.
[29]DUREJA R,ROZIER K Y.Incremental design-space modelchecking via reusable reachable state approximations[J].Formal Methods in System Design,2021,58(3):375-398.
[30]GaimminLtd.Garmin G1000 pilot’s guide for CessnaNav III[M].USA:GaiminLtd,2005:429-477.
[31]KOLANO E P.Pilot’s operating handbook and FAA approved airplane flight manual[M].USA:FAA,2011
[32]WANG J,ZHAN N J,FENG X Y,et al.Overview of Formal Methods[J].Journal of Software,2019,30(1):33-61.
[1] LI Jiangxu, CHEN Zemao, ZHANG Liqiang. Lightweight Authentication and Key Agreement Protocol for Cloud-assisted Smart Home Communication [J]. Computer Science, 2025, 52(7): 342-352.
[2] SU Zhiyuan, ZHAO Lixu, HAO Zhiheng, BAI Rufeng. Suvery of Artificial Intelligence Ensuring eVTOL Flight Safety in the Context of Low-altitudeEconomy [J]. Computer Science, 2025, 52(6A): 250200050-13.
[3] CHEN Shijia, YE Jianyuan, GONG Xuan, ZENG Kang, NI Pengcheng. Aircraft Landing Gear Safety Pin Detection Algorithm Based on Improved YOlOv5s [J]. Computer Science, 2025, 52(6A): 240400189-7.
[4] XUE Wenyao, WANG Yichen, REN Qingwei. Safety-Critical Software Testing Modeling Method Based on MARTE and STAMP [J]. Computer Science, 2025, 52(6A): 240500080-10.
[5] LI Xiwang, CAO Peisong, WU Yuying, GUO Shuming, SHE Wei. Study on Security Risk Relation Extraction Based on Multi-view IB [J]. Computer Science, 2025, 52(5): 330-336.
[6] HE Ruiqi, ZHANG Kailong, WU Jinfei, YU Qiang, ZHANG Jiaming. Research on Dynamic Redundancy Reliability Mechanisms Based on Multi-core HeterogeneousOperating Systems [J]. Computer Science, 2025, 52(4): 33-39.
[7] WEN Ming, WU Xingtang, SHANG Yuhao, ZHEN Jian, YU Fucai. Real-time Helmet Detection Algorithm for Roadway Engineering Construction Based on UAV Visual Inspection [J]. Computer Science, 2025, 52(11A): 250100047-7.
[8] MAO Ruiqi, CHEN Zhe. Lightweight Memory Safety Runtime Detection Method Combined with Static Analysis [J]. Computer Science, 2025, 52(11A): 241100060-8.
[9] YIN Jiale, CHEN Zhe. Dynamic Analysis Based Fuzz Testing for Memory Safety Vulnerabilities [J]. Computer Science, 2025, 52(11): 382-389.
[10] SUN Lele, HUANG Song, ZHENG Changyou, XIA Chunyan, YANG Zhen. GCE3S:A Method for Generating Safety-critical Scenarios in Autonomous Driving Based on Evolutionary Search [J]. Computer Science, 2025, 52(10): 275-286.
[11] BAO Zepeng, QIAN Tieyun. Survey on Large Model Red Teaming [J]. Computer Science, 2025, 52(1): 34-41.
[12] SHAO Wenxin, YANG Zhibin, LI Wei, ZHOU Yong. Natural Language Requirements Based Approach for Automatic Test Cases Generation of SCADE Models [J]. Computer Science, 2024, 51(7): 29-39.
[13] YAN Rui, CHEN Zhe. Dynamic Analysis Method for Memory Safety of Multithreaded C Programs [J]. Computer Science, 2024, 51(6A): 230900115-6.
[14] ZHU Jun, ZHANG Guoyin, WAN Jingjing. Study on Data Security Framework Based on Identity and Blockchain Integration [J]. Computer Science, 2024, 51(6A): 230400056-5.
[15] LIU Daoqing, HU Hongchao, HUO Shumin. N-variant Architecture for Container Runtime Security Threats [J]. Computer Science, 2024, 51(6): 399-408.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.