2016
DOI: 10.1007/978-3-319-48869-1_2
|View full text |Cite
|
Sign up to set email alerts
|

Specification: The Biggest Bottleneck in Formal Methods and Autonomy

Abstract: Advancement of AI-enhanced control in autonomous systems stands on the shoulders of formal methods, which make possible the rigorous safety analysis autonomous systems require. An aircraft cannot operate autonomously unless it has design-time reasoning to ensure correct operation of the autopilot and runtime reasoning to ensure system health management, or the ability to detect and respond to off-nominal situations. Formal methods are highly dependent on the specifications over which they reason; there is no e… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
48
0

Year Published

2019
2019
2021
2021

Publication Types

Select...
5
2

Relationship

2
5

Authors

Journals

citations
Cited by 53 publications
(48 citation statements)
references
References 46 publications
0
48
0
Order By: Relevance
“…Last, we should keep in mind that specifications, even if they produce formally equivalent models which can be fed to V&V tools, needs to correctly capture the intents of the system designer. As pointed by [Rozier, 2016] "there is no escaping the 'garbage in, garbage out' reality". For this problem, we think that for now, we should rely on good old testing of the system as to check that specifications are correct and synthesize the proper formal model.…”
Section: Conclusion and Prospectivesmentioning
confidence: 99%
“…Last, we should keep in mind that specifications, even if they produce formally equivalent models which can be fed to V&V tools, needs to correctly capture the intents of the system designer. As pointed by [Rozier, 2016] "there is no escaping the 'garbage in, garbage out' reality". For this problem, we think that for now, we should rely on good old testing of the system as to check that specifications are correct and synthesize the proper formal model.…”
Section: Conclusion and Prospectivesmentioning
confidence: 99%
“…We also critically need an MLTL satisfiability checker to enable specification debugging. Specification is a major bottleneck to the formal verification of mission-based, especially autonomous, systems [35], with a key part of the problem being the availability of good tools for specification debugging. Satisfiability checking is an integral tool for specification debugging: [38,39] argued that for every requirement ϕ we need to check ϕ and ¬ϕ for satisfiability; we also need to check the conjunction of all requirements to ensure that they can all be true of the same system at the same time.…”
Section: Introductionmentioning
confidence: 99%
“…From the manual, we know that there are five possible faults that can occur. We read the relevant sensor data from the fluxgate magnetometer and other on-board sensors useful in cross-checking it from Figure 2: R2U2 configurations are sets of observation trees, like this one [23]. The possible failures a fluxgate magnetometer can suffer can be diagnosed by a Bayes Net with a health node corresponding to each type of failure.…”
Section: Key Features Of R2u2mentioning
confidence: 99%
“…In industrial systems, languages and formats for specification vary widely and are often tailored to specific applications. The question of how best to encapsulate specifications from real systems is an ongoing research question [23]. R2U2's Realizability requirement encapsulates the need for specifications that are cross-language, hierarchical, compositional, and extensible.…”
Section: Key Features Of R2u2mentioning
confidence: 99%
See 1 more Smart Citation