ebook img

NASA Technical Reports Server (NTRS) 20110003017: Natural Language Interface for Safety Certification of Safety-Critical Software PDF

0.06 MB·English
Save to my drive
Quick download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview NASA Technical Reports Server (NTRS) 20110003017: Natural Language Interface for Safety Certification of Safety-Critical Software

It is fully autonomous, non-GUI-based, This work was done by Kathy Johnson- guidance, navigation, and control do- self-calibrating, and compliant with the Throop of Johnson Space Center; Ralph Krog main. However, there are substantial ob- VXWORKS flight software system. of National Space Biomedical Research Insti- stacles to more widespread adoption of This work was done by Lukas Mandrake, tute; Deborah Eudy and Diane Parisian of code generators in such safety-critical Benjamin J. Bornstein, Stojan Madzunkov, EASI; Seth Rodriguez and John Rogers of domains. Since code generators are typ- and John A. Macaskill of Caltech for NASA’s Barrios Technology; and Mary Wear, Robert ically not qualified, there is no guaran- Jet Propulsion Laboratory. For more informa- Volpe, and Gina Trevino of Wyle Laborato- tee that their output is correct, and con- tion, contact [email protected]. ries. Further information is contained in a sequently the generated code still needs The software used in this innovation is TSP (see page 1).MSC-24172-1 to be fully tested and certified. available for commercial licensing. Please con- The AutoCert generator plug-in sup- tact Daniel Broderick of the California Insti- ports the certification of automatically tute of Technology at [email protected]. Adaption of the AMDIS generated code by formally verifying Refer to NPO-46956. Method to Flight Status on that the generated code is free of differ- the VCAM Instrument ent safety violations, by constructing an Software has been developed to func- independently verifiable certificate, and Astronaut Health Partici- tion onboard the International Space by explaining its analysis in a textual pant Summary Application Station (ISS) to help safeguard human form suitable for code reviews. This en- The Longitudinal Study of Astronaut health by detecting compounds of con- ables missions to obtain assurance about Health (LSAH) Participant Summary cern in the cabin atmosphere, both in the safety and reliability of the code software captures data based on a cus- identity and concentration. This soft- without excessive manual effort. The key tom information model designed to ware calibrates and processes a stan- technical idea is to exploit the idiomatic gather all relevant, discrete medical dard 2D dataset (mass spectrum versus nature of auto-generated code in order events for its study participants. This time) output from a gas chro- to automatically infer logical annota- software provides a summarized view of matogram/mass spectrometer by iden- tions that describe properties of the the study participant’s entire medical tifying temporal events, including the code. These allow the automatic formal record. The manual collapsing of all the possibility for near simultaneous event verification of the safety properties with- data in a participant’s medical record overlap, reducing the mass spectra for out requiring access to the internals of into a summarized form eliminates re- each event and comparing to an arbi- the code generator. The approach is dundancy, and allows for the capture of trary library of known compounds. The therefore independent of the particular entire medical events. The coding tool level of autonomy, adjustment of pa- generator used. The use of a combined could be incorporated into commercial rameters for the VCAM devices’ specific generation/analysis tool can allow sys- electronic medical record software for data characteristics, and adaptive mass tem engineers to concentrate on the use in areas like public health surveil- resolution to ease requirement of preci- modeling and design, rather than worry- lance, hospital systems, clinics, and med- sion mass calibration are three unique ing about low-level software details. By ical research programs. features of this design. The estimation providing tracing between code and ver- The software also enables structured of concentration is also a significant ad- ification artifacts, and customizable coding that enforces a custom set of dition to the standard AMDIS (NIST) safety reports, the tool supports both rules, as well as captures the context of implementation. Solution filtration certification and debugging. Although the coded term. The terminology used is based on elution time, and an arbitra- integrated with the code generator, Au- SNOMED CT, which is a massive termi- tion algorithm for similar matches, pro- toCert is functionally independent in nology consisting of over 366,000 con- vide the user with a more succinct, sin- the sense that it does not rely on the cor- cepts with unique meanings and formal, gle-valued estimate in comparison to rectness of any generator components. logic-based definitions that are organ- algorithms designed to merely augment The tool has two main benefits: (1) it ized into 18 hierarchies. In addition, it expert hand analysis. helps catch bugs in autocoders, and (2) contains more than 993,000 descriptions This work was done by Lukas Mandrake, it helps with the certification process for or synonyms for flexibility in expressing Benjamin J. Bornstein, Seungwon Lee, and the autogenerated code, thus mitigating clinical concepts. SNOMED CT is also a Brian D. Bue of Caltech for NASA’s Jet the risk of using COTS autocoders that compositional terminology, so multiple Propulsion Laboratory. For more information, lack a trusted heritage. concepts can be grouped together to contact [email protected]. The AutoCert technology also has a create an expression that has a totally The software used in this innovation is number of advantages over other ap- different logical definition. By using available for commercial licensing. Please con- proaches to formal verification. It can some custom composition rules along tact Daniel Broderick of the California Insti- handle code with arbitrary loops, and with the context within the Participant tute of Technology at [email protected]. can handle code generated from both Summary, a user can greatly reduce the Refer to NPO-46563. continuous and discrete models. More- number of candidate concepts, which over, the certification system based on not only improves productivity, it en- annotation inference is more flexible sures that only legal SNOMED expres- Natural Language Interface and extensible than decentralized ar- sions can be created. for Safety Certification of chitectures where certification infor- LSAH defines the line between the Safety-Critical Software mation is distributed throughout the terminology and the information Model-based design and automated code generator. Identifying the pat- model. It takes a middle road between code generation are being used increas- terns that are used to infer the annota- putting all the structure in a complex ingly at NASA. The trend is to move be- tions is an iterative process, but by al- coded term and putting all the structure yond simulation and prototyping to lowing tracing between VCs in numerous database fields. actual flight code, particularly in the (verification conditions) and state- 24 NASA Tech Briefs, January 2011 ments of the auto-generated code, the capture many variations of the underly- Research Center. Further information is con- tool lets missing annotations and, thus, ing code idioms. In particular, one can tained in a TSP (see page 1). missing patterns, to be pinpointed easily deal with optimizations that ob- Inquiries concerning rights for the commer- more easily. By raising the level of ab- scure low-level code structure. cial use of this invention should be addressed to straction at which verification knowl- This program was written by Ewen Denney the Ames Technology Partnerships Division at edge is expressed, one can concisely and Bernd Fischer of USRA/RIACS for Ames (650) 604-5761. Refer to ARC-15990-1. NASA Tech Briefs, January 2011 25

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.