Lessons Learned from Model Checking a NASA Robot Controller

Natasha Sharygina, James Browne, Fei Xie, Robert Kurshan, Vladimir Levin
2004 Formal methods in system design  
This paper reports as a case study an attempt to model check the control subsystem of an operational NASA robotics system. Thirty seven properties including both safety and liveness specifications were formulated for the system. Twenty two of the thirty seven properties were successfully model checked. Several significant flaws in the original software system were identified and corrected during the model checking process. The case study presents the entire process in a semi-historical mode.
more » ... goal is to provide reusable knowledge of what worked, what did not work and why.
doi:10.1023/b:form.0000040029.73127.85 fatcat:tldbgaqcrjfkdopkmirpl2zcwi