A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is
This paper reports as a case study an attempt to model check the control subsystem of an operational NASA robotics system. Thirty seven properties including both safety and liveness specifications were formulated for the system. Twenty two of the thirty seven properties were successfully model checked. Several significant flaws in the original software system were identified and corrected during the model checking process. The case study presents the entire process in a semi-historical mode.doi:10.1023/b:form.0000040029.73127.85 fatcat:tldbgaqcrjfkdopkmirpl2zcwi