Tool-Supported Verification of Contingency Software Design in Evolving, Autonomous Systems

Advances in software autonomy can support system robustness to a broader range of operational anomalies, called contingencies, than ever before. Contingency management includes, but goes beyond, traditional fault protection. Increased autonomy to achieve contingency management brings with it the challenge of how to verify that the software can detect and diagnose contingencies when they occur. The approach used in this work to investigate the verification was two-fold: (1) to integrate in a single model the representation of the contingencies and of the data signals and software monitors required to identify those contingencies, and (2) to use tool-supported verification of the diagnostics design to identify gaps in coverage of the contingencies. Results presented here indicate that tool-supported verification of the adequacy and correct behavior of such diagnostic software for contingency management can improve on-going contingency analysis, thereby reducing the risk that change has introduced gaps in the contingency software.