Acas Carnegie Mellon

Posted By admin On 13/04/22
  1. Chludzinski, B.J.: Evaluation of TCAS II version 7.1 using the FAA fast-time encounter generator model. Tech. Rep. ATC-346, MIT Lincoln Laboratory (April 2009)Google Scholar
  2. Dowek, G., Muñoz, C., Carreño, V.: Provably safe coordinated strategy for distributed conflict resolution. In: AIAA Guidance Navigation, and Control Conference and Exhibit (2005)Google Scholar
  3. von Essen, C., Giannakopoulou, D.: Analyzing the next generation airborne collision avoidance system. In: Ábrahám, E., Havelund, K. (eds.) TACAS 2014. LNCS, vol. 8413, pp. 620–635. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  4. Federal Aviation Administration: Introduction to TCAS II, version 7.1 (February 2011)Google Scholar
  5. Federal Aviation Administration TCAS Program Office: Algorithm design description for the surveillance and tracking module of ACAS X, run12 (July 2014)Google Scholar
  6. Federal Aviation Administration TCAS Program Office: Algorithm design description for the threat resolution module of ACAS X, version 3 Rev. 1 (May 2014)Google Scholar
  7. Galdino, A.L., Muñoz, C., Ayala-Rincón, M.: Formal verification of an optimal air traffic conflict resolution and recovery algorithm. In: Leivant, D., de Queiroz, R. (eds.) WoLLIC 2007. LNCS, vol. 4576, pp. 177–188. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. Ghorbal, K., Jeannin, J.B., Zawadzki, E., Platzer, A., Gordon, G.J., Capell, P.: Hybrid theorem proving of aerospace systems: Applications and challenges. Journal of Aerospace Information Systems (2014)Google Scholar
  9. Holland, J.E., Kochenderfer, M.J., Olson, W.A.: Optimizing the next generation collision avoidance system for safe, suitable, and acceptable operational performance. Air Traffic Control Quarterly (2014)Google Scholar
  10. Jeannin, J.B., Ghorbal, K., Kouskoulas, Y., Garnder, R., Schmidt, A., Zawadzki, E., Platzer, A.: A formally verified hybrid system for the next-generation airborne collision avoidance system. Tech. Rep. CMU-CS-14-138, School of Computer Science, Carnegie Mellon University, Pittsburgh, PA (2014), http://reports-archive.adm.cs.cmu.edu/anon/2014/CMU-CS-14-138.pdf, KeYmaera files available at http://www.ls.cs.cmu.edu/pub/acasx.zip
  11. Kochenderfer, M.J., Espindle, L.P., Kuchar, J.K., Griffith, J.D.: Correlated encounter model for cooperative aircraft in the national airspace system version 1.0. Tech. Rep. ATC-344, MIT Lincoln Laboratory (October 2008)Google Scholar
  12. Kochenderfer, M.J., Chryssanthacopoulos, J.P.: Robust airborne collision avoidance through dynamic programming. Tech. Rep. ATC-371, MIT Lincoln Laboratory (January 2010)Google Scholar
  13. Kochenderfer, M.J., Holland, J.E., Chryssanthacopoulos, J.P.: Next generation airborne collision avoidance system. Lincoln Laboratory Journal 19(1), 17–33 (2012)Google Scholar
  14. Kochenderfer, M.J., Monath, N.: Compression of optimal value functions for Markov decision processes. In: Data Compression Conference, Snowbird, Utah (2013)Google Scholar
  15. Loos, S.M., Renshaw, D.W., Platzer, A.: Formal verification of distributed aircraft controllers. In: HSCC, pp. 125–130. ACM (2013)Google Scholar
  16. Lygeros, J., Lynch, N.: On the formal verification of the TCAS conflict resolution algorithms. In: IEEE Decision and Control, vol. 2, pp. 1829–1834. IEEE (1997)Google Scholar
  17. Platzer, A.: Differential dynamic logic for hybrid systems. J. Autom. Reas. 41(2), 143–189 (2008)CrossRefzbMATHMathSciNetGoogle Scholar
  18. Platzer, A.: Logical Analysis of Hybrid Systems: Proving Theorems for Complex Dynamics. Springer (2010)Google Scholar
  19. Platzer, A.: Logics of dynamical systems. In: LICS, pp. 13–24. IEEE (2012)Google Scholar
  20. Platzer, A., Clarke, E.M.: Formal verification of curved flight collision avoidance maneuvers: A case study. In: Cavalcanti, A., Dams, D.R. (eds.) FM 2009. LNCS, vol. 5850, pp. 547–562. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  21. Platzer, A., Quesel, J.-D.: KeYmaera: A hybrid theorem prover for hybrid systems (System description). In: Armando, A., Baumgartner, P., Dowek, G. (eds.) IJCAR 2008. LNCS (LNAI), vol. 5195, pp. 171–178. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  22. Tomlin, C., Pappas, G.J., Sastry, S.: Conflict resolution for air traffic management: A study in multiagent hybrid systems. IEEE Transactions on Automatic Control 43(4), 509–521 (1998)CrossRefzbMATHMathSciNetGoogle Scholar

Carnegie Mellon Football

Serving OpenID Connect identity and authentication for Cyberforce ID applications. Were recruited from the ranks of Carnegie Mellon stu-dents and staff and givena choice of a WindowsXP par-cel, a Linux parcel, or both. Each parcel was configured with an 8 GB virtual disk and 256 MB of memory. The gold images used to create new parcels for users were updated at varioustimes overthe course ofthe pilot with security patches. ACAS – May 1992 FCAS – November 1993. Biographical Information Education. Bachelor of Science in Mathematics, Carnegie Mellon University, Pittsburgh, PA Current Employment. Senior Consulting Actuary Risk & Regulatory Consulting, LLC New York, NY CAS Activities.

Table of Contents
KeYmaera or
Source

Overview

Flight control maneuvers are very important systems where correct functioning is crucial.At the same time, their dynamics is so complicated that the analysis of collision avoidance protocols in air traffic management is pretty challenging.These protocols direct aircraft, which are flying close, to flight paths which respect the protected zones of the aircraft.

Flight Dynamics

The dynamics of aircraft depends on several parameters, including positions, linear velocities, angular velocities.It is described in terms of differential equations for flight and computer control algorithms.

Classical Collision Avoidance Attempts

Several collision avoidance maneuvers have been proposed to resolve conflicting flight paths.The left figure illustrates the collision that happens in uncontrolled flight.The middle figure illustrates a classical roundabout collision avoidance resolution, which works successfully.The right figure illustrates an unsuccessful choice for classical fixed roundabout collision resolution attempts.It was found by our hybrid systems verification tool.

Advanced and Flyable Collision Avoidance Maneuvers

Possible advanced aircraft maneuvers for collision avoidance include the tangential roundabout (left) and flyable roundabout maneuver (right).

To prove correctness of those maneuvers, we have proved formulas in differential dynamic logic (dL).For example, the following dL expresses that two aircraft x and y always remain safely separated by the protected zone if they are safely separated initially and follow the tangential roundabout collision avoidance maneuver trm:

safeSeparation(x,y) -> [trm]safeSeparation(x,y)
We have proved this formula in the dL proof calculus.For details on the model, the definition of the formula safeSeparation(x,y) and the proof, see [2].The key proof techniques are the proof calculus for differential-algebraic dynamic logic [2] and differential invariants [2].More complex properties about more complex systems, including a flyable roundabout collision avoidance maneuver, are proved in follow-up work [6,5]. We have proved corresponding safe separation properties about distributed air traffic control with arbitrarily many aircraft and dynamic appearance and disappearance of aircraft in quantified differential dynamic logic [7] using quantified differential invariants [8].

Distributed Aircraft Controllers

We have considered a class of distributed collision avoidance controllers designed to work even in environments with arbitrarily many aircraft or UAVs [9]. We have proved that the controllers never allow the aircraft to get too close to one another, even when new planes approach an in-progress avoidance maneuver that the new plane may not be aware of. Because these safety guarantees always hold, the aircraft are protected against unexpected emergent behavior which simulation and testing may miss. This is an important step in formally verified, flyable, and distributed air traffic control.

Airborne Collision Avoidance System ACAS X

Carnegie mellon footballThe next-generation Airborne Collision Avoidance System (ACAS X) is intended to be installed on all large aircraft to give advice to pilots and prevent mid-air collisions with other aircraft. It is currently being developed by the Federal Aviation Administration (FAA). In this paper [10] we determine the geometric configurations under which the advice given by ACAS X is safe under a precise set of assumptions and formally verify these configurations using hybrid systems theorem proving techniques. We conduct an initial examination of the current version of the real ACAS X system and discuss some cases where our safety theorem conflicts with the actual advisory given by that version, demonstrating how formal, hybrid approaches are helping ensure the safety of ACAS X. Our approach is general and could also be used to identify unsafe advice issued by other collision avoidance systems or confirm their safety.An overview and a thorough investigation of the ACAS X decision table subsequently appeared in an invited paper [11].More details and additional results on the verification of maneuvers that are safeable, so not necessarily safe right now but can still be made safe by a subsequent advisory, can be found in an extended journal version for STTT [12].

Abstract

Aircraft collision avoidance maneuvers are important and complex applications. Curved flight exhibits nontrivial continuous behavior. In combination with the control choices during air traffic maneuvers, this yields hybrid systems with challenging interactions of discrete and continuous dynamics. As a case study illustrating the use of a new proof assistant for a logic for nonlinear hybrid systems, we analyze collision freedom of roundabout maneuvers in air traffic control, where appropriate curved flight, good timing, and compatible maneuvering are crucial for guaranteeing safe spatial separation of aircraft throughout their flight. We show that formal verification of hybrid systems can scale to curved flight maneuvers required in aircraft control applications. We introduce a fully flyable variant of the roundabout collision avoidance maneuver and verify safety properties by compositional verification.

Keywords:formal verification of hybrid systems, deduction, air traffic control, logic for hybrid systems

Selected Publications

Carnegie Mellon Basketball

Also see publications on verification of aerospace systems.

Acas Carnegie Mellon University

  1. Jean-Baptiste Jeannin, Khalil Ghorbal, Yanni Kouskoulas, Aurora Schmidt, Ryan Gardner, Stefan Mitsch, and André Platzer.
    A formally verified hybrid system for safe advisories in the next-generation airborne collision avoidance system.
    STTT, 19(6), pp. 717-741, 2017.
    Special issue for selected papers from TACAS'15. © Springer-Verlag
    [bib pdf doi kyx study TACAS'15 abstract]
  2. Jean-Baptiste Jeannin, Khalil Ghorbal, Yanni Kouskoulas, Ryan Gardner, Aurora Schmidt, Erik Zawadzki, and André Platzer.
    Formal verification of ACAS X, an industrial airborne collision avoidance system.
    In Alain Girault and Nan Guan, editors, International Conference on Embedded Software, EMSOFT'15, Amsterdam, The Netherlands, Proceedings, pp. 127-136. IEEE Press, 2015. © IEEE
    [bib pdf doi abstract]
  3. Jean-Baptiste Jeannin, Khalil Ghorbal, Yanni Kouskoulas, Ryan Gardner, Aurora Schmidt, Erik Zawadzki, and André Platzer.
    A formally verified hybrid system for the next-generation airborne collision avoidance system.
    In Christel Baier and Cesare Tinelli, editors, Tools and Algorithms for the Construction and Analysis of Systems - 21st International Conference, TACAS 2015, London, UK, April 11-18, 2015, Proceedings, volume 9035 of LNCS, pp. 21-36. Springer, 2015. © Springer-Verlag
    [bib pdf doi study TR STTT'17 abstract]
  4. Sarah M. Loos, David W. Renshaw and André Platzer.
    Formal verification of distributed aircraft controllers.
    In Calin Belta and Franjo Ivancic, editors, Hybrid Systems: Computation and Control (part of CPS Week 2013), HSCC'13, Philadelphia, PA, USA, April 8-13, 2013, pp. 125-130. ACM, 2013. © ACM
    [bib pdf doi slides poster study TR abstract]
  5. André Platzer.
    Quantified differential invariants.
    In Emilio Frazzoli and Radu Grosu, editors, Proceedings of the 14th ACM International Conference on Hybrid Systems: Computation and Control, HSCC 2011, Chicago, USA, April 12-14, pp. 63-72. ACM, 2011. © ACM
    [bib pdf doi slides abstract]
  6. André Platzer.
    Quantified differential dynamic logic for distributed hybrid systems.
    In Anuj Dawar and Helmut Veith, editors, Computer Science Logic, 19th EACSL Annual Conference, CSL 2010, Brno, Czech Republic, August 23-27, 2010. Proceedings, volume 6247 of LNCS, pp. 469-483. Springer, 2010. © Springer-Verlag
    [bib pdf doi slides TR LMCS'12 abstract]
  7. André Platzer and Edmund M. Clarke.
    Formal verification of curved flight collision avoidance maneuvers: A case study.
    In Ana Cavalcanti and Dennis Dams, editors, 16th International Symposium on Formal Methods, FM, Eindhoven, Netherlands, Proceedings, volume 5850 of LNCS, pp. 547-562. Springer, 2009. © Springer-Verlag
    This paper was awarded the FM Best Paper Award.
    [bib pdf doi slides study TR abstract]
  8. André Platzer.
    Logical Analysis of Hybrid Systems:
    Proving Theorems for Complex Dynamics.
    Springer, Heidelberg, 2010. 426 pages. ISBN 978-3-642-14508-7.
    [bib doi book web errata abstract]
  9. André Platzer and Edmund M. Clarke.
    Formal Verification of Curved Flight Collision Avoidance Maneuvers: A Case Study.
    School of Computer Science, Carnegie Mellon University, CMU-CS-09-147, 2009.
    [bib pdf FM'09]
  10. André Platzer.
    Differential Dynamic Logics:
    Automated Theorem Proving for Hybrid Systems.
    PhD Thesis, Department of Computing Science, University of Oldenburg, 2008.
    ACM Doctoral Dissertation Honorable Mention Award in 2009.
    Extended version appeared as book Logical Analysis of Hybrid Systems: Proving Theorems for Complex Dynamics, Springer, 2010.
    [bib pdf eprint slides book ebook abstract]
  11. André Platzer.
    Differential-algebraic dynamic logic for differential-algebraic programs.
    Journal of Logic and Computation, 20(1), pp. 309-352, 2010.
    Special issue for selected papers from TABLEAUX'07. © The author.
    [bib pdf doi eprint study errata TABLEAUX'07 abstract]
  12. André Platzer and Edmund M. Clarke.
    The image computation problem in hybrid systems model checking.
    In Alberto Bemporad, Antonio Bicchi and Giorgio Buttazzo, editors, Hybrid Systems: Computation and Control, 10th International Conference, HSCC 2007, Pisa, Italy, Proceedings, volume 4416 of LNCS, pp. 473-486. Springer, 2007, © Springer-Verlag
    [bib pdf doi slides tool abstract]