| dc.contributor.advisor | Nancy A. Lynch. | en_US |
| dc.contributor.author | Umeno, Shinya | en_US |
| dc.contributor.other | Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. | en_US |
| dc.date.accessioned | 2007-09-28T13:08:09Z | |
| dc.date.available | 2007-09-28T13:08:09Z | |
| dc.date.copyright | 2007 | en_US |
| dc.date.issued | 2007 | en_US |
| dc.identifier.uri | http://hdl.handle.net/1721.1/38920 | |
| dc.description | Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007. | en_US |
| dc.description | Page 222 blank. | en_US |
| dc.description | Includes bibliographical references (p. 195-196). | en_US |
| dc.description.abstract | This thesis presents an assertional-style verification of the aircraft landing protocol of NASA's SATS (Small Aircraft Transportation System) concept of operation using the timed and untimed I/O automata frameworks. We construct two mathematical models of the landing protocol using the above stated frameworks. First, we study a discrete model of the protocol, in which the airspace of the airport and every movement of the aircraft are all discretized. The model is constructed by reconstructing a mathematical model presented in using the untimed I/O automata framework. Using this model, we verify the safe separation of aircraft in terms of the bounds on the numbers of aircraft in specific discretized areas. In addition, we translate this I/O automaton model into a corresponding PVS specification, and conduct a machine verification of the proof using the PVS theorem prover. Second, we construct a continuous model of the protocol by extending the discrete model using the timed I/O automata framework. A refinement technique has been developed to reason about the external behavior between two systems. We present a new refinement proof technique, a weak refinement using a step invariant. | en_US |
| dc.description.abstract | (cont.) Using this new refinement, we carry over the verification results for the discrete model to the new model, and thus guarantee that the safe separation of aircraft verified for the discrete model also holds for the new model. We also prove properties specific to the new model, such as a lower bound on the spacing of aircraft in a specific area of the airport, using an invariant-proof technique. | en_US |
| dc.description.statementofresponsibility | by Shinya Umeno. | en_US |
| dc.format.extent | 222 p. | en_US |
| dc.language.iso | eng | en_US |
| dc.publisher | Massachusetts Institute of Technology | en_US |
| dc.rights | M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. | en_US |
| dc.rights.uri | http://dspace.mit.edu/handle/1721.1/7582 | |
| dc.subject | Electrical Engineering and Computer Science. | en_US |
| dc.title | Proving safety properties of an aircraft landing protocol using timed and untimed I/O automata : a case study | en_US |
| dc.type | Thesis | en_US |
| dc.description.degree | S.M. | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science | |
| dc.identifier.oclc | 163581320 | en_US |
