Hierarchical specification of the SIFT fault tolerant flight control system

Sie sind hier: Homepage > Suche

Hierarchical specification of the SIFT fault tolerant flight control system

Melliar-Smith, P.M. / Schwartz, R.L.

To meet the objectives of NASA for the reliability of safety-critical flight control systems, the SIFT computer must achieve a reliability well beyond the levels at which reliability can be actually measured. This paper describes the methodology employed to demonstrate rigorously that the SIFT computer meets is reliability requirements. We explain the hierarchy of design specifications from very abstract descriptions of system function down to the actual implementation. The most abstract design specifications can be used to verify that the system functions correctly and with the desired reliability, almost all details of the realization having been abstracted out. A succession of lower-level models refine these specifications to the level of the actual implementation, and can be used to demonstrate that the implementation has indeed the properties of the abstract design specifications. The SIFT (Software Implemented Fault Tolerance) computer is an aircraft flight control computer developed by SRI for the NASA ACEE program, under the direction of B. Dove and N. Murray of the Flight Electronics Division of NASA Langley Research Center. A SIFT system, designed to meet the required ultra high reliability by processor replication and voting, has been constructed by Bendix Corporation and is now operating at SRI. It will shortly be devivered to NASA Langley for evaluation in the Airlab.