Autopilot Tutor 1 Model Checking the Autopilot Pilot

  • Slides: 8
Download presentation
Autopilot Tutor 1

Autopilot Tutor 1

Model Checking the Autopilot Pilot Task Regular Expr GUI Program Automatically Replace GUI methods

Model Checking the Autopilot Pilot Task Regular Expr GUI Program Automatically Replace GUI methods with stubs Instrument Event Handling (Semi-automated) Program Error Script + Compiler JPF Java Program JPF + Pilot Mental Model No Mode Confusion 2

Event Handling public void mouse. Clicked (Mouse. Event e){ //init button if((e. get. X()>initbuttonx)

Event Handling public void mouse. Clicked (Mouse. Event e){ //init button if((e. get. X()>initbuttonx) && (e. get. X()<initbuttonx+30) && (e. get. Y()>initbuttony) && (e. get()<initbuttony+20)){ //initialize variables }… public void mouse. Clicked (int e){ … //init button if( e == 1){ //initialize variables }. . . 3

Pilot Task Descriptions #start=mouse. Clicked(1); #pull. Alt. Knob=mouse. Clicked(6); #incr. MCPAlt=mouse. Clicked(9); #incr. MCPVS=mouse.

Pilot Task Descriptions #start=mouse. Clicked(1); #pull. Alt. Knob=mouse. Clicked(6); #incr. MCPAlt=mouse. Clicked(9); #incr. MCPVS=mouse. Clicked(11); #fly=mouse. Clicked(14); #pilot. Exp=get. Expectation(); //climb away from mcp altitude - 2 sec ( start > incr. MCPAlt^10 > pull. Alt. Knob > (pilot. Exp > fly)^8 > incr. MCPVS^2 > (pilot. Exp > fly)^5 ); // climb away from mcp altitude ( start > incr. MCPAlt^10 > pull. Alt. Knob > (pilot. Exp > fly)^8 > incr. MCPVS^6 > (pilot. Exp > fly)^5 ); ( start > incr. MCPAlt^{1, 10} > pull. Alt. Knob > (pilot. Exp > fly)^{1, 10} > incr. MCPVS^{1, 10} > (pilot. Exp > fly)^5 ); 4

Java for Pilot Task import gov. nasa. arc. ase. jpf. jvm. Verify; public class

Java for Pilot Task import gov. nasa. arc. ase. jpf. jvm. Verify; public class Env. Driver. Thread 0 extends java. lang. Thread { public Pilot. Mental field 0; public Core. Autopilot field 1; public Env. Driver. Thread 0(Pilot. Mental param 0, Core. Autopilot param 1){ field 0 = param 0; field 1 = param 1; } public void run(){ field 1. mouse. Clicked(1); for(int i=0; i<1+Verify. random(9); i++){ field 1. mouse. Clicked(9); } field 1. mouse. Clicked(6); for(int i=0; i<1+Verify. random(9); i++){ field 0. get. Expectation(); field 1. mouse. Clicked(14); } for(int i=0; i<1+Verify. random(9); i++){ field 1. mouse. Clicked(11); } for(int i=0; i<5; i++){ field 0. get. Expectation(); field 1. mouse. Clicked(14); } }} 5

Pilot Mental Model public void get. Expectation() { // current altitude 100 ft or

Pilot Mental Model public void get. Expectation() { // current altitude 100 ft or more below capture altitude - climb if(ap. mcp. Altitude - ap. altitude >= 100) expectation = climb; // current altitude 100 ft or more above capture alitude - descend if(ap. altitude - ap. mcp. Altitude >= 100) expectation = descend; // at capture altitude - hold if(ap. altitude == ap. mcp. Altitude) expectation = hold; check. Expectation(); } 6

Mode Confusion Property public void check. Expectation() { Verify. assert(expectation != climb || ap.

Mode Confusion Property public void check. Expectation() { Verify. assert(expectation != climb || ap. situation. Number == 1 || ap. situation. Number == 2 || ap. situation. Number == 5 || ap. situation. Number ==12 || ap. situation. Number == 16); Verify. assert(expectation != descend || ap. situation. Number == 3 || ap. situation. Number == 4 || ap. situation. Number ==13); Verify. assert(expectation != hold || ap. situation. Number == 1 || ap. situation. Number == 2 || ap. situation. Number == 4 || ap. situation. Number == 5 || ap. situation. Number == 8 || ap. situation. Number == 12 || ap. situation. Number == 16 || ap. situation. Number == 19); } 7

JPF Output • JPF produces an execution path through the Java code to the

JPF Output • JPF produces an execution path through the Java code to the assertion violation – This can be analyzed in a debugger style, but since it is 1013 steps long this will be too tedious • Process JPF output to capture GUI commands that leads to the mode confusion – start > incr. MCPAlt > pull. Alt. Knob > fly > incr. MCPVS > fly • Replay these steps in the Tutor Applet to see the problem 8

Troubleshooting Autopilot Spencer Shumway Windows Autopilot PM WindowsTroubleshooting Autopilot Spencer Shumway Windows Autopilot PM Windows
Autopilot Product Offering Updates 2013 Platforms Autopilot steeringAutopilot Product Offering Updates 2013 Platforms Autopilot steering
PROYECTO TUTOR Curso 20122013 PROYECTO TUTOR EL TUTORPROYECTO TUTOR Curso 20122013 PROYECTO TUTOR EL TUTOR
Type Checking and Scope Type Checking Type checkingType Checking and Scope Type Checking Type checking
Desk Checking Desk Checking Desk checking is aDesk Checking Desk Checking Desk checking is a
Checking and Banking Checking Account Basics A checkingChecking and Banking Checking Account Basics A checking
Checking Savings CDs Checking What is a checkingChecking Savings CDs Checking What is a checking