University of Minnesota
Software Engineering Center

You are here

Experiences From Specifying the TCAS II Requirements Using RSML

Date of Publication: 
November 1998
Associated Research Groups: 
Publication Files: 
TCAS II (Traffic alert and Collision Avoidance System II) is an avionics system required on all commercial aircraft with more than 30 passengers. In 1990, FAA deemed the Minimal Operational Performance Standard (MOPS) for TCAS II, expressed in plain English and low-level pseudocode, unacceptable as a basis for government certification. To correct this problem, a high-level software requirements specification (SRS) was developed by reverse engineering the pseudocode and capturing the required behavior using RSML (Requirements State Machine Language), a requirements language based on hierarchical communicating finite state machines [1]. The Irvine Safety Research Group, in cooperation with industrial and government representatives, specified the requirements between 1990 and 1992 [1]. In this paper we provide an overview of this project and the specification technique we used. In the following section we discuss the TCAS II project. Next, we cover some desirable properties of a high-level specification language and provide an overview of RSML. Finally, we share lessons learned and outline current developments.
17th Digital Avionics Systems Conference}, Seattle, November 1998. (Awarded Best Paper in Software Track.)
@InProceedings{Heimdahl98:TCAS-Exp, author = {Mats P.E.Heimdahl and Nancy G.Leveson and Jon D. Reese}, title = "Experiences From Specifying the TCAS II Requirements Using RSML", booktitle = {17th Digital Avionics Systems Conference}, month = {November}, year = {1998} }