Automating Certification Objectives with SpeAR

The Speci cation and Analysis of Requirements (SpeAR) tool is a requirements prototyping and analysis tool based on the formal semantics of the Lustre language. It features a domain speci c language that formally captures functional requirements of systems or software. Once formalized, requirements can be analyzed to demonstrate correct- ness, consistency, and traceability using in nite-state model checking tools, such as JKind. The formal notation and analyses that SpeAR supports can be used to automate activities related to certi cation of safety critical software as suggested by DO-178C: Software Considera- tions in Airborne Systems and Equipment Certi cation. This standard de nes a rigorous software development process that ensures that soft- ware development activities produce object code that implement sys- tem requirements correctly, while introducing no additional functional- ity. Recent updates to the guidance allow for the use of formal methods to satisfy DO-178C certi cation objectives as outlined in DO-333: For- mal Methods Supplement to DO-178C and DO-278A. This paper walks through an e ort in which SpeAR is used to automate certi cation ac- tivities for production avionics software. It focuses on the use of SpeAR to address veri cation objectives related to the software design artifacts of DO-178C, replacing manual peer review activities with more rigorous formal-methods based analyses.