Supporting the development of new air traffic management software

One factor inhibiting adoption of new air traffic management systems is the inability to provide sufficient assurance for the safety-critical software components. This paper describes an approach to specifying and validating safety-critical systems called SpecTRM (specification tools and requirements methodology). An experimental demonstration of SpecTRM applied to the conflict alert/mode-C intruder (CA/MCI) function of the standard terminal automation replacement systems (STARS) is used as an example. Using SpecTRM to build a model of blackbox software functionality, such as CA/MCI, helps in validating system design early in the development process and in building safety into the design from the beginning. The use of SpecTRM informal and formal specifications/models to specify the system and software functions assists in eliminating inconsistencies and discrepancies common in plain-English documents. In addition, the specifications and models are executable and analyzable. Finally, the resulting specification provides documentation for reference during the maintenance phase of the software life cycle, including the design rationale and the design features related to safety.