Software safety analysis of a flight guidance system

An aircraft´s flight control system provides the capability to stabilize and control the aircraft. Two key elements of a flight control system are the flight guidance system that generates guidance commands and the auto-pilot that executes them. The flight guidance system is a software function composed of flight control laws, that determine the roll and pitch values needed to achieve the desired flight characteristics, and mode logic that selects the appropriate flight control law for the given situation. We developed a formal, executable model of the requirements for the mode logic of a flight guidance system and conducted a comprehensive software safety analysis on the model. We provide an overview of the safety analysis conducted on the software and summarize progress made to date in the use of formal methods to verify the presence of the required safety properties in the software itself.