Abstract
This paper describes the use of the SPADE static analysis and verification tools to model, analyse and formally verify the LUCOL assembly code modules used in the fuel control unit of the Rolls-Royce RB211-524G jet engine. This is probably the first tool-supported formal proof of correctness of safety-critical assembly code in the U.K. The work described is further novel in a number of aspects: the construction of a rigorous model of Z8002 assembly code amenable to analysis and formal verification by SPADE, the rapid development in Prolog of a translator from Z8002 assembly code to FDL (SPADE’s modelling language), the formalisation of the written specifications provided into pre- and post-conditions expressed in first-order predicate calculus, and the use of the SPADE Proof Checker to carry out the proofs of correctness.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
