高级软件工程（英文版）：sept29

State Machine Specifications Define behavior using states and transitions between states temp < sp / temp > sp / setpoint Below setpoint At Above setpoint turn on ACturn on heat temp = sp / temp = sp / turn off heat turn off AC c Copyright Nancy Leveson, Sept. 1999 a0 c Copyright Nancy Leveson, Sept. 1999 State Machine Specifications (2) Can easily define time constraints on transitions: e.g. telephone switch, must dial 4 digits (internal call) within 10 seconds P offhook / Start Timer T (10), Dialtone Alarm T / Reordertone Alarm T / Reordertone Alarm T / Reordertone Alarm T / Reordertone Start Timer T (10) P depress hookswitch / Idle Again Dial Await first digit Await second digit Await fourth digit Await third digit Conversing 0 thru 9 / Connect 0 thru 9 / - 0 thru 9 / - 1 thru 8 / - a1 cruise control Speed Speed Increasing Maintaining Off Control Cruise Mode Standby and in Control On Cruise or accelerator depressed / cruise control to increase at X rate send command to throttle initialize cc turned on / discontinue brake depressed set point reached / reduce throttle increase speed commanded / cruise control turned off read wheel turning rate / adjust throttle a2 SpecTRM-RL State explosion prevented by dividing components into parallel state machines. Aircraft Scheduled Available Blocked Unknown Traffic Density Schedule Slot [1...90] High Unknown Low Average Complete state space is the cross product. a3 SpecTRM-RL (2) Each state can be hierarchically refined. Schedule Slot [1...90]Traffic Density Available AIRCRAFT SCHEDULED BLOCKED Unknown Aircraft Type STA Begin Time End Time Low Average High Unknown ETA ID Light Large Heavy Unknown a4 Transition Conditions are Specified Using AND/OR Tables a30 a29a31a26a17a7a12a11a28a18a21a25a27a11a28a9a10a32a33a32a31a13 a34 a35a22a11a28a36a10a43a84a13 a45a46a9a10a29a47a7a19a18a14a25a121a11a28a9a19a32a47a32a31a13 a34 a35a8a36a19a29a47a7a37a15a38a29a31a13 a9a12a23 a18a14a25a121a26a19a11a28a7a10a9a19a29 a25a27a26a10a11a28a7a19a9a10a29 a122a47a123a37a25a27a50a49a124a49a125a41a126a22a50 a100 a127 a25a90a52a22a25a27a124 a127 a25a27a26a10a11a28a7a10a9a19a29 a30 a29a42a26a17a7a12a11a39a18a14a25a27a11a28a9a10a32a47a32a42a13 a34 a68a70a69 a5 . . . . . . . . . . . . . . a6a8a7a10a9a12a11a14a13 a15a17a16a19a18a21a20a22a9a12a23 a13 a24 a35a8a36a10a29a33a7a37a15a38a29a31a13 a9a12a23 a18a21a25a27a26a19a11a39a7a19a9a10a29a33a18a21a40a41a36a37a15a38a24a37a13 a29a42a13 a36a37a15 a35a22a11a28a36a10a43a44a13 a45a46a9a19a29a47a7a19a18a21a25a27a11a28a9a10a32a33a32a31a13 a34a48a18a14a40a49a36a12a15a17a24a12a13 a29a31a13 a36a12a15 a50a51a9a12a15a17a16a19a7a10a18a14a20a22a9a12a23 a13 a24 a52a53a23 a29a47a18a54a50a51a7a12a55a17a36a12a11a39a29a42a13 a15a17a16a57a56a47a58a60a59a14a61a10a62a14a63a10a62a14a64a66a65a38a36a10a67a48a29 a5 a5 a5a71 a71 a5 a71 a71 a5 a128a48a129a131a130a75a132a134a133 a135 a129a131a136a75a137a75a133 a128a48a129a131a130a75a137a134a133 a128a48a129a131a130a75a137a134a130 a30 a29a42a26a17a7a12a11a39a18a14a52a53a13 a11a28a34a44a11a28a9a10a32a33a29 a30 a15a17a18a14a139a138a11a28a36a12a87a10a15a38a24a56a47a58a60a59a14a61a10a62a14a63a19a62a21a64 a117 a115 a116 a72a51a64a19a61a10a73a12a74a75a56a47a76a60a62a77a56 a78a27a58a80a79a81a52a82a29a31a26a19a11a28a7a10a9a19a29a37a13 a67a83a11a28a7a10a34a44a23 a9a19a67a48a67a84a13 a32a31a13a7a19a24a85a9a19a67a70a36a10a29a31a26a38a7a12a11a86a29a42a11a39a9a19a32a47a32a31a13 a34a83a13 a32a12a13 a29a47a67a70a9a37a23 a29a31a13a29a31a87a17a24a19a7a88a11a39a7a12a55a17a36a12a11a28a29a31a13 a15a17a16 a26a17a9a19a67a138a110a38a7a10a7a12a15a106a23 a36a10a67a107a29 a98 a99a12a100a47a103a38a104a10a105 a9a12a15a17a24a106a7a37a13 a29a31a26a17a7a12a11a60a29a31a26a38a7a111a110a38a7a19a9a37a11a14a13 a15a17a16a106a36a12a11a90a11a39a9a12a15a17a16a19a7a88a13 a15a10a55a19a87a17a29a33a67a113a9a12a11a39a7a88a13 a15 a9a12a23 a13 a24a37a108 a109 a13 a32a37a13 a29a33a67a113a9a12a23 a29a31a13a29a31a87a38a24a10a7a88a11a28a7a37a55a38a36a12a11a39a29a31a13 a15a38a16a88a26a17a9a19a67a83a110a17a7a19a7a37a15a106a23 a36a19a67a48a29a10a9a12a15a38a24a111a110a38a36a10a29a42a26a46a29a31a26a17a7a88a11a28a9a37a15a38a16a10a7a106a9a12a15a17a24a88a110a38a7a10a9a12a11a21a13 a15a38a16a106a9a37a11a28a7 a9a12a23 a13 a24a88a110a10a87a38a29a37a15a38a7a12a13 a29a31a26a17a7a12a11a60a29a31a26a38a7a111a55a19a11a28a36a10a43a84a13 a45a46a9a10a29a47a7a88a15a38a36a37a11a90a55a38a36a10a29a47a7a12a15a38a29a31a13 a9a37a23a77a29a31a26a19a11a39a7a19a9a10a29a19a34a44a23 a9a19a67a48a67a44a13 a32a31a13 a34a48a9a19a29a31a13 a36a12a15a112a34a84a11a21a13 a29a33a7a37a11a14a13 a9 a109 a9a12a11a39a7a106a67a48a9a19a29a31a13 a67a107a32a31a13 a7a10a24a12a108a38a36a37a11a60a29a31a26a38a7a106a9a37a13 a11a28a34a44a11a28a9a10a32a33a29a37a13 a67a70a36a37a15a46a29a31a26a38a7a106a16a37a11a28a36a37a87a19a15a38a24 a98 a99a37a100a33a103a17a99a19a105 . a99a12a100 a99a10a104a12a114 a99a12a100 a99a10a101 a118 a100 a119a37a100a33a103a10a114 a25a27a11a39a9a19a32a47a32a31a13 a34a107a18a21a52a22a24 a13a67a107a36a37a11a28a120 a109 a89a46a63a37a76a90a76a90a56a47a58a60a91a92a62a14a78a94a93a60a64a19a95a10a64a12a96a17a102a12a79 a89a46a63a37a76a90a76a90a56a47a58a60a91a92a62a14a78a94a93a60a64a19a95a10a64a12a96a17a97a12a79 a140 Device Controlled Command Measured Variable (Feedback) Control Measured Variable 1 Measured Variable 2 Display Output SUPERVISORY MODE Component INFERRED SYSTEM STATEOPERATING MODES Control Input Sensor Supervisor INFERRED SYSTEM OPERATING MODES a141 a142a83a143a145a144a147a146a145a144a147a148a12a149a12a150a152a151a154a153a155a146a156a144a158a157a160a159a162a161a155a150a48a163a8a148a12a146a156a164a158a150a48a165a82a150a48a166a44a144a158a167 a168a170a169a37a171a173a172a51a174a176a175 a159a80a146a14a167a94a177a80a164a158a178a84a179a12a143a156a150a48a165a180a153a182a181a10a167a183a144a147a181a10a184a10a150a107a166a186a185a31a164a158a178a84a165 a181a10a166a187a150a17a188a80a181a10a165a82a177a12a143a14a150a189a179a44a190a191a151a154a144a158a150a107a192a10a150a194a193a170a146a14a143a156a143a14a150a107a164a183a181a86a144a195a161a155a178a90a157a160a184a44a153a113a150a48a143a156a143 a178a84a143a156a143a14a146a14a166a80a167a48a197a199a198a200a159a37a181a81a192a10a150a88a166a12a178a10a144a138a181a10a143a156a144a158a150a48a164a201a150a48a149a170a144a158a159a12a150a88a178a10a164a158a146a14a202a10a146a14a166a37a181a10a143a203a150a17a188a80a181a10a165a82a177a12a143a14a150a204a181a10a143a156a144a158a159a12a178a84a148a12a202a10a159a170a198a182a153a113a178a84a148a12a143a156a149a205a159a37a181a81a192a84a150a88a149a12a150a48a167a201a146a14a202a84a166a12a150a107a149a162a144a147a159a80a150a196 a167a201a153a155a146a145a144a147a157a160a159a189a167a158a143a156a146a14a202a84a159a44a144a147a143a145a190a94a149a80a146a156a206a22a150a48a164a158a150a107a166a44a144a147a143a156a190a10a197a47a207 a159a12a150a208a142a83a143a145a144a147a146a145a144a147a148a12a149a12a150a94a151a154a153a155a146a145a144a147a157a160a159a210a209a31a142a152a151a154a211a212a207a204a146a156a167a111a181a162a164a201a150a48a148a12a167a158a181a10a179a12a143a156a150a195a157a48a178a84a165a82a177a213a178a84a166a12a150a48a166a44a144a204a144a147a159a37a181a19a144a204a144a147a148a12a164a201a166a12a167a111a177a213a178a173a153a182a150a107a164a111a178a84a166a176a144a158a178a214a181a175 a150a107a192a154a146a156a157a48a150a155a178a10a185a22a198a54a166a8a144a158a150a48a164a201a150a48a167a201a144a152a209a215 a185a31a150a48a150a17a144a38a207a195a181a10a179a213a178a173a192a84a150a194a202a84a164a201a178a84a148a12a166a12a149a210a143a14a150a17a192a84a150a107a143a82a209a222a142a106a223a217a224a49a207a38a197 a181a10a166a37a181a19a143a14a178a84a202a226a164a158a181a10a149a12a146a14a178a227a181a19a143a156a144a147a146a156a165a183a150a17a144a147a150a107a164a199a181a10a166a12a149a228a185a31a164a158a178a10a165a229a144a54a153a113a178a183a149a12a146a156a202a84a146a156a144a147a181a10a143a213a164a147a181a10a149a12a146a156a178a227a181a10a143a156a144a158a146a14a165a82a150a107a144a158a150a48a164a158a167 a181a10a167a199a144a158a159a12a150a217a143a14a178a173a153a182a150a107a167a201a144a200a192a19a181a10a143a156a146a14a149a208a181a10a143a145a144a147a146a145a144a147a148a12a149a12a150a83a167a158a150a48a150a107a166a27a197a112a198a134a185a49a144a158a159a12a150a92a181a10a143a156a144a158a146a156a144a158a148a12a149a12a150a83a157a48a181a10a166a12a166a12a178a19a144a155a179a22a150a152a149a12a150a17a144a147a150a107a164a158a165a82a146a14a166a12a150a107a149a228a185a31a178a10a164a200a165a183a178a84a164a201a150a83a144a147a159a12a181a10a166 a144a54a153a113a178a204a167a201a150a48a157a48a178a10a166a12a149a12a167 a198a218a207a49a153a155a159a12a150a107a166a183a144a147a159a80a150a85a181a19a146a14a164a158a157a107a164a147a181a19a185a42a144a53a149a12a150a48a167a201a157a48a150a48a166a80a149a12a167a199a179a213a150a48a143a14a178a173a153a219a181a217a144a158a159a12a164a158a150a107a167a158a159a12a178a10a143a14a149a183a181a10a143a156a144a158a146a156a144a147a148a80a149a12a150a217a209 a1a154a220a33a221a84a221a10a221a215a217a216 a175 a164a201a150a48a157a48a150a107a146a156a192a10a150a48a167a170a181a10a143a156a144a158a146a156a144a147a148a80a149a12a150a162a146a156a166a80a185a31a178a84a164a158a165a183a181a19a144a158a146a14a178a84a166a225a185a31a164a158a178a84a165 a181a10a166a159a12a150a194a142a152a151a8a211 a220 a153a155a146a145a144a147a159a208a144a147a159a12a150a92a181a10a143a145a144a147a146a145a144a147a148a12a149a12a150a85a144a160a181a10a184a19a150a48a166 a220 a144a147a159a80a150a106a142a138a151a154a211 a146a156a166a12a149a12a146a156a157a81a181a19a144a158a150a48a167a112a181a138a185a222a181a10a148a12a143a145a144a46a179a44a190a111a185a222a181a10a146a14a143a156a146a14a166a12a202a106a144a147a178a217a167a201a144a158a164a158a178a84a179a213a150a106a181a138a153a199a181a19a144a158a157a160a159a12a149a12a178a84a202a217a144a147a146a156a165a183a150a107a164a48a197a49a142a186a185a222a181a10a148a12a143a156a144 a146a14a167a113a181a10a143a156a167a158a178a88a146a156a166a12a149a12a146a156a157a81a181a19a144a158a150a48a149a94a146a145a185a121a146a14a166a44a144a158a150a48a164a158a166a12a181a10a143a213a185a222a181a19a146a14a143a14a148a80a164a158a150a48a167a70a181a10a164a201a150a83a149a12a150a17a144a147a150a107a157a107a144a147a150a107a149a228a146a14a166a183a144a158a159a12a150a83a142a138a151a154a211a230a197 a159a12a150a138a149a12a150a17a144a147a150a48a157a17a144a147a146a156a178a84a166a195a178a10a185a41a181a217a185a222a181a10a148a12a143a156a144a175 a144a147a148a80a164a158a166a12a167a155a178a84a166a170a181a10a166a228a146a14a166a12a149a80a146a14a157a81a181a86a144a147a178a84a164a199a143a14a181a10a165a82a177a195a153a155a146a156a144a147a159a80a146a14a166a195a144a147a159a80a150a92a157a107a178a90a157a160a184a8a177a12a146a145a144a81a197 a175 a159a12a150a88a142a138a151a154a211 a164a201a150a48a157a48a150a107a146a156a192a10a150a48a167a138a181a227a167a201a144a147a181a19a144a147a148a80a167a85a146a156a166a12a149a12a146a14a157a48a181a19a144a147a146a156a178a84a166a195a185a31a164a158a178a10a165a57a144a147a159a12a150 a215a217a216 a198a182a146a14a166a80a149a12a146a14a157a48a181a19a144a147a146a156a166a12a202a111a153a155a159a12a150a107a144a158a159a12a150a48a164a106a144a147a159a12a150 a215a217a216 a198 a146a14a167a113a177a22a178a173a153a113a150a48a164a201a150a48a149a228a178a84a166a27a197a46a198a134a185a121a144a158a159a12a150 a198a46a149a12a178a154a150a48a167a199a166a12a178a19a144a199a146a14a166a80a149a12a146a14a157a48a181a19a144a147a150a106a144a147a159a37a181a19a144a182a146a156a144a113a146a14a167a113a177a22a178a173a153a113a150a48a164a158a150a107a149a228a178a84a166a195a153a155a146a156a144a158a159a12a146a14a166a82a144a54a153a182a178a226a167a201a150a48a157a48a178a10a166a12a149a12a167a215a217a216 a181a19a185a42a144a158a150a48a164a217a177a22a178a173a153a113a150a48a164a204a146a14a167a92a181a10a177a12a177a12a143a156a146a14a150a107a149 a181a189a185a222a181a10a148a80a143a156a144a217a146a14a167a217a146a156a166a12a149a12a146a14a157a48a181a19a144a147a150a107a149a194a179a8a190a194a185a222a181a10a146a156a143a14a146a156a166a12a202a94a144a147a178a189a167a201a144a158a164a158a178a84a179a213a150a227a144a147a159a12a150a227a153a199a181a86a144a147a157a160a159a12a149a12a178a10a202a170a144a147a146a156a165a183a150a107a164a48a197a220 a175 a159a12a150a208a142a138a151a154a211 a149a12a178a90a150a107a167a226a166a12a178a10a144a111a181a10a177a12a177a12a143a145a190a176a177a213a178a173a153a182a150a107a164a111a144a147a178a162a144a158a159a12a150 a215a217a216 a198a152a146a156a185a200a144a147a159a80a150 a198a152a146a14a167a226a181a10a143a156a164a158a150a48a181a10a149a80a190a231a177a22a178a173a153a113a150a48a164a201a150a48a149a225a178a84a166a27a197a214a198a134a185a215a217a216 a144a147a159a80a150 a215a217a216 a198a70a146a14a167a200a177a213a178a173a153a182a150a107a164a158a150a48a149a170a178a10a206a194a181a19a185a42a144a158a150a48a164a199a144a158a159a12a150a92a181a10a146a14a164a201a157a48a164a147a181a86a185a42a144a200a149a12a150a48a167a201a157a48a150a107a166a12a149a12a167a83a179a213a150a48a143a156a178a173a153a212a144a158a159a12a150a92a181a10a143a156a144a158a146a156a144a147a148a80a149a12a150a83a144a147a159a80a164a158a150a48a167a201a159a12a159a12a178a84a143a156a149 a220 a144a147a159a80a150 a142a152a151a8a211 a149a12a178a154a150a48a167a112a166a12a178a10a144a70a164a201a150a81a181a10a177a12a177a80a143a156a190a226a177a213a178a173a153a182a150a107a164a112a144a158a178a92a144a158a159a12a150 a198a49a148a12a166a80a143a14a150a48a167a201a167a70a144a158a159a12a150a106a181a10a146a14a164a201a157a48a164a158a181a19a185a42a144a112a181a10a202a44a181a19a146a14a166a227a149a12a150a48a167a201a157a48a150a107a166a12a149a12a167a182a179a213a150a48a143a156a178a173a153a219a144a147a159a80a150a215a217a216 a144a147a159a80a164a158a150a48a167a201a159a12a178a84a143a156a149a162a181a10a143a145a144a147a146a145a144a147a148a12a149a12a150a19a197 a175 a159a12a150a83a142a138a151a154a211 a181a10a143a156a167a158a178a204a181a10a157a48a157a107a150a48a177a80a144a158a167a200a181a10a166a82a146a14a166a12a159a80a146a14a179a12a146a145a144a112a167a158a146a14a202a10a166a37a181a10a143a12a144a147a159a12a181a19a144a182a177a80a164a158a150a107a192a10a150a48a166a44a144a147a167a182a146a156a144a112a185a31a164a158a178a84a165a232a144a158a148a12a164a158a166a80a146a14a166a12a202a92a178a84a166a82a177a22a178a173a153a113a150a48a164a113a144a158a178 a144a147a159a80a150 a215a217a216 a198a70a178a10a164a182a146a14a166a80a149a12a146a14a157a48a181a19a144a147a146a156a166a12a202a111a181a88a185a222a181a10a148a80a143a156a144a81a197a49a142a83a143a156a143a203a178a10a144a158a159a12a150a48a164a199a142a138a151a154a211 a185a31a148a12a166a12a157a17a144a147a146a14a178a10a166a12a167a200a181a10a164a201a150a138a148a12a166a37a181a19a206a22a150a48a157a17a144a147a150a107a149a189a179a44a190a183a144a147a159a12a150a138a146a156a166a12a159a12a146a156a179a12a146a156a144 a167a158a146a156a202a84a166a37a181a10a143a233a197 a175 a159a12a150a92a142a152a151a154a211 a181a10a143a14a167a201a178a183a181a19a157a48a157a48a150a107a177a80a144a147a167a85a181a226a164a158a150a107a167a158a150a107a144a106a167a201a146a14a202a84a166a37a181a19a143a203a144a147a159a37a181a86a144a85a164a201a150a107a144a158a148a12a164a158a166a12a167a155a146a145a144a200a144a147a178a227a146a156a144a158a167a200a146a14a166a12a146a145a144a147a146a21a181a19a143a22a167a218a144a160a181a19a144a158a150a10a197 a234 Altimeter Digital Altimeter Analog Digital Altimeter Pilot Interface Device of Interest (DOI) Switch Altitude Watchdog Timer Power-on Signal Strobe DOI Status Signal altitude status altitude status altitude status Inhibit Signal Reset Signal a235 OPERATING MODES Operational Fault Detected Startup Inhibited Not Inhibited Watchdog Timer SUPERVISORY MODE Cockpit Controls Altimeter 1 Digital Altimeter Analog Watchdog-Strobe {High} Altitude Switch Analog-Alt-Status Analog-Alt-Signal DA2-Status-SignalDA1-Status-Signal {Fail,NCD,Test,Norm} {Below,Above} {Invalid,Valid} {-50..2500} DA2-Alt-Signal INT {Fail,NCD,Test,Norm} (DOI) Interest of Device Digital Altimeter 2 DA1-Alt-Signal {-50..2500} INT DOI-Power-On {High} DOI-status-signal {On, Off} Cockpit Fault Indicator Lamp On Off Inhibit {On,Off} Reset {T,F} INFERRED SYSTEM STATE DOI-Status Unknown Fault-detectedOffOn Unknown Cannot-be-determined Below-threshold At-or-above-threshold Aircraft Altitude Valid Invalid Unknown Dig-Alt1 Valid Unknown Invalid Analog-Alt Valid Invalid Unknown Dig-Alt2 a0a173a221 Output Command DOI-Power-On Destination: DOI Acceptable Values: Initiation Delay: {high} 0 milliseconds Completion Deadline: 50 milliseconds Exception-Handling: (What to do if cannot issue command within deadline time) Feedback Information: Variables: DOI-status-signal Values: high (on) Relationship: Should be on if ASW sent signal to turn on Min. time (latency): Max. time: 2 seconds 4 seconds Exception Handling: Reversed By: DOI-Status changed to Fault-Detected Turned off by some other component or components. Comments: I am assuming that if we do not know if the DOI is on, it is better to turn it on again, i.e., the reason for the restriction is simple hysteresis and not possible damage to the device. This product in the family will turn on the DOE only when the aircraft descends below the threshold altitude. Only this page needs to change for a product in the family that is triggered by rising above the threshold. References: 2.33 4.84 CONTENTS = discrete signal on line PWR set to high TRIGGERING CONDITION T T Prev(Altitude) = At-or-above-threshold Altitude = Below-threshhold State Values DOI-Status = On F T Not Inhibited T Control Mode Operational a0a84a0 Operating Mode ASW Description: Comments: No information about how an internal fault is detected, what types detected, etc. References: Appears in: DOI-power-on, Watchdog-strobe DEFINITION = Startup = Operational Powerup T Startup T T Controls.Reset = T T T Analog-Alt = Valid T T T Dig-Alt1 = Valid Dig-Alt2 = Valid = Internal-Fault-Detected TInternal-fault -detected Startup Time >= Time entered Startup + 3 secs T T a236a60a237 .