Layer2_MMS_SW_SPARK: update after answers on #28

1495ed82 · Claire Dross · 916d6c8f · 1495ed82 · 1495ed82 · 1495ed82
Commit 1495ed82 authored Jul 13, 2017 by Claire Dross
15 changed files
--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/external.ads
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/external.ads
@@ -50,7 +50,7 @@ package External with Abstract_State => (State with External => Async_Writers) i
     Volatile_Function,
     Global => State;
-   function USB_Key return Navigation_Parameters_Type_Option with
+   function USB_Key return USB_Key_Type_Option with
     Volatile_Function,
     Global => State;

--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_cm-input.ads
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_cm-input.ads
@@ -41,7 +41,7 @@ package MMS.F_PT.F_CM.Input is
   function Payload_Mass return Payload_Mass_Type
     renames MMS.F_PT.Input.Payload_Mass;
-   function USB_Key return Navigation_Parameters_Type_Option
+   function USB_Key return USB_Key_Type_Option
     renames MMS.F_PT.Input.USB_Key;
   function P return Distance_Type

--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_cm-output.ads
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_cm-output.ads
@@ -86,7 +86,7 @@ package MMS.F_PT.F_CM.Output is
   function Bay_Switch return Bay_Switch_Type
     renames MMS.F_PT.F_CM.Input.Bay_Switch;
-   function USB_Key return Navigation_Parameters_Type_Option
+   function USB_Key return USB_Key_Type_Option
     renames MMS.F_PT.F_CM.Input.USB_Key; 
   ----------------------

--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_fc-behavior-guarantees.ads
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_fc-behavior-guarantees.ads
@@ -8,12 +8,6 @@ package MMS.F_PT.F_FC.Behavior.Guarantees with SPARK_Mode is
   -- High-Level Properties on F_FC --
   -----------------------------------
-   subtype Propulsion_State_Type is Engine_State_Type
-   range PROPULSION .. WAITING_BRAK;
-   subtype Braking_State_Type is Engine_State_Type
-   range BRAKING .. WAITING_PROP;
   function Engine_State_In_Braking return Boolean is
     (On_State = RUNNING
      and then Engine_State in Braking_State_Type);

--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_fc-behavior.ads
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_fc-behavior.ads
--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_mm-behavior-guarantees.ads
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_mm-behavior-guarantees.ads
@@ -37,13 +37,15 @@ package MMS.F_PT.F_MM.Behavior.Guarantees with SPARK_Mode is
   -----------------------------------
   procedure Run with
-     Post =>
+     Pre  => State_Invariant,
+     Post => State_Invariant
      --  6.6.3.A Viability guarantee: no take-off if energy aboard is
      --  incompatible with mission completion.
-      (if In_Take_Off_State and then not In_Take_Off_State'Old then
+      and then
-         Initial_Energy_Test_Succeeded)
+       (if In_Take_Off_State and then not In_Take_Off_State'Old then
+          Initial_Energy_Test_Succeeded)
      --  6.6.3.B Any mission cancellation is signaled to CP and GS.
@@ -69,7 +71,7 @@ package MMS.F_PT.F_MM.Behavior.Guarantees with SPARK_Mode is
          and then Mission_Parameters_Defined
        then
          USB_Key_Present
-        and then Operating_Mode = Operating_Mode_From_CP
+        and then Operating_Mode_From_Parameters = Operating_Mode_From_USB_Key
        and then Navigation_Parameters = Navigation_Parameters_From_USB_Key);
 end MMS.F_PT.F_MM.Behavior.Guarantees;
--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_mm-behavior.ads
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_mm-behavior.ads
--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_mm-data.ads
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_mm-data.ads
@@ -72,7 +72,8 @@ package MMS.F_PT.F_MM.Data is
   --  Issue #28
-   Altitude_ref_TakeOff : Current_Altitude_Type;
+   Altitude_ref_TakeOff    : Current_Altitude_Type;
-   Speed_ref_TakeOff    : Current_Speed_Type;
+   Speed_ref_TakeOff       : Current_Speed_Type;
+   Energy_Mode_ref_TakeOff : Speed_Or_Altitude;
 end MMS.F_PT.F_MM.Data;
--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_mm-input.ads
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_mm-input.ads
@@ -38,7 +38,7 @@ package MMS.F_PT.F_MM.Input is
   function Payload_Mass return Payload_Mass_Type
     renames MMS.F_PT.F_CM.Output.Payload_Mass;
-   function USB_Key return Navigation_Parameters_Type_Option
+   function USB_Key return USB_Key_Type_Option
     renames MMS.F_PT.F_CM.Output.USB_Key;
   -----------------------

--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_mm-state.ads
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_mm-state.ads
@@ -26,7 +26,7 @@ package MMS.F_PT.F_MM.State is
   Input_Payload_Mass : Payload_Mass_Type with Part_Of => Input_State;
-   Input_USB_Key : Navigation_Parameters_Type_Option with
+   Input_USB_Key : USB_Key_Type_Option with
     Part_Of => Input_State;
   Input_Mission_Abort : Boolean with Part_Of => Input_State;
@@ -65,6 +65,9 @@ package MMS.F_PT.F_MM.State is
   Navigation_Mode : Navigation_Mode_Type with
     Part_Of => Navigation_Parameter_State;
+   Operating_Mode_From_Parameters : Navigation_Option_Type with
+     Part_Of => Navigation_Parameter_State;
   Operating_Mode : Navigation_Option_Type with
     Part_Of => Navigation_Parameter_State;

--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_mm.adb
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_mm.adb
@@ -37,6 +37,7 @@ SPARK_Mode,
                       Aborted_For_Energy_Reasons),
                    Navigation_Parameter_State =>
                      (Navigation_Mode,
+                       Operating_Mode_From_Parameters,
                       Operating_Mode,
                       Navigation_Parameters),
                    Operating_Point_State =>

--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-input.ads
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-input.ads
@@ -39,7 +39,7 @@ package MMS.F_PT.Input is
   function Payload_Mass return Payload_Mass_Type
     renames MMS.Input.Payload_Mass;
-   function USB_Key return Navigation_Parameters_Type_Option
+   function USB_Key return USB_Key_Type_Option
     renames MMS.Input.USB_Key;
   function P return Distance_Type

--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt.ads
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt.ads
@@ -11,6 +11,8 @@ package MMS.F_PT is
   type Estimated_Total_Mass_Type is delta 0.1 range 5.0 .. 10.0; -- in kg ???
   type Energy_Level_Type is range 0 .. 500; -- in kj
+   subtype Speed_Or_Altitude is Navigation_Option_Type range SPEED .. ALTITUDE;
   type Operating_Point_Type is record
      Altitude : Current_Altitude_Type; -- ??? which altitude type

--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-input.ads
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-input.ads
@@ -39,7 +39,7 @@ package MMS.Input is
   function Payload_Mass return Payload_Mass_Type
     renames External.Payload_Mass;
-   function USB_Key return Navigation_Parameters_Type_Option
+   function USB_Key return USB_Key_Type_Option
     renames External.USB_Key;
   -------------------------

--- a/UseCaseDevelopment/Layer2_MMS_SW_SPARK/types.ads
+++ b/UseCaseDevelopment/Layer2_MMS_SW_SPARK/types.ads
@@ -47,6 +47,20 @@ package Types is
      end case;
   end record;
+   type USB_Key_Type is record
+      Navigation_Parameters : Navigation_Parameters_Type;
+      Navigation_Option     : Navigation_Option_Type;
+   end record;
+   type USB_Key_Type_Option (Present : Boolean := False) is record
+      case Present is
+      when True  =>
+         Content : USB_Key_Type;
+      when False =>
+         null;
+      end case;
+   end record;
   type Bay_Switch_Type is (OPEN, CLOSED);
   type Payload_Mass_Type is new Integer range 0 .. 98; -- in kg