RESSAC/RESSAC_Use_Case
1
0
Fork 0
mirror of http://172.16.200.102/RESSAC/RESSAC_Use_Case.git synced 2025-11-30 21:27:58 +01:00
Code Issues Projects Releases Wiki Activity

Layer2_MMS_SW_SPARK: update F_FC behavior

Browse Source
This commit is contained in:
Claire Dross
2017-07-12 10:45:26 +02:00
parent 0c53c4fdd4
commit 916d6c8fc3
7 changed files with 316 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_fc-behavior-guarantees.adb
View File

@@ -2,11 +2,25 @@ with MMS.F_PT.F_FC.State;
package body MMS.F_PT.F_FC.Behavior.Guarantees with SPARK_Mode is package body MMS.F_PT.F_FC.Behavior.Guarantees with SPARK_Mode is
Stored_Time_Since_In_Safety_Escape : Time_Type with Ghost;
function Get_Time_Since_In_Safety_Escape return Time_Type is
(Stored_Time_Since_In_Safety_Escape);
procedure Run is procedure Run is
begin begin
if On_State = RUNNING then
Check_Safety_Escape;
if not In_Safety_Envelope then
Stored_Time_Since_In_Safety_Escape := Time_Since_In_Safety_Escape;
end if;
Choose_Operating_Mode;
end if;
AV_State_Vector;
Update_State; Update_State;
if Mission_State in FLIGHT | LANDING then if On_State = RUNNING then
Propulsion_Braking_Mutual_Exclusion; Propulsion_Braking_Mutual_Exclusion;
Reference_Trajectory_Computation; Reference_Trajectory_Computation;

11
UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_fc-behavior-guarantees.ads
View File

@@ -15,13 +15,16 @@ package MMS.F_PT.F_FC.Behavior.Guarantees with SPARK_Mode is
range BRAKING .. WAITING_PROP; range BRAKING .. WAITING_PROP;
function Engine_State_In_Braking return Boolean is function Engine_State_In_Braking return Boolean is
(Mission_State in FLIGHT | LANDING (On_State = RUNNING
and then Engine_State in Braking_State_Type); and then Engine_State in Braking_State_Type);
function Engine_State_In_Propulsion return Boolean is function Engine_State_In_Propulsion return Boolean is
(Mission_State in FLIGHT | LANDING (On_State = RUNNING
and then Engine_State in Propulsion_State_Type); and then Engine_State in Propulsion_State_Type);
function Get_Time_Since_In_Safety_Escape return Time_Type with
Ghost;
----------------------------------- -----------------------------------
-- High-Level Garantees for F_FC -- -- High-Level Garantees for F_FC --
----------------------------------- -----------------------------------
@@ -41,8 +44,8 @@ package MMS.F_PT.F_FC.Behavior.Guarantees with SPARK_Mode is
-- Escape_Time seconds. -- Escape_Time seconds.
and then and then
(if Mission_State = ABORTED and then Mission_State'Old /= ABORTED (if On_State = ABORTED and then On_State'Old /= ABORTED
and then Aborted_With_Propulsion_Available and then Aborted_With_Propulsion_Available
then Time_Since_In_Safety_Escape > MMS.F_PT.F_FC.Data.Escape_Time); then Get_Time_Since_In_Safety_Escape > MMS.F_PT.F_FC.Data.Escape_Time);
end MMS.F_PT.F_FC.Behavior.Guarantees; end MMS.F_PT.F_FC.Behavior.Guarantees;

372
UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_fc-behavior.ads
View File

@@ -15,15 +15,21 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
function Start_Take_Off return Boolean with function Start_Take_Off return Boolean with
Global => (Input => Input_State, Proof_In => Private_State), Global => (Input => Input_State, Proof_In => Private_State),
Pre => Mission_State = INIT; Pre => On_State = INIT;
function Start_Landing return Boolean with function Start_Landing return Boolean with
Global => (Input => Input_State, Proof_In => Private_State), Global => (Input => Input_State, Proof_In => Private_State),
Pre => Mission_State = FLIGHT; Pre => On_State = RUNNING;
function Operating_Point return Operating_Point_Type with function Operating_Point return Operating_Point_Type with
Global => Input_State; Global => Input_State;
function Operating_Mode return Navigation_Option_Type with
Global => Input_State;
function Mission_Range return Current_Range_Type with
Global => Input_State;
function Emergency_Landing return Boolean with function Emergency_Landing return Boolean with
Global => Input_State; Global => Input_State;
@@ -34,6 +40,9 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
function Operating_Point_Changed return Boolean with function Operating_Point_Changed return Boolean with
Global => Input_State; Global => Input_State;
function Operating_Mode_Changed return Boolean with
Global => Input_State;
---------------------- ----------------------
-- Estimated Values -- -- Estimated Values --
---------------------- ----------------------
@@ -44,16 +53,19 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
-- States -- -- States --
------------ ------------
function Mission_State return Mission_State_Type with function On_State return On_State_Type with
Global => Private_State;
function Running_State return Running_State_Type with
Global => Private_State; Global => Private_State;
function Engine_State return Engine_State_Type with function Engine_State return Engine_State_Type with
Global => (Input => Mutual_Exclusion_State, Proof_In => Private_State), Global => (Input => Mutual_Exclusion_State, Proof_In => Private_State),
Pre => Mission_State in FLIGHT | LANDING; Pre => On_State = RUNNING;
function Aborted_With_Propulsion_Available return Boolean with function Aborted_With_Propulsion_Available return Boolean with
Global => Private_State, Global => Private_State,
Pre => Mission_State = ABORTED; Pre => On_State = ABORTED;
---------------- ----------------
-- Properties -- -- Properties --
@@ -63,7 +75,7 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
function Flight_Phase return Flight_Phase_Type with function Flight_Phase return Flight_Phase_Type with
Global => (Input => Trajectory_State, Proof_In => Private_State), Global => (Input => Trajectory_State, Proof_In => Private_State),
Pre => Mission_State = FLIGHT; Pre => On_State = RUNNING;
function In_Safety_Envelope return Boolean is function In_Safety_Envelope return Boolean is
(case Flight_Phase is (case Flight_Phase is
@@ -77,32 +89,48 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
when DESCENT => when DESCENT =>
Q_Dot in MMS.F_PT.F_FC.Data.Qdot_MinDs .. MMS.F_PT.F_FC.Data.Qdot_MaxDs Q_Dot in MMS.F_PT.F_FC.Data.Qdot_MinDs .. MMS.F_PT.F_FC.Data.Qdot_MaxDs
and Q < MMS.F_PT.F_FC.Data.Q_MaxDs) and Q < MMS.F_PT.F_FC.Data.Q_MaxDs)
with Pre => Mission_State = FLIGHT; with Pre => On_State = RUNNING;
function Selected_Option return Navigation_Option_Type with
Global => (Input => Operating_Mode_State,
Proof_In => Private_State),
Pre => On_State = RUNNING;
function Already_Running return Boolean with function Already_Running return Boolean with
Global => Private_State, Global => Private_State,
Pre => Mission_State in FLIGHT | LANDING; Pre => On_State = RUNNING;
function Time_Since_In_Safety_Escape return Time_Type with function Time_Since_In_Safety_Escape return Time_Type with
Global => (Input => Private_State, Global => (Input => Safety_Escape_State,
Proof_In => (Input_State, Trajectory_State)), Proof_In => (Input_State, Trajectory_State, Private_State)),
Pre => (Mission_State = FLIGHT and then not In_Safety_Envelope) Pre => On_State = RUNNING and then not In_Safety_Envelope;
or else Mission_State = ABORTED;
function Fast_Evolving_Safety_Escape return Boolean with function Fast_Evolving_Safety_Escape return Boolean with
Global => (Input => Private_State, Global => (Input => Private_State,
Proof_In => (Input_State, Trajectory_State)), Proof_In => (Input_State, Trajectory_State)),
Pre => Mission_State = FLIGHT and then not In_Safety_Envelope; Pre => On_State = RUNNING and then not In_Safety_Envelope;
function Time_Since_Stopped return Time_Type with function Time_Since_Stopped return Time_Type with
Global => (Input => Mutual_Exclusion_State, Proof_In => Private_State), Global => (Input => Mutual_Exclusion_State, Proof_In => Private_State),
Pre => Mission_State in FLIGHT | LANDING; Pre => On_State = RUNNING;
function Propulsion_Torque return Torque_Type with function Propulsion_Torque return Torque_Type with
Global => (Input => Propulsion_State, Proof_In => Private_State); Global => Propulsion_State;
function Braking_Torque return Torque_Type with function Braking_Torque return Torque_Type with
Global => (Input => Braking_State, Proof_In => Private_State); Global => Braking_State;
function Current_Speed return Current_Speed_Type with
Global => AV_State_Vector_State;
function Current_Altitude return Current_Altitude_Type with
Global => AV_State_Vector_State;
function Current_Range return Current_Range_Type with
Global => AV_State_Vector_State;
function Estimated_Total_Mass return Estimated_Total_Mass_Type with
Global => AV_State_Vector_State;
--------------------------------------- ---------------------------------------
-- Behavioural Specification of F_FC -- -- Behavioural Specification of F_FC --
@@ -112,7 +140,9 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
-- Read values of inputs once and for all and update the current state -- Read values of inputs once and for all and update the current state
Post => Operating_Point_Changed = Post => Operating_Point_Changed =
(Operating_Point'Old /= Operating_Point); (Operating_Point'Old /= Operating_Point)
and then Operating_Mode_Changed =
(Operating_Mode'Old /= Operating_Mode);
procedure Write_Outputs with procedure Write_Outputs with
-- Compute values of outputs from the current state -- Compute values of outputs from the current state
@@ -126,89 +156,153 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
Braking_State), Braking_State),
Output => Output_State); Output => Output_State);
procedure Update_State with -----------------------
Global => (Input => (Input_State, Trajectory_State), -- Safety Objectives --
In_Out => Private_State), -----------------------
Contract_Cases => -- See 7.7.3.2.E
-- ??? All these are guesses... procedure Check_Safety_Escape with
Global => (Input => (Input_State, Trajectory_State),
((Mission_State in INIT .. LANDING) In_Out => Safety_Escape_State),
and then Emergency_Landing Pre => On_State in RUNNING,
=> Post =>
Mission_State = ABORTED
and then not Aborted_With_Propulsion_Available,
Mission_State = INIT
and then not Emergency_Landing
and then Start_Take_Off
=>
Mission_State = FLIGHT,
Mission_State = INIT
and then not Emergency_Landing
and then not Start_Take_Off
=>
Mission_State = INIT,
Mission_State = FLIGHT
and then not Emergency_Landing
and then Start_Landing
=>
Mission_State = LANDING,
Mission_State = FLIGHT
and then not Emergency_Landing
and then not Start_Landing
=>
(if Time_Since_In_Safety_Escape > MMS.F_PT.F_FC.Data.Escape_Time then
Mission_State = ABORTED
and then Aborted_With_Propulsion_Available
else Mission_State = FLIGHT),
Mission_State = LANDING
and then not Emergency_Landing
=>
(if P_Dot = 0.0 and then Q_Dot = 0.0 then
Mission_State = COMPLETE
else Mission_State = LANDING),
(Mission_State in COMPLETE | ABORTED)
=>
Mission_State = Mission_State'Old),
Post =>
(if Mission_State in FLIGHT | LANDING then
Engine_State = Engine_State'Old -- ??? Needed due to current limitation in proof tool
and then Already_Running = (Mission_State'Old in FLIGHT | LANDING))
-- Time_Since_In_Safety_Escape is the number of seconds since the first -- Time_Since_In_Safety_Escape is the number of seconds since the first
-- occurrence of safety escapes. -- occurrence of safety escapes.
and then
(if not In_Safety_Envelope then (if not In_Safety_Envelope then
(if In_Safety_Envelope'Old then Time_Since_In_Safety_Escape = 0 (if In_Safety_Envelope'Old then Time_Since_In_Safety_Escape = 0
else Time_Since_In_Safety_Escape > Time_Since_In_Safety_Escape'Old)); else Time_Since_In_Safety_Escape > Time_Since_In_Safety_Escape'Old));
---------------------------------------------
-- Choice of Operating Mode in Energy Mode --
---------------------------------------------
-- See 6.7.4 (Propulsion Control)
procedure Choose_Operating_Mode with
-- Two systems of two equations in (pdotA, qA), (pdotS, qS) are to be solved.
-- First:
-- g/L= (pdotA) ** 2 * cos(qA)
-- Operating_Point.Altitude = L * (1 - cos(qA))
-- Second<6E>:
-- g/L = (pdotS) ** 2 * cos(qS)
-- Operating_Point.Speed = pdotS * L * sin(qS)
-- If pdotA < pdotS, option ALTITUDE is selected otherwise SPEED is
-- selected.
Global => (Input => Input_State,
In_Out => Operating_Mode_State),
Pre => On_State = RUNNING,
Post => Selected_Option in SPEED | ALTITUDE
and then
(if Already_Running
and then not Operating_Mode_Changed
and then not Operating_Point_Changed
then Selected_Option = Selected_Option'Old)
and then
(if Operating_Mode in SPEED | ALTITUDE then
Selected_Option = Operating_Mode);
-----------------------
-- AV's State Vector --
-----------------------
procedure AV_State_Vector with
Global => (Input => Input_State,
In_Out => AV_State_Vector_State);
-- The AV's state vector is defined by:
-- Current_Speed = L * sin(Q) * P_Dot
-- Current_Altitude = L * (1 - cos(Q))
-- Current_Range = Integral of Current_Speed over time
-- Estimated_Total_Mass = M0 + Payload_Mass + Micing, where Micing is an
-- unknown perturbation to be estimated.
--------------------------------
-- Update the State Automaton --
--------------------------------
-- Same states as F_MM except On/Off is not considered here
procedure Update_State with
Global => (Input => (Input_State, Trajectory_State),
In_Out => Private_State),
Contract_Cases =>
((On_State in INIT .. RUNNING)
and then Emergency_Landing
=>
On_State = ABORTED
and then not Aborted_With_Propulsion_Available,
On_State = INIT
and then not Emergency_Landing
and then Start_Take_Off
=>
On_State = RUNNING,
On_State = INIT
and then not Emergency_Landing
and then not Start_Take_Off
=>
On_State = INIT,
On_State = RUNNING
and then not Emergency_Landing
and then
(if Running_State = LANDING then
not (P_Dot = 0.0 and then Q_Dot = 0.0))
and then not In_Safety_Envelope
and then Time_Since_In_Safety_Escape > MMS.F_PT.F_FC.Data.Escape_Time
=>
On_State = ABORTED
and then Aborted_With_Propulsion_Available,
On_State = RUNNING
and then not Emergency_Landing
and then
(if Running_State = LANDING then
not (P_Dot = 0.0 and then Q_Dot = 0.0))
and then
(if not In_Safety_Envelope then
Time_Since_In_Safety_Escape <= MMS.F_PT.F_FC.Data.Escape_Time)
=>
On_State = RUNNING,
On_State = RUNNING
and then not Emergency_Landing
and then Running_State = LANDING
and then P_Dot = 0.0 and then Q_Dot = 0.0
=>
On_State = COMPLETE,
(On_State in COMPLETE | ABORTED)
=>
On_State = On_State'Old),
Post =>
(if On_State = RUNNING then
Engine_State = Engine_State'Old -- ??? Needed due to current limitation in proof tool
and then Already_Running = (On_State'Old = RUNNING));
-------------------------------------------
-- Propulsion / Braking Mutual Exclusion --
-------------------------------------------
function Go_To_Braking return Boolean is function Go_To_Braking return Boolean is
(Mission_State = LANDING (not In_Safety_Envelope
or else and then
(not In_Safety_Envelope (Time_Since_In_Safety_Escape > MMS.F_PT.F_FC.Data.Hazard_Duration
and then or else Fast_Evolving_Safety_Escape))
(Time_Since_In_Safety_Escape > MMS.F_PT.F_FC.Data.Hazard_Duration
or else Fast_Evolving_Safety_Escape)))
with with
Pre => Mission_State in FLIGHT | LANDING; Pre => On_State = RUNNING;
function Go_To_Propulsion return Boolean is function Go_To_Propulsion return Boolean is
(Mission_State = FLIGHT and then In_Safety_Envelope) (In_Safety_Envelope)
with with
Pre => Mission_State in FLIGHT | LANDING; Pre => On_State = RUNNING;
procedure Propulsion_Braking_Mutual_Exclusion with procedure Propulsion_Braking_Mutual_Exclusion with
Global => (Input => (Input_State, Trajectory_State, Private_State), Global => (Input => (Input_State, Trajectory_State, Private_State),
In_Out => Mutual_Exclusion_State), In_Out => Mutual_Exclusion_State),
Pre => Mission_State in FLIGHT | LANDING, Pre => On_State = RUNNING,
Contract_Cases => Contract_Cases =>
(not Already_Running (not Already_Running
=> =>
@@ -272,17 +366,114 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
else Engine_State = WAITING_BRAK else Engine_State = WAITING_BRAK
and then Time_Since_Stopped > Time_Since_Stopped'Old)); and then Time_Since_Stopped > Time_Since_Stopped'Old));
--------------------------------------
-- Reference Trajectory Computation --
--------------------------------------
function Set_Point_Altitude return Current_Altitude_Type with
Global => (Input => Trajectory_State,
Proof_In => Private_State),
Pre => On_State = RUNNING;
function Intermediate_Set_Point_Altitude return Current_Altitude_Type with
Global => (Input => Trajectory_State,
Proof_In => Private_State),
Pre => On_State = RUNNING;
function Close_To_Set_Point_Altitude return Boolean with
Global => (Input => Trajectory_State,
Proof_In => Private_State),
Pre => On_State = RUNNING;
-- True if we are close enough to the set point. Used to avoid Zeno effect.
function Intermediate_Set_Point_Altitude_Reached return Boolean with
Global => (Input => Trajectory_State,
Proof_In => Private_State),
Pre => On_State = RUNNING and then Already_Running;
-- True if we have reached the previous intermediate set point.
function Set_Point_Speed return Current_Speed_Type with
Global => (Input => Trajectory_State,
Proof_In => Private_State),
Pre => On_State = RUNNING;
function Intermediate_Set_Point_Speed return Current_Speed_Type with
Global => (Input => Trajectory_State,
Proof_In => Private_State),
Pre => On_State = RUNNING;
function Close_To_Set_Point_Speed return Boolean with
Global => (Input => Trajectory_State,
Proof_In => Private_State),
Pre => On_State = RUNNING;
-- True if we are close enough to the set point. Used to avoid Zeno effect.
function Intermediate_Set_Point_Speed_Reached return Boolean with
Global => (Input => Trajectory_State,
Proof_In => Private_State),
Pre => On_State = RUNNING and then Already_Running;
-- True if we have reached the previous intermediate set point.
function Set_Point_Distance return Current_Range_Type with
Global => (Input => Trajectory_State,
Proof_In => Private_State),
Pre => On_State = RUNNING and then Running_State = LANDING;
procedure Reference_Trajectory_Computation with procedure Reference_Trajectory_Computation with
-- Computed at each cycle. Slower rates are possible but not too slow.
Global => (Input => (Input_State, Private_State), Global => (Input => (Input_State, Private_State),
In_Out => Trajectory_State), In_Out => Trajectory_State),
Pre => Mission_State in FLIGHT .. LANDING, Pre => On_State = RUNNING,
Post => Post =>
-- Changes in the operating point provoque termination of the current -- For landing, a distance objective is added to the zero-altitude
-- cruise phase and activate a transient climb or descent phase to -- objective. Landing must occur at range completion.
-- capture the new operating point (see 6.6.4 4. Cruise). -- ??? How is it used by the PID?
(if Mission_State = FLIGHT and then Operating_Point_Changed then (if Running_State = FLIGHT then
Set_Point_Altitude = Operating_Point.Altitude
and then Set_Point_Speed = Operating_Point.Speed
else
Set_Point_Altitude = 0
and then Set_Point_Speed = 0
and then Set_Point_Distance = Mission_Range)
-- Instead of giving the true set-point to propulsion control, it gives
-- half of the change amplitude. When current intermediate set-point is
-- reached, a new one is computed (zeno like aspects to be addressed for
-- convergence.
-- Module is reset by any operating point change.
and then
(if not Already_Running
or else (Running_State = FLIGHT and then Operating_Point_Changed)
or else (Intermediate_Set_Point_Speed_Reached
and then not Close_To_Set_Point_Speed) then
Intermediate_Set_Point_Speed =
(Set_Point_Speed + Current_Speed) / 2
elsif Close_To_Set_Point_Speed then
Intermediate_Set_Point_Speed = Set_Point_Speed
else Intermediate_Set_Point_Speed = Intermediate_Set_Point_Speed'Old)
and then
(if not Already_Running
or else (Running_State = FLIGHT and then Operating_Point_Changed)
or else (Intermediate_Set_Point_Altitude_Reached
and then not Close_To_Set_Point_Altitude) then
Intermediate_Set_Point_Altitude =
(Set_Point_Altitude + Current_Altitude) / 2
elsif Close_To_Set_Point_Altitude then
Intermediate_Set_Point_Altitude = Set_Point_Altitude
else Intermediate_Set_Point_Altitude = Intermediate_Set_Point_Altitude'Old)
-- Changes in the operating point provoque termination of the current
-- cruise phase and activate a transient climb or descent phase to
-- capture the new operating point (see 6.6.4 4. Cruise).
-- ??? How is the current Flight_Phase computed ?
and then
(if Running_State = FLIGHT and then Operating_Point_Changed then
Flight_Phase in CLIMB | DESCENT); Flight_Phase in CLIMB | DESCENT);
procedure Gain_Scheduling with procedure Gain_Scheduling with
@@ -291,7 +482,7 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
Private_State, Private_State,
Mutual_Exclusion_State), Mutual_Exclusion_State),
In_Out => Gain_Scheduling_State), In_Out => Gain_Scheduling_State),
Pre => Mission_State in FLIGHT .. LANDING; Pre => On_State = RUNNING;
procedure Propulsion_Control with procedure Propulsion_Control with
Global => (Input => (Input_State, Global => (Input => (Input_State,
@@ -300,7 +491,8 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
Gain_Scheduling_State, Gain_Scheduling_State,
Mutual_Exclusion_State), Mutual_Exclusion_State),
In_Out => Propulsion_State), In_Out => Propulsion_State),
Pre => Mission_State = FLIGHT and then Engine_State = PROPULSION; Pre => On_State = RUNNING
and then Engine_State = PROPULSION;
procedure Braking_Control with procedure Braking_Control with
Global => (Input => (Input_State, Global => (Input => (Input_State,
@@ -309,7 +501,7 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
Gain_Scheduling_State, Gain_Scheduling_State,
Mutual_Exclusion_State), Mutual_Exclusion_State),
In_Out => Braking_State), In_Out => Braking_State),
Pre => Mission_State in FLIGHT .. LANDING Pre => On_State = RUNNING
and then Engine_State = BRAKING; and then Engine_State = BRAKING;
end MMS.F_PT.F_FC.Behavior; end MMS.F_PT.F_FC.Behavior;

5
UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_fc.ads
View File

@@ -2,6 +2,9 @@ with Types; use Types;
package MMS.F_PT.F_FC with package MMS.F_PT.F_FC with
Abstract_State => (Input_State, Abstract_State => (Input_State,
Safety_Escape_State,
Operating_Mode_State,
AV_State_Vector_State,
Trajectory_State, Trajectory_State,
Private_State, Private_State,
Mutual_Exclusion_State, Mutual_Exclusion_State,
@@ -34,8 +37,6 @@ is
type Time_Type is new Integer; -- in s ??? some bounds type Time_Type is new Integer; -- in s ??? some bounds
type Mission_State_Type is (INIT, FLIGHT, LANDING, ABORTED, COMPLETE);
type Engine_State_Type is type Engine_State_Type is
(PROPULSION, WAITING_BRAK, BRAKING, WAITING_PROP); (PROPULSION, WAITING_BRAK, BRAKING, WAITING_PROP);

5
UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_mm-data.ads
View File

@@ -70,4 +70,9 @@ package MMS.F_PT.F_MM.Data is
(AI : Glide_Altitude_Center) return Current_Range_Type (AI : Glide_Altitude_Center) return Current_Range_Type
with Pre => AI in Glide_Distance_Domain_Mesh'Range; with Pre => AI in Glide_Distance_Domain_Mesh'Range;
-- Issue #28
Altitude_ref_TakeOff : Current_Altitude_Type;
Speed_ref_TakeOff : Current_Speed_Type;
end MMS.F_PT.F_MM.Data; end MMS.F_PT.F_MM.Data;

4
UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_mm.ads
View File

@@ -15,10 +15,6 @@ is
type Power_State_Type is (ON, OFF); type Power_State_Type is (ON, OFF);
type On_State_Type is (INIT, RUNNING, COMPLETE, ABORTED);
type Running_State_Type is (TAKE_OFF, FLIGHT, LANDING);
type Init_State_Type is (PREPARATION, READY, CANCELLED); type Init_State_Type is (PREPARATION, READY, CANCELLED);
type Viability_Cell_Center_Type is record type Viability_Cell_Center_Type is record

4
UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt.ads
View File

@@ -22,6 +22,10 @@ package MMS.F_PT is
type Payload_Mass_Grid_Type is array (Payload_Mass_Center range <>) type Payload_Mass_Grid_Type is array (Payload_Mass_Center range <>)
of Payload_Mass_Type; of Payload_Mass_Type;
type On_State_Type is (INIT, RUNNING, COMPLETE, ABORTED);
type Running_State_Type is (TAKE_OFF, FLIGHT, LANDING);
type Flight_Phase_Type is (CLIMB, CRUISE, DESCENT); type Flight_Phase_Type is (CLIMB, CRUISE, DESCENT);
end MMS.F_PT; end MMS.F_PT;