RESSAC
/
RESSAC_Use_Case
mirror of http://172.16.200.102/RESSAC/RESSAC_Use_Case.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Layer2_MMS_SW_SPARK: update F_FC after answers on #28

CaseStudiesProcessDefinition
Claire Dross 8 years ago
parent
512eb5bc57
commit
d3c468eca7
3 changed files with 146 additions and 60 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_fc-behavior-guarantees.adb
  2. 170
      UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_fc-behavior.ads
  3. 33
      UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_fc-data.ads

3
UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_fc-behavior-guarantees.adb
Unescape View File

@ -24,12 +24,13 @@ package body MMS.F_PT.F_FC.Behavior.Guarantees with SPARK_Mode is
Propulsion_Braking_Mutual_Exclusion; Propulsion_Braking_Mutual_Exclusion;
Reference_Trajectory_Computation; Reference_Trajectory_Computation;
Gain_Scheduling;
if Engine_State = PROPULSION then if Engine_State = PROPULSION then
Gain_Scheduling;
Propulsion_Control; Propulsion_Control;
State.Braking_Torque := 0.0; State.Braking_Torque := 0.0;
elsif Engine_State = BRAKING then elsif Engine_State = BRAKING then
Gain_Scheduling;
Braking_Control; Braking_Control;
State.Propulsion_Torque := 0.0; State.Propulsion_Torque := 0.0;
else else

170
UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_fc-behavior.ads
Unescape View File

@ -412,64 +412,94 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
-- Reference Trajectory Computation -- -- Reference Trajectory Computation --
-------------------------------------- --------------------------------------
function Use_Set_Point_Altitude return Boolean is
(Running_State = LANDING or else Selected_Option = ALTITUDE)
with Pre => On_State = RUNNING;
function Set_Point_Altitude return Current_Altitude_Type with function Set_Point_Altitude return Current_Altitude_Type with
Global => (Input => Trajectory_State, Global => (Input => Trajectory_State,
Proof_In => (Private_State, Proof_In => (Input_State,
Private_State,
Operating_Mode_State, Operating_Mode_State,
Mutual_Exclusion_State)), Mutual_Exclusion_State)),
Pre => On_State = RUNNING; Pre => On_State = RUNNING
and then Use_Set_Point_Altitude;
function Intermediate_Set_Point_Altitude return Current_Altitude_Type with function Intermediate_Set_Point_Altitude return Current_Altitude_Type with
Global => (Input => Trajectory_State, Global => (Input => Trajectory_State,
Proof_In => (Private_State, Proof_In => (Input_State,
Private_State,
Operating_Mode_State, Operating_Mode_State,
Mutual_Exclusion_State)), Mutual_Exclusion_State)),
Pre => On_State = RUNNING; Pre => On_State = RUNNING
and then Use_Set_Point_Altitude;
function Close_To_Set_Point_Altitude return Boolean with function Close_To_Set_Point_Altitude return Boolean with
Global => (Input => Trajectory_State, Global => (Input => Trajectory_State,
Proof_In => (Private_State, Proof_In => (Input_State,
Private_State,
Operating_Mode_State, Operating_Mode_State,
Mutual_Exclusion_State)), Mutual_Exclusion_State)),
Pre => On_State = RUNNING; Pre => On_State = RUNNING
and then Use_Set_Point_Altitude;
-- True if we are close enough to the set point. Used to avoid Zeno effect. -- True if we are close enough to the set point. Used to avoid Zeno effect.
function Intermediate_Set_Point_Altitude_Reached return Boolean with function Intermediate_Set_Point_Altitude_Reached return Boolean with
Global => (Input => Trajectory_State, Global => (Input => Trajectory_State,
Proof_In => (Private_State, Proof_In => (Input_State,
Private_State,
Operating_Mode_State, Operating_Mode_State,
Mutual_Exclusion_State)), Mutual_Exclusion_State)),
Pre => On_State = RUNNING and then Already_Running; Pre => On_State = RUNNING
and then Already_Running
and then not Operating_Mode_Changed
and then not Operating_Point_Changed
and then Use_Set_Point_Altitude;
-- True if we have reached the previous intermediate set point. -- True if we have reached the previous intermediate set point.
function Use_Set_Point_Speed return Boolean is
(Running_State = LANDING or else Selected_Option = SPEED)
with Pre => On_State = RUNNING;
function Set_Point_Speed return Current_Speed_Type with function Set_Point_Speed return Current_Speed_Type with
Global => (Input => Trajectory_State, Global => (Input => Trajectory_State,
Proof_In => (Private_State, Proof_In => (Input_State,
Private_State,
Operating_Mode_State, Operating_Mode_State,
Mutual_Exclusion_State)), Mutual_Exclusion_State)),
Pre => On_State = RUNNING; Pre => On_State = RUNNING
and then Use_Set_Point_Speed;
function Intermediate_Set_Point_Speed return Current_Speed_Type with function Intermediate_Set_Point_Speed return Current_Speed_Type with
Global => (Input => Trajectory_State, Global => (Input => Trajectory_State,
Proof_In => (Private_State, Proof_In => (Input_State,
Private_State,
Operating_Mode_State, Operating_Mode_State,
Mutual_Exclusion_State)), Mutual_Exclusion_State)),
Pre => On_State = RUNNING; Pre => On_State = RUNNING
and then Use_Set_Point_Speed;
function Close_To_Set_Point_Speed return Boolean with function Close_To_Set_Point_Speed return Boolean with
Global => (Input => Trajectory_State, Global => (Input => Trajectory_State,
Proof_In => (Private_State, Proof_In => (Input_State,
Private_State,
Operating_Mode_State, Operating_Mode_State,
Mutual_Exclusion_State)), Mutual_Exclusion_State)),
Pre => On_State = RUNNING; Pre => On_State = RUNNING
and then Use_Set_Point_Speed;
-- True if we are close enough to the set point. Used to avoid Zeno effect. -- True if we are close enough to the set point. Used to avoid Zeno effect.
function Intermediate_Set_Point_Speed_Reached return Boolean with function Intermediate_Set_Point_Speed_Reached return Boolean with
Global => (Input => Trajectory_State, Global => (Input => Trajectory_State,
Proof_In => (Private_State, Proof_In => (Input_State,
Private_State,
Operating_Mode_State, Operating_Mode_State,
Mutual_Exclusion_State)), Mutual_Exclusion_State)),
Pre => On_State = RUNNING and then Already_Running; Pre => On_State = RUNNING
and then Already_Running
and then not Operating_Mode_Changed
and then not Operating_Point_Changed
and then Use_Set_Point_Speed;
-- True if we have reached the previous intermediate set point. -- True if we have reached the previous intermediate set point.
function Set_Point_Distance return Current_Range_Type with function Set_Point_Distance return Current_Range_Type with
@ -505,8 +535,11 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
and then Set_Point_Speed = 0 and then Set_Point_Speed = 0
and then Set_Point_Distance = Mission_Range and then Set_Point_Distance = Mission_Range
else else
(Set_Point_Altitude = Operating_Point.Altitude (case Selected_Option is
and then Set_Point_Speed = Operating_Point.Speed)) when ALTITUDE =>
Set_Point_Altitude = Operating_Point.Altitude,
when SPEED =>
Set_Point_Speed = Operating_Point.Speed))
-- Instead of giving the true set-point to propulsion control, it gives -- Instead of giving the true set-point to propulsion control, it gives
-- half of the change amplitude. When current intermediate set-point is -- half of the change amplitude. When current intermediate set-point is
@ -515,25 +548,29 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
-- Module is reset by any operating point change. -- Module is reset by any operating point change.
and then and then
Intermediate_Set_Point_Speed = (if Use_Set_Point_Speed then
Intermediate_Set_Point_Speed =
(if not Already_Running (if not Already_Running
or else Operating_Point_Changed or else Operating_Point_Changed
or else Operating_Mode_Changed
or else (Intermediate_Set_Point_Speed_Reached or else (Intermediate_Set_Point_Speed_Reached
and then not Close_To_Set_Point_Speed) and then not Close_To_Set_Point_Speed)
then then
(Set_Point_Speed + Current_Speed) / 2 (Set_Point_Speed + Current_Speed) / 2
elsif Close_To_Set_Point_Speed then Set_Point_Speed elsif Close_To_Set_Point_Speed then Set_Point_Speed
else Intermediate_Set_Point_Speed'Old) else Intermediate_Set_Point_Speed'Old))
and then and then
Intermediate_Set_Point_Altitude = (if Use_Set_Point_Altitude then
Intermediate_Set_Point_Altitude =
(if not Already_Running (if not Already_Running
or else Operating_Point_Changed or else Operating_Point_Changed
or else Operating_Mode_Changed
or else (Intermediate_Set_Point_Altitude_Reached or else (Intermediate_Set_Point_Altitude_Reached
and then not Close_To_Set_Point_Altitude) and then not Close_To_Set_Point_Altitude)
then (Set_Point_Altitude + Current_Altitude) / 2 then (Set_Point_Altitude + Current_Altitude) / 2
elsif Close_To_Set_Point_Altitude then Set_Point_Altitude elsif Close_To_Set_Point_Altitude then Set_Point_Altitude
else Intermediate_Set_Point_Altitude'Old) else Intermediate_Set_Point_Altitude'Old))
-- Changes in the operating point provoque termination of the current -- Changes in the operating point provoque termination of the current
-- cruise phase and activate a transient climb or descent phase to -- cruise phase and activate a transient climb or descent phase to
@ -585,7 +622,8 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
Private_State, Private_State,
Mutual_Exclusion_State), Mutual_Exclusion_State),
In_Out => Gain_Scheduling_State), In_Out => Gain_Scheduling_State),
Pre => On_State = RUNNING, Pre => On_State = RUNNING
and then Engine_State in BRAKING | PROPULSION,
Post => Post =>
-- 1. Assembling mission profile. -- 1. Assembling mission profile.
@ -631,20 +669,38 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
Extract_Gain_Triple_For_Neighbours.Neighbours (I) = Extract_Gain_Triple_For_Neighbours.Neighbours (I) =
(case Flight_Phase is (case Flight_Phase is
when CLIMB => when CLIMB =>
Data.Climb_Gains (if Engine_State = PROPULSION then
(M => Nearest_Neighbours.Neighbours (I).Mission_Profile.M, Data.Climb_Propulsion_Gains
A => Nearest_Neighbours.Neighbours (I).Mission_Profile.A, (M => Nearest_Neighbours.Neighbours (I).Mission_Profile.M,
S => Nearest_Neighbours.Neighbours (I).Mission_Profile.S), A => Nearest_Neighbours.Neighbours (I).Mission_Profile.A,
S => Nearest_Neighbours.Neighbours (I).Mission_Profile.S)
else
Data.Climb_Braking_Gains
(M => Nearest_Neighbours.Neighbours (I).Mission_Profile.M,
A => Nearest_Neighbours.Neighbours (I).Mission_Profile.A,
S => Nearest_Neighbours.Neighbours (I).Mission_Profile.S)),
when CRUISE => when CRUISE =>
Data.Cruise_Gains (if Engine_State = PROPULSION then
(M => Nearest_Neighbours.Neighbours (I).Mission_Profile.M, Data.Cruise_Propulsion_Gains
A => Nearest_Neighbours.Neighbours (I).Mission_Profile.A, (M => Nearest_Neighbours.Neighbours (I).Mission_Profile.M,
S => Nearest_Neighbours.Neighbours (I).Mission_Profile.S), A => Nearest_Neighbours.Neighbours (I).Mission_Profile.A,
S => Nearest_Neighbours.Neighbours (I).Mission_Profile.S)
else
Data.Cruise_Braking_Gains
(M => Nearest_Neighbours.Neighbours (I).Mission_Profile.M,
A => Nearest_Neighbours.Neighbours (I).Mission_Profile.A,
S => Nearest_Neighbours.Neighbours (I).Mission_Profile.S)),
when DESCENT => when DESCENT =>
Data.Descent_Gains (if Engine_State = PROPULSION then
(M => Nearest_Neighbours.Neighbours (I).Mission_Profile.M, Data.Descent_Propulsion_Gains
A => Nearest_Neighbours.Neighbours (I).Mission_Profile.A, (M => Nearest_Neighbours.Neighbours (I).Mission_Profile.M,
S => Nearest_Neighbours.Neighbours (I).Mission_Profile.S))) A => Nearest_Neighbours.Neighbours (I).Mission_Profile.A,
S => Nearest_Neighbours.Neighbours (I).Mission_Profile.S)
else
Data.Descent_Braking_Gains
(M => Nearest_Neighbours.Neighbours (I).Mission_Profile.M,
A => Nearest_Neighbours.Neighbours (I).Mission_Profile.A,
S => Nearest_Neighbours.Neighbours (I).Mission_Profile.S))))
-- 4. Compute MP's gain triple by interpolation of its neighbours -- 4. Compute MP's gain triple by interpolation of its neighbours
-- Set appropriate value to Interpolated_Gain_Triple. -- Set appropriate value to Interpolated_Gain_Triple.
@ -656,15 +712,16 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
function Propulsion_Altitude_Error return Current_Altitude_Type'Base is function Propulsion_Altitude_Error return Current_Altitude_Type'Base is
(Current_Altitude - Intermediate_Set_Point_Altitude) (Current_Altitude - Intermediate_Set_Point_Altitude)
with Pre => On_State = RUNNING; with Pre => On_State = RUNNING
and then Use_Set_Point_Altitude;
function Propulsion_Speed_Error return Current_Speed_Type'Base is function Propulsion_Speed_Error return Current_Speed_Type'Base is
(Current_Speed - Intermediate_Set_Point_Speed) (Current_Speed - Intermediate_Set_Point_Speed)
with Pre => On_State = RUNNING; with Pre => On_State = RUNNING
and then Use_Set_Point_Speed;
function Propulsion_Error return Error_Type with function Propulsion_Error return Error_Type with
Global => (Proof_In => Private_State, Global => Propulsion_State;
Input => Propulsion_State);
-- In Flight and maybe also Take-Off phase, should be -- In Flight and maybe also Take-Off phase, should be
-- Propulsion_Altitude_Error if Selected_Mode is ALTITUDE and -- Propulsion_Altitude_Error if Selected_Mode is ALTITUDE and
-- Propulsion_Speed_Error otherwise, but I am confused about the units... -- Propulsion_Speed_Error otherwise, but I am confused about the units...
@ -672,14 +729,12 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
-- see #29. -- see #29.
function Propulsion_Integral_Error return Error_Type with function Propulsion_Integral_Error return Error_Type with
Global => (Proof_In => Private_State, Global => Propulsion_State;
Input => Propulsion_State); -- Cumulative past Propulsion_Error during the last Ti seconds
-- Cumulative past error during the last Ti seconds
function Propulsion_Derivative_Error return Error_Type with function Propulsion_Derivative_Error return Error_Type with
Global => (Proof_In => Private_State, Global => Propulsion_State;
Input => Propulsion_State); -- Propulsion_Error variation at current time
-- Error variation at current time
procedure Propulsion_Control with procedure Propulsion_Control with
Global => (Input => (Input_State, Global => (Input => (Input_State,
@ -699,24 +754,27 @@ package MMS.F_PT.F_FC.Behavior with SPARK_Mode is
-- Braking Control -- -- Braking Control --
--------------------- ---------------------
function Braking_Altitude_Error return Current_Altitude_Type'Base is
(Current_Altitude - Intermediate_Set_Point_Altitude)
with Pre => On_State = RUNNING
and then Use_Set_Point_Altitude;
function Braking_Speed_Error return Current_Speed_Type'Base is function Braking_Speed_Error return Current_Speed_Type'Base is
(Current_Speed - Data.Recovery_Speed) (Current_Speed - Intermediate_Set_Point_Speed)
with Pre => On_State = RUNNING; with Pre => On_State = RUNNING
and then Use_Set_Point_Speed;
function Braking_Error return Error_Type with function Braking_Error return Error_Type with
Global => (Proof_In => Private_State, Global => Braking_State;
Input => Braking_State); -- Same as propulsion, see #28.
-- Should be Braking_Speed_Error, but I am confused about the units...
function Braking_Integral_Error return Error_Type with function Braking_Integral_Error return Error_Type with
Global => (Proof_In => Private_State, Global => Braking_State;
Input => Braking_State); -- Cumulative past Braking_Error during the last Ti seconds
-- Cumulative past error during the last Ti seconds
function Braking_Derivative_Error return Error_Type with function Braking_Derivative_Error return Error_Type with
Global => (Proof_In => Private_State, Global => Braking_State;
Input => Braking_State); -- Braking_Error variation at current time
-- Error variation at current time
procedure Braking_Control with procedure Braking_Control with
Global => (Input => (Input_State, Global => (Input => (Input_State,

33
UseCaseDevelopment/Layer2_MMS_SW_SPARK/mms-f_pt-f_fc-data.ads
Unescape View File

@ -14,7 +14,7 @@ package MMS.F_PT.F_FC.Data with SPARK_Mode is
Flight_Domain_Mesh : constant Flight_Domain_Mesh_Type (1 .. 100, 1 .. 100); -- ??? bounds Flight_Domain_Mesh : constant Flight_Domain_Mesh_Type (1 .. 100, 1 .. 100); -- ??? bounds
function Climb_Gains function Climb_Propulsion_Gains
(S : Flight_Speed_Center; (S : Flight_Speed_Center;
A : Flight_Altitude_Center; A : Flight_Altitude_Center;
M : Payload_Mass_Center) return Gain_Triple M : Payload_Mass_Center) return Gain_Triple
@ -23,7 +23,7 @@ package MMS.F_PT.F_FC.Data with SPARK_Mode is
and then A in Flight_Domain_Mesh'Range (2) and then A in Flight_Domain_Mesh'Range (2)
and then M in MMS.F_PT.Data.Payload_Mass_Grid'Range; and then M in MMS.F_PT.Data.Payload_Mass_Grid'Range;
function Cruise_Gains function Cruise_Propulsion_Gains
(S : Flight_Speed_Center; (S : Flight_Speed_Center;
A : Flight_Altitude_Center; A : Flight_Altitude_Center;
M : Payload_Mass_Center) return Gain_Triple M : Payload_Mass_Center) return Gain_Triple
@ -32,7 +32,34 @@ package MMS.F_PT.F_FC.Data with SPARK_Mode is
and then A in Flight_Domain_Mesh'Range (2) and then A in Flight_Domain_Mesh'Range (2)
and then M in MMS.F_PT.Data.Payload_Mass_Grid'Range; and then M in MMS.F_PT.Data.Payload_Mass_Grid'Range;
function Descent_Gains function Descent_Propulsion_Gains
(S : Flight_Speed_Center;
A : Flight_Altitude_Center;
M : Payload_Mass_Center) return Gain_Triple
with
Pre => S in Flight_Domain_Mesh'Range (1)
and then A in Flight_Domain_Mesh'Range (2)
and then M in MMS.F_PT.Data.Payload_Mass_Grid'Range;
function Climb_Braking_Gains
(S : Flight_Speed_Center;
A : Flight_Altitude_Center;
M : Payload_Mass_Center) return Gain_Triple
with
Pre => S in Flight_Domain_Mesh'Range (1)
and then A in Flight_Domain_Mesh'Range (2)
and then M in MMS.F_PT.Data.Payload_Mass_Grid'Range;
function Cruise_Braking_Gains
(S : Flight_Speed_Center;
A : Flight_Altitude_Center;
M : Payload_Mass_Center) return Gain_Triple
with
Pre => S in Flight_Domain_Mesh'Range (1)
and then A in Flight_Domain_Mesh'Range (2)
and then M in MMS.F_PT.Data.Payload_Mass_Grid'Range;
function Descent_Braking_Gains
(S : Flight_Speed_Center; (S : Flight_Speed_Center;
A : Flight_Altitude_Center; A : Flight_Altitude_Center;
M : Payload_Mass_Center) return Gain_Triple M : Payload_Mass_Center) return Gain_Triple

Write Preview
Loading…
Cancel
Save