{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,9]],"date-time":"2025-10-09T16:50:11Z","timestamp":1760028611094,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":54,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540884781"},{"type":"electronic","value":"9783540884798"}],"license":[{"start":{"date-parts":[[2008,1,1]],"date-time":"2008-01-01T00:00:00Z","timestamp":1199145600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2008]]},"DOI":"10.1007\/978-3-540-88479-8_26","type":"book-chapter","created":{"date-parts":[[2008,11,4]],"date-time":"2008-11-04T14:18:43Z","timestamp":1225808323000},"page":"369-384","source":"Crossref","is-referenced-by-count":7,"title":["Non-functional Avionics Requirements"],"prefix":"10.1007","author":[{"given":"Michael","family":"Paulitsch","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Harald","family":"Ruess","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Maria","family":"Sorea","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"26_CR1","unstructured":"ARINC, Aircraft Data Network, Part 7, Avionics Full Duplex Switched Ethernet (AFDX) Network, ARINC 664 part 7 (June 2005)"},{"key":"26_CR2","unstructured":"ARINC, Electronic Distribution of Software, ARINC report 666 (May 17, 2002)"},{"key":"26_CR3","unstructured":"ARINC, Electronic Distribution of Software, ARINC Report 666A (May 24, 2005)"},{"key":"26_CR4","unstructured":"ARINC, Multi-Transmitter Data Bus ARINC 629 Part 1-2 (1999)"},{"key":"26_CR5","unstructured":"ARINC, Avionics Application Standard Software Interface. ARINC 653 (2003)"},{"key":"26_CR6","unstructured":"ARINC. Electronic Distribution of Software (EDS) Working Group (March 5, 2008)"},{"issue":"1","key":"26_CR7","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1109\/TDSC.2004.2","volume":"1","author":"A. Avi\u017eienis","year":"2004","unstructured":"Avi\u017eienis, A., Laprie, J.C., Randell, B., Landwehr, C.: Basic concepts and taxonomy of dependable and secure computing. IEEE Trans. on Dependable and Secure Comp.\u00a01(1), 11\u201333 (2004)","journal-title":"IEEE Trans. on Dependable and Secure Comp."},{"key":"26_CR8","unstructured":"Bate, I., Hawkins, R., McDermid, J.: A contract-based approach to designing safe systems. In: Proc. of the 8th Australian Workshop on Safety Critical Systems and Software, Canberra, Australia, vol.\u00a033, pp. 25\u201336 (2003)"},{"key":"26_CR9","doi-asserted-by":"crossref","unstructured":"Baumann, R.: Soft Errors in Advanced Computer Systems. IEEE Design and Test of Computers, 258\u2013266 (2005)","DOI":"10.1109\/MDT.2005.69"},{"key":"26_CR10","unstructured":"Bhatt, D., Hall, B., Dajani-Brown, S., Hickman, S., Paulitsch, M.: Model-based development and the implications to design assurance and certification. In: 24th Digital Avionics Systems Conference (October 2005)"},{"key":"26_CR11","unstructured":"Bhatt, D., Hickman, S., Schloegel, K., Oglesby, D.: An Approach and Tool for Test Generation from Model-Based Functional Requirements. In: Proc. of the Intl. Workshop on Aerospace Software Engineering (May 2007)"},{"issue":"2","key":"26_CR12","doi-asserted-by":"publisher","first-page":"201","DOI":"10.1142\/S0218194096000107","volume":"6","author":"P. Binns","year":"1996","unstructured":"Binns, P., Englehart, M., Jackson, M., Vestal, S.: Domain-specific software architectures for guidance, navigation and control. Int. Journal of Software Engineering and Knowledge Engineering\u00a06(2), 201\u2013227 (1996)","journal-title":"Int. Journal of Software Engineering and Knowledge Engineering"},{"key":"26_CR13","unstructured":"Briere, D., Traverse, P.: Airbus A320\/A330\/A340 Electrical Flight Controls: A Family of Fault-Tolerant Systems. F TCS\u00a023 (1993)"},{"issue":"1","key":"26_CR14","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1109\/32.210303","volume":"19","author":"R.W. Butler","year":"1993","unstructured":"Butler, R.W., Finelli, G.B.: The infeasibility of quantifying the reliability of life-critical real-time software. IEEE Trans. on Software Engineering\u00a019(1), 3\u201312 (1993)","journal-title":"IEEE Trans. on Software Engineering"},{"key":"26_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"496","DOI":"10.1007\/978-3-540-27813-9_45","volume-title":"Computer Aided Verification","author":"L. Moura de","year":"2004","unstructured":"de Moura, L., Owre, S., Rue\u00df, H., Rushby, J., Shankar, N., Sorea, M., Tiwari, A.: Tool presentation: SAL2. In: Alur, R., Peled, D.A. (eds.) CAV 2004. LNCS, vol.\u00a03114, pp. 496\u2013500. Springer, Heidelberg (2004)"},{"key":"26_CR16","doi-asserted-by":"crossref","unstructured":"Dutertre, B., Sorea, M.: Modeling and Verification of a Fault-Tolerant Real-time Startup Protocol using Calendar Automata. FORMATS\/FTRTFT, 199\u2013214 (2004)","DOI":"10.1007\/978-3-540-30206-3_15"},{"key":"26_CR17","doi-asserted-by":"crossref","unstructured":"Glinz, M.: On Non-Functional Requirements. In: Proc. of IEEE Int. Requirements Engineering Conference, pp. 21\u201326 (2007)","DOI":"10.1109\/RE.2007.45"},{"key":"26_CR18","doi-asserted-by":"crossref","unstructured":"Hall, B., Paulitsch, M., Benson, D., Behbahani, A.: Jet Engine Control Using Ethernet with a BRAIN. 44th AIAA\/ASME\/SAE\/ASEE Joint Propulsion Conference & Exhibit. AIAA Paper No AIAA-2008-5291. Hartford, CT, USA (July 2008)","DOI":"10.2514\/6.2008-5291"},{"key":"26_CR19","volume-title":"Proc. of Aerospace Conf.,","author":"H. Hecht","year":"2006","unstructured":"Hecht, H.: Why prognostics for avionics. In: Proc. of Aerospace Conf. IEEE, Los Alamitos (2006)"},{"issue":"3","key":"26_CR20","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1145\/234426.234431","volume":"5","author":"C.L. Heitmeyer","year":"1996","unstructured":"Heitmeyer, C.L., Jeffords, R.D., Labaw, B.G.: Automated consistency checking of requirements specifications. ACM Trans. on SW Eng. and Method.\u00a05(3), 231\u2013261 (1996)","journal-title":"ACM Trans. on SW Eng. and Method."},{"key":"26_CR21","doi-asserted-by":"crossref","unstructured":"Jacob, J.M.: High assurance security and safety for digital avionics. In: Proc. of the 23rd Digital Avionics Systems Conference, Vol. 2, pp.8.E.4 - 8.1\u20139 (24-28 October 2004)","DOI":"10.1109\/DASC.2004.1390776"},{"key":"26_CR22","doi-asserted-by":"crossref","unstructured":"Johnson, D.P.: Assessing the Security of Airborne Networks. Aerospace Safety- Design, Maintenance\/Operations, and Safety\/Security. SAE Doc.No 2007-01-3784 (2007)","DOI":"10.4271\/2007-01-3784"},{"key":"26_CR23","doi-asserted-by":"publisher","first-page":"96","DOI":"10.1109\/TSE.1986.6312924","volume":"0","author":"J.C. Knight","year":"1986","unstructured":"Knight, J.C., Leveson, N.G.: An Experimental Evaluation of the Assumption of Independence in Multi-version Programming. IEEE Trans. on Software Engineering\u00a0SE-12(1), 96\u2013109 (1986)","journal-title":"IEEE Trans. on Software Engineering"},{"key":"26_CR24","unstructured":"Malan, R., Bredemeyer, D.: Defining Non-Functional Requirements. white paper (accessed May 2008) (August 3, 2001), http:\/\/www.bredemeyer.com"},{"key":"26_CR25","doi-asserted-by":"crossref","unstructured":"McWha, J.: Development of the 777 flight control system. AIAA Guidance, Navigation, and Control Conference (August 2003)","DOI":"10.2514\/6.2003-5767"},{"key":"26_CR26","doi-asserted-by":"crossref","unstructured":"Morris, J., Koopman, P.: Representing Design Tradeoffs in Safety Critical Systems. In: Proc. of 2005 Workshop on Architecting Dependable Systems, pp. 1\u20135 (2005)","DOI":"10.1145\/1083217.1083228"},{"key":"26_CR27","unstructured":"Object Management Group (OMG). A UML Profile for MARTE: Modeling and Analysis of Real-Time Embedded systems, Version Beta 2 (June 8, 2008)"},{"key":"26_CR28","doi-asserted-by":"crossref","unstructured":"Owens, B.D., Herring, M.S., Dulac, N., Leveson, N.G., Ingham, M.D., Weiss, K.A.: Application of a Safety-Driven Design Methodology to an Outer Planet Exploration Mission. In: IEEE Aerospace Conference. Big Sky, MT (March 2008)","DOI":"10.1109\/AERO.2008.4526677"},{"key":"26_CR29","unstructured":"Paech, B., Dutoit, A., Kerkow, D., von Knethen, A.: Functional requirements, non-functional requirements and architecture specification cannot be separated \u2013 A position paper. REFSQ (2002)"},{"key":"26_CR30","doi-asserted-by":"crossref","unstructured":"Paulitsch, M., Morris, J., Hall, B., Driscoll, K., Latronico, E., Koopman, P.: Coverage and the use of cyclic redundancy codes in ultra-dependable systems. In: Proc. of Int. Conf. on Dependable Systems and Networks (DSN), 28 June - 1 July 2005, pp. 346\u2013355 (2005)","DOI":"10.1109\/DSN.2005.31"},{"key":"26_CR31","unstructured":"Pop, P., Eles, P., Peng, Z.: Schedulability-Driven Communication Synthesis for Time Triggered Embedded Systems. In: 6th Int. Conf. on Real-Time Computing Systems and Applications (RTCSA 1999), Hong Kong, December 13-15, 1999, pp. 287\u2013294 (1999)"},{"key":"26_CR32","first-page":"386","volume-title":"Proc. of FTCS 1992","author":"D. Powell","year":"1992","unstructured":"Powell, D.: Failure mode assumptions and assumption coverage. In: Proc. of FTCS 1992, pp. 386\u2013395. IEEE Computer Society Press, Los Alamitos (1992)"},{"key":"26_CR33","doi-asserted-by":"crossref","unstructured":"Royalty, C.: Keep the User in Mind: Operational Considerations for Securing Airborne Networks, Aerospace Safety- Design, Maintenance\/Operations, and Safety\/Security. SAE Doc. No 2007-01-3785 (September 2007)","DOI":"10.4271\/2007-01-3785"},{"key":"26_CR34","unstructured":"RTCA SC-164. Audio Systems Characteristics and Minimum Operational Performance Standards for Aircraft Audio Systems and Equipment Systems and Equipment, Wash. D.C., RTCA Inc. (1993)"},{"key":"26_CR35","unstructured":"RTCA SC-167\/EUROCAE WG-12, DO-178B\/ED12B Software Considerations in Airborne Systems and Equipment Certification, Wash. D.C., RTCA Inc. (1992)"},{"key":"26_CR36","unstructured":"SAE, Certification Considerations for Highly-Integrated Or Complex Aircraft Systems, SAE Doc. No ARP4754 (November 1996)"},{"key":"26_CR37","unstructured":"SAE, Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment, SAE Doc. No ARP4761 (December 1996)"},{"key":"26_CR38","unstructured":"SAE, Guidelines for Time-Limited-Dispatch (TLD) Analysis for Electronic Engine Control Systems, SAE Doc. No ARP5107 Ref. B (November 2006)"},{"key":"26_CR39","doi-asserted-by":"crossref","unstructured":"SAE, SAE Architecture Analysis Design Language (AADL) Doc.AS5506\/1 (June 2006)","DOI":"10.1007\/978-3-540-74035-3_1"},{"issue":"4","key":"26_CR40","doi-asserted-by":"publisher","first-page":"739","DOI":"10.1109\/6144.974969","volume":"24","author":"W. Shawlee","year":"2001","unstructured":"Shawlee, W., Humphrey, D.: Aging avionics- what causes it and how to respond. IEEE Trans on Components and Packaging Technologies\u00a024(4), 739\u2013740 (2001)","journal-title":"IEEE Trans on Components and Packaging Technologies"},{"key":"26_CR41","doi-asserted-by":"crossref","unstructured":"Sifakis, J.: A Framework for Component-based Construction. In: 3rd IEEE Int. Conf. on Software Engineering and Formal Methods (SEFM 2005), pp. 293\u2013300 (September 2005)","DOI":"10.1109\/SEFM.2005.3"},{"key":"26_CR42","doi-asserted-by":"crossref","unstructured":"Sorea, M., Steiner, W.: Classification and analysis of failure modes for time-triggered systems. In: Proceedings of FeT (2007)","DOI":"10.3182\/20071107-3-FR-3907.00020"},{"key":"26_CR43","doi-asserted-by":"crossref","unstructured":"Srivastava, D., Narasimhan, P.: Architectural Support for Mode-Driven Fault Tolerance in Distributed Applications. In: Proc. of the 2005 workshop on Architecting Dependable Systems, St. Louis, Missouri, USA, pp. 1\u20137 (2005)","DOI":"10.1145\/1083217.1083226"},{"key":"26_CR44","doi-asserted-by":"crossref","unstructured":"Steiner, W., Rushby, J., Sorea, M., Pfeifer, H.: Model checking a fault-tolerant startup algorithm: From design exploration to exhaustive fault simulation. In: DSN 2004 (2004)","DOI":"10.1109\/DSN.2004.1311889"},{"key":"26_CR45","unstructured":"Steiner, W.: Startup and Recovery of Fault-Tolerant Time-Triggered Communication. PhD Thesis, Technische Universit\u00e4t Wien (2004)"},{"key":"26_CR46","doi-asserted-by":"crossref","unstructured":"Tovar, E., Vasques, F.: From Task Scheduling in Single Processor Environments to Message Scheduling in a PROFIBUS. In: IPPS\/SPDP Workshops, pp. 339\u2013352 (1999)","DOI":"10.1007\/BFb0097916"},{"key":"26_CR47","unstructured":"Vestal, S.: Real-Time Sampled Signal Flows through Asynchronous Distributed Systems. In: IEEE Real-Time and Embedded Technology and Applications Symp. (2005)"},{"key":"26_CR48","unstructured":"Vestal, S., Stickler, L., Kune, D.F., Binns, P., Lamba, N.: Architecture Specification and Automated Timing and Safety Analysis for a Large Avionics System (June 16, 2004), http:\/\/la.sei.cmu.edu\/aadl\/documents\/AADL-MetaH%20for%20LAS.pdf"},{"key":"26_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1081","DOI":"10.1007\/978-3-540-76890-6_35","volume-title":"On the Move to Meaningful Internet Systems 2007: OTM 2007 Workshops","author":"S. Voss","year":"2007","unstructured":"Voss, S.: Scheduling in time-triggered networks. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM-WS 2007, Part II. LNCS, vol.\u00a04806, pp. 1081\u20131091. Springer, Heidelberg (2007)"},{"key":"26_CR50","doi-asserted-by":"crossref","unstructured":"Voss, S., Sorea, M., Echtle, K.: Symbolic Scheduling in Time-Triggered Systems (in preparation, 2008)","DOI":"10.1007\/978-3-642-00255-7_14"},{"key":"26_CR51","unstructured":"Wilkinson, C., Haselrick, B., Paulitsch, M., Hall, B.: Transitioning Aerospace Electronic Systems from Reactive to Proactive Obsolescence Management. IEEE Trans. on Components and Packaging Technologies (2008)"},{"key":"26_CR52","doi-asserted-by":"crossref","unstructured":"Wittenmark, B., Nilsson, J., T\u00f6rngren.: Timing Problems in Real-Time Control Systems. In: Proc. of American Control Conf., June 21-23, vol. 3, pp. 2000\u20132004 (1995)","DOI":"10.1109\/ACC.1995.531240"},{"issue":"4","key":"26_CR53","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1082983.1083219","volume":"30","author":"L. Xu","year":"2005","unstructured":"Xu, L., Ziv, H., Richardson, D., Alspaugh, T.A.: An architectural pattern for non-functional dependability requirements. SIGSOFT Softw. Eng. Notes\u00a030(4), 1\u20136 (2005)","journal-title":"SIGSOFT Softw. Eng. Notes"},{"key":"26_CR54","unstructured":"Zetter, K.: FAA: Boeing\u2019s New 787 May Be Vulnerable to Hacker Attack. wired.com (April 1, 2008)"}],"container-title":["Communications in Computer and Information Science","Leveraging Applications of Formal Methods, Verification and Validation"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-88479-8_26","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,2]],"date-time":"2025-02-02T13:54:07Z","timestamp":1738504447000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-88479-8_26"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008]]},"ISBN":["9783540884781","9783540884798"],"references-count":54,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-88479-8_26","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2008]]}}}