The Automated Test Monitor computer program provides for continuous monitoring of the operations of a complex system (e.g., a spacecraft). This program implements a rigorous analytic (instead of an ad hoc) technique that prescribes exactly how to express requirements for the operation of the system, and how to construct and implement a software subsystem that can detect violations of the requirements. Thus, the program provides a theoretical and computational framework that is potentially applicable to monitoring of a variety of systems. Run-time monitor software is constructed (hereafter, "monitor" for short) that can be embedded in the software that controls the operation of the system to be monitored. In the generation of the monitor, correctness properties are expressed as linear temporal logic (LTL) formulas, then a procedure is generated from the formulas. The system-control software is then modified manually to provide the software analog of instrumentation that informs the monitor of events in the system that can cause changes in LTL correctness properties. The monitor responds whenever it detects an event that violates a specified correctness property. The response of the monitor can be used to activate a subsystem to respond to the fault that caused the violation.
This program was written by Francis Schneider of Caltech for NASA's Jet Propulsion Laboratory. NPO-20585