Christopher A. Rouff and Michael G. Hinchey
The Lights Out Ground Operations System (LOGOS) system is a prototype multi-agent system for automating satellite ground operations systems. It uses a community of software agents that work cooperatively to perform ground system operations normally done by human operators who are using traditional ground station software tools, such as orbit generators, schedulers and command sequence planners. During the implementation of LOGOS several errors occurred that involved race conditions. Due to the parallel nature of the asynchronous communications as well as the internal parallelism of the agents themselves, finding the race conditions using normal debugging techniques proved extremely difficult. Following the development of LOGOS, the development team decided to use formal methods to check for additional inter-agent race conditions and omissions using formal specification techniques. The specification revealed several omissions as well as race conditions. Our experience to date has shown that even at the level of requirements, formalization can help to highlight undesirable behavior and equally importantly can help to find errors of omission.