Z and ProCoSA based specification of a distributed FDIR in a satellite formation

On-board FDIR (Fault Detection, Isolation and Recovery) is contemplated for autonomous satellite formations. Several FDIR strategies have been specified using the Petri net - based software ProCoSA (for the dynamic aspects) on the one hand, and the set theory - based Z specification language (for the static aspects) on the other hand. ProCoSA enables to specify the different state changes triggered by the different events within the formation; Z enables to describe the relations and constraints(invariants) between the state variables. The paper focuses on a global specification including both the dynamic and static aspects, through a formal link between ProCoSA and Z. The link is implemented and allows some properties of the strategies to be checked.