The VeriKI project, funded by the German Federal Ministry of Education and Research (BMBF) under the grant number 50 RA 2013‑EVPoC, was carried out as part of a consortium that included the Fraunhofer Institute for Software Technology (FZI), the University of Würzburg, and the German Space Systems Engineering (GSSE). The aim was to develop a verification concept and a proof‑of‑concept for the use of non‑conformant software (NCSW) in safety‑critical space systems, with a particular focus on artificial‑intelligence (AI) methods used in New Space applications. The project ran from 2013 until the final report was issued in 2015.
On the technical side, the team produced two distinct verification processes. For classical software written in languages such as C, C++, and Java, the process combines a structured checklist, code instrumentation, and the generation of wrapper functions to detect and mask potential program errors. The instrumentation was performed with the DCRTT tool developed by GSSE, which monitors runtime properties of the NCSW. The process proceeds through three stages: first, a checklist identifies applicable mitigation measures; second, the NCSW is embedded with mitigation and monitoring functions; third, the software is executed in a realistic environment and its properties are observed and evaluated. A positive evaluation allows the NCSW to be deployed in a safety‑critical context. The process is designed to be stoppable by decision makers if a risk‑benefit assessment dictates, and responsibility for decisions is documented throughout.
For AI and machine‑learning (ML) applications, the team conducted an extensive literature review to identify existing verification approaches that meet space‑specific reliability requirements. From this review a tailored process was derived, although GSSE did not employ any AI tools itself; instead, the process was applied by partner organisations to their respective use cases and the results were coordinated and evaluated with GSSE. The literature review highlighted that, prior to VeriKI, no established process existed to support the verification of AI methods in safety‑critical space systems.
A key demonstration of the approach was the dynamic reconfiguration software used as a test case. The DCRTT tool was employed to instrument the code and generate wrapper functions, and the resulting observations were compiled into a test report (VeriKI‑GSSE‑TR01). While the report does not provide explicit quantitative performance metrics, it documents that the verification process successfully identified and mitigated potential issues, thereby enabling the NCSW to meet safety requirements.
The collaboration structure was clear: GSSE provided expertise on reliability requirements, guided the verification of use‑case software, applied the AI verification process, and facilitated discussions on outcomes and improvement recommendations. FZI and the University of Würzburg contributed domain knowledge and implementation expertise, while the agency’s software product assurance team participated in iterative refinement of the process definitions. The project’s outcome is a set of validated verification processes that can be applied to both classical and AI‑based software, thereby extending the range of reusable software that can be safely integrated into space missions.