Safety-Critical Systems, Formal Methods and Standards

Standards concerned with the development of safety-critical systems, and the software in such systems in particular, abound today as the software crisis increasingly affects the world of embedded computer-based systems. The use of formal methods is often advocated as a way of increasing confidence in such systems. This paper examines the industrial use of these techniques, the recommendations concerning formal methods in a number of current and draft standards, and comments on the applicability and problems of using formal methods for the development of safety-critical systems of an industrial scale. Some possible future directions are suggested. Further copies of the Technical Report may be obtained from the Librarian, Oxford University Computing Laboratory, Programming Research Group, Wolfson Building, Parks Road, Oxford OX1 3QD, England (Email: [email protected])

The Practice of Formal Methods in Safety Critical Systems

By describing several industrial-scale applications of formal methods, this paper intends to demonstrate that formal methods for software development and safety analysis are increasingly adopted in the safety critical systems sector. The benefits and limitations of using formal methods are described, and the problems of developing software for safety critical systems are analysed. Keywords: formal methods, functional requirements analysis, safety analysis, safety critical systems. 1 Introduction A significant problem of developing software for safety critical systems is how to guarantee that the functional behaviour of a developed software system will satisfy the corresponding functional requirements and will not violate the safety requirements for the associated overall system. In order to solve this problem, it is important to analyse thoroughly the safety properties of the overall system, to achieve accurate software functional requirements and to verify properly the implementatio..

Formal Methods and Software Safety

The safety of software is becoming increasingly important as computers pervade control systems on which human life depends. Whilst hardware has become significantly more reliable over the years, the same cannot be said of software. This has become more complex and methods to ensure its correctness have been slow in development. One approach is to mathematically verify software in such systems. This paper investigates the industrial use of these techniques, their advantages and disadvantages, and the introduction of standards and their recommendations concerning formal methods in this area. The cost of safety is also considered. Keywords: Safety; reliability; system integrity; standards; education; digital systems; computer software; formal languages; industrial control; software engineering

The Industrial Take-up of Formal Methods in Safety-Critical And Other Areas: A Perspective

Formal methods may be at the crossroads of acceptance by a wider industrial community. In order for the techniques to become widely used, the gap between theorists and practitioners must be bridged effectively. In particular, safety-critical systems offer an application area where formal methods may be engaged usefully to the benefit of all. This paper discusses some of the issues concerned with the general acceptance of formal methods and concludes with a summary of the currentposition and how the formal methods community could proceed to improve matters in the future