Functional documents for computer systems
Science of Computer Programming
Is Proof More Cost-Effective Than Testing?
IEEE Transactions on Software Engineering
Retrenchment, Refinement, and Simulation
ZB '00 Proceedings of the First International Conference of B and Z Users on Formal Specification and Development in Z and B
ICFEM '00 Proceedings of the 3rd IEEE International Conference on Formal Engineering Methods
Architecture-driven Problem Decomposition
RE '04 Proceedings of the Requirements Engineering Conference, 12th IEEE International
Control law diagrams in circus
FM'05 Proceedings of the 2005 international conference on Formal Methods
Proving properties of stateflow models using ISO standard z and CADiZ
ZB'05 Proceedings of the 4th international conference on Formal Specification and Development in Z and B
| Hi-index | 0.01 |
We reflect on the formal development models applicable to embedded control systems in light of our experience with safety-critical applications from the aerospace domain. This leads us to propose two complementary enhancements to Parnas' four-variable model, one elaborating the structure outside the control computer, and the other elaborating the structure inside the control computer. We then identify several challenges which illustrate why formal development in this domain is difficult, and report our own progress in meeting these challenges. Finally, we outline the residual issues, which form the agenda for our future work.