Information-flow and data-flow analysis of while-programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
The Z notation: a reference manual
The Z notation: a reference manual
Tasking profiles (session summary)
IRTAW '97 Proceedings of the eighth international workshop on Real-Time Ada
The SPARK way to correctness is via abstraction
ACM SIGAda Ada Letters - special issue on presentations from SIGAda 2000
Is Proof More Cost-Effective Than Testing?
IEEE Transactions on Software Engineering
Breaking Through the V and V Bottleneck
Proceedings of the Second International Eurospace - Ada-Europe Symposium on Ada in Europe
Evidential volume approach for certification
Ada-Europe'03 Proceedings of the 8th Ada-Europe international conference on Reliable software technologies
Behavioral interface specification languages
ACM Computing Surveys (CSUR)
Bringing safe, dynamic parallel programming to the spark verifiable subset of ada
Proceedings of the 2013 ACM SIGAda annual conference on High integrity language technology
Tutorial: proving safety of parallel / multi-threaded programs
Proceedings of the 2013 ACM SIGAda annual conference on High integrity language technology
Hi-index | 0.00 |
This paper considers a number of large, real-world projects that are using SPARK---an annotated sublauguage of Ada that is appropriate for the development of high-integrity systems. Three projects are considered in some detail where SPARK has made a contribution to meeting the most stringent software engineering standards. The projects are the Ship/Helicopter Operational Limits Instrumentation System (UK Interim Defence Standard 00-55), the MULTOS CA (a high-security system developed to the standards of ITSEC level E6), and the Lockheed C130J Mission Computer (DO-178B Level A). A less successful project is also described. The lessons learnt from these projects show that SPARK offers a cost-effective approach for the construction of high-integrity software when it is deployed judiciously within an appropriate software development process.