Specifying Constraints with Message Sequence Specifications
APSEC '99 Proceedings of the Sixth Asia Pacific Software Engineering Conference
Hi-index | 0.00 |
In safety-critical systems, certain safety constraints must be satisfied before an operation can be performed. Violation of these constraints can lead to serious hazards. Such safety constraints typically depend on the state of the system at the instant of invocation of the operation. Thus the constraints may vary for different invocations of the same operation. Further, for a specific version in a family of related systems, its intended application and the individual user profiles may play a role in determining the constraints. To promote reuse of system design while allowing customizability of specific constraints, a good design should de-couple the operations from their associated constraints. Also, it is highly desirable and often mandatory that the increased flexibility does not entail significant addition to execution time and memory requirements. This paper presents one such design of an object-oriented framework for detecting constraint violations. It discusses an application of this framework to our motivational problem in the context of implantable cardiac medical devices. This paper also serves a broader objective of cataloging the experience gained in developing safety-critical systems. Such a knowledge base will be of practical value to the developer community.