CADiZ : an architecture for Z tools and its implementation
Software—Practice & Experience
Structuring Z specifications with views
ACM Transactions on Software Engineering and Methodology (TOSEM)
The B-book: assigning programs to meanings
The B-book: assigning programs to meanings
Experiences Using Lightweight Formal Methods for Requirements Modeling
IEEE Transactions on Software Engineering
Formalizing space shuttle software requirements: four case studies
ACM Transactions on Software Engineering and Methodology (TOSEM)
Formal specification: a roadmap
Proceedings of the Conference on The Future of Software Engineering
Ten Commandments of Formal Methods
Computer
Towards a Duration Calculus Proof Assistant in PVS
ProCoS Proceedings of the Third International Symposium Organized Jointly with the Working Group Provably Correct Systems on Formal Techniques in Real-Time and Fault-Tolerant Systems
An Extended Duration Calculus for Hybrid Real-Time Systems
Hybrid Systems
SCR*: A Toolset for Specifying and Analyzing Software Requirements
CAV '98 Proceedings of the 10th International Conference on Computer Aided Verification
A Set-Theoretic Model for Real-Time Specification and Reasoning
MPC '98 Proceedings of the Mathematics of Program Construction
Possum: An Animator for the SUM Specification Language
APSEC '97 Proceedings of the Fourth Asia-Pacific Software Engineering and International Computer Science Conference
Hierarchical verification environment
SCS '05 Proceedings of the 10th Australian workshop on Safety critical systems and software - Volume 55
Extending Formal Methods for Software-Intensive Systems
Software-Intensive Systems and New Computing Paradigms
Hi-index | 0.00 |
This article describes our experience of using formal specification to reformulate the requirements of the Nulka Electronic Decoy. The Nulka Electronic Decoy is a hovering rocket that lures anti-ship missiles away from the ship. The requirements specification contained informal natural language requirements relating both to time-related performance requirements, and to other physical characteristics that were not time-related. 'Timed Interval Calculus' was used for the time-related performance requirements whereas simple mathematics was used for the others, thereby creating two different views of the Decoy. While no conflicting requirements or incorrect values were detected, 50% of the requirements were modified as a result of formalisation and consultation with domain experts. This article describes the techniques that were used, the changes that were made, reflects on lessons learned and discusses related work.