The role of formal methods in the requirements analysis of safety-critical systems: a train set example

Abstract

A general framework for the formal specification and verification of the critical requirements in the development of safety-critical systems is presented. The framework is based on a clear separation of the mission and critical issues during requirements analysis. Analysis of the critical issues is performed in two phases. The first phase identifies those real world properties relevant to the critical requirements: the physical laws or rules of operation, and the system hazards. In the second phase, the interface between the system and its environment is identified, and the behavior required at this interface is specified. The utilization of different formal models, namely, a logical formalism (timed history logic) and a net formalism (predicate-transition nets), respectively, is proposed for the two phases. To illustrate the framework, an example based on a train set crossing is presented.<>