Despite the special difficulties of automobile software, with its stringent but evolving requirements, there are many powerful techniques for software verification and validation. However, there are practical limits t...
详细信息
Despite the special difficulties of automobile software, with its stringent but evolving requirements, there are many powerful techniques for software verification and validation. However, there are practical limits to the reliability which can be demonstrated, and it is essential to follow a well-defined and rigorous specification and development process.< >
SPARK is an annotated subset of Ada for high-integrity programming. This subset, in conjunction with its system of annotations (formal comments), is designed to eliminate language ambiguities and insecurities, and to ...
详细信息
SPARK is an annotated subset of Ada for high-integrity programming. This subset, in conjunction with its system of annotations (formal comments), is designed to eliminate language ambiguities and insecurities, and to allow rigorous static code analysis and formal verification of programs. The development, flow analysis and correctness proof of SPARK programs is supported by a software tool, the SPARK Examiner. The paper outlines the essential features of SPARK and explains how the Examiner is used in program development.< >
The need for reliable software has rapidly overtaken the ability to produce it. In control applications, particularly disastrous results may arise from errors. For many years computer scientists have been developing l...
详细信息
The need for reliable software has rapidly overtaken the ability to produce it. In control applications, particularly disastrous results may arise from errors. For many years computer scientists have been developing languages and techniques to clarify the structure of programs through establishing a sound mathematical foundation. The techniques included under the general umbrella of formal methods have been introduced especially to put the design phase of program onto an analytical basis. The authors examine their application in control systems, and especially their applicability in verifying and validating control software. The context of the article is a programme of research in developing validation techniques in control using formal methodologies. The author examines: application areas and benefits for industrial control; establishment of control software integrity; and examples of formal methods in control systems.< >
The technique of static analysis has, for some time now, been recognised as a technique necessary for the verification of critical software. Typically static analysis is performed by the use of automatic tools. One su...
详细信息
The technique of static analysis has, for some time now, been recognised as a technique necessary for the verification of critical software. Typically static analysis is performed by the use of automatic tools. One such tool, widely used for the verification of safety critical software, particularly in the fields of military avionics and nuclear power, is MALPAS. The advantages of this particular tool are that, not only does it perform the simpler analyses of code structure and data and information flow, but it also reveals the semantics of the code under analysis which may be manually or automatically compared against specifications to verify the code.< >
This paper describes a methodology for establishing a clear requirements baseline at the outset of the development lifecycle using the general approach of procedure SQA01. It was originally applied to software develop...
详细信息
This paper describes a methodology for establishing a clear requirements baseline at the outset of the development lifecycle using the general approach of procedure SQA01. It was originally applied to software development for a military HF communication system, and has since been applied to two further projects in the civil sector concerning private mobile radio and message switching. The methodology provides forward and reverse traceability between this baseline and the design, so giving assurance that the delivered product meets its requirements whilst not being over-engineered. The methodology helps engineers perform formal integration and acceptance testing such as described in procedures SQA08 and SQA09 by documenting tests and providing traceability to the requirements baseline.< >
The verification and validation of representations of the evolving software artifact plays a key role in many approaches to software development. The representations range from specification and design documents to th...
详细信息
The verification and validation of representations of the evolving software artifact plays a key role in many approaches to software development. The representations range from specification and design documents to the program code itself. The authors present a real-time validator (RTV) that was developed for an application in telecommunication switching. They overview the specification model used and introduce the key structure of the validator-the model of beliefs about permissible behavior of the system. They show how this model is related to the specification model and present a rule-based representation of belief models. The authors describe an implementation of the validator and discuss their experience with its use in detection of failures for a small telephone exchange.< >
Shortcomings in system requirements are best addressed from the start rather than waiting for design steps or the product to show them up. The perceived requirements should be recorded in an unambiguous yet understand...
详细信息
Shortcomings in system requirements are best addressed from the start rather than waiting for design steps or the product to show them up. The perceived requirements should be recorded in an unambiguous yet understandable way to form a basis for design and testing activities. This paper considers a particular kind of requirement that is difficult to design for-the software timing requirement. Failure to meet timing requirements is often unnoticed before implementation, and may thus be very costly. The author discusses the problem of speeding up programs that are too slow, software functional requirements, software timing requirements, specification and verification.< >
Vehicle electronic control systems have the potential to become unreliable when they grow too complex. By careful design of the whole system, both hardware and software, it is possible to organise the data processing ...
详细信息
Vehicle electronic control systems have the potential to become unreliable when they grow too complex. By careful design of the whole system, both hardware and software, it is possible to organise the data processing tasks in such a way that the risks associated with software failure are indeed minimal. The validation tools already in widespread use throughout the industry, when rigorously applied, reduce this risk to below that associated with hardware design failures. The paper concerns the programmable automotive microcontroller (PAM), an ASIC-based device developed by AB Automotive Electronics to improve reliability. It describes ways in which PAM can detect errors arising from various sources in software. AB has written, and maintains, its own compiler for PAM. The compiler gives warnings of possible sources of difficulty. Standards for software and the development thereof are given.< >
The development of computer-aided software engineering tools, with their undoubted advantages, needs to be parallelled by developments in automated quality measurement and tracking tools. The authors describe an initi...
详细信息
The development of computer-aided software engineering tools, with their undoubted advantages, needs to be parallelled by developments in automated quality measurement and tracking tools. The authors describe an initial approach taken by them in this respect: providing an automated method of tracking the progress of functional verification testing against a defect removal model (DRM). The automated tracking package described, comprises the following general elements: a controlling routine which inputs data from a driver plan file and a PTR summary file and computes plotting information which it passes to a graphical display routine for plotting; subsidiary routines to extract a raw PTR summary from the database for the product being tracked; subsidiary routines to refine this summary into, in the example given, a list of FV PTRs; a flat file driver plan; and files giving the chart format and data definition files which the graphical display manager uses to plot the chart.< >
暂无评论