Title :
Don´t verify, abstract!
Author :
O´Halloran, C. ; Smith, A.
Author_Institution :
Syst. Assurance Group, DERA, Malvern, UK
Abstract :
Describes a notation and tool for demonstrating to a third-party certifier that software written in a subset of Ada is safe, and gives some experience of using them on real projects. The thesis underlying the design is that people write adequate code, but that they make design and implementation decisions which can conflict with each other to introduce safety problems. The usual paradigm of formally specifying and then developing and verifying the code is less cost-effective than writing the code and then abstracting it to a level that is suitable for human judgements to be made. This is because there are more people who know how to write good code than those who can write effective formal specifications. The tool processes a formal, or informal, argument that code meets its safety requirements using literate programming and concepts from the refinement calculus developed at Oxford University
Keywords :
Ada; certification; computer aided software engineering; formal specification; refinement calculus; safety; software tools; Ada subset; adequate code; code abstraction; code development; code verification; cost-effectiveness; design decisions; formal specification; human judgements; implementation decisions; literate programming; notation; refinement calculus; safety requirements; software tool; third-party certifier; Calculus; Costs; Documentation; Formal specifications; Humans; Program processors; Software safety; Software tools; Sparks; Writing;
Conference_Titel :
Automated Software Engineering, 1998. Proceedings. 13th IEEE International Conference on
Conference_Location :
Honolulu, HI
Print_ISBN :
0-8186-8750-9
DOI :
10.1109/ASE.1998.732573
