Learn More
Personal use of this material is permitted. However , permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists or to reuse any copyrighted component of this work in other works must be obtained from the IEEE. This material is presented to(More)
This paper describes work in progress at the University of York on worst-case timing analysis of software for hard real-time and safety-critical systems. We are pursuing a programming environment that combines the technologies of program proof and timing analysis. In short, the analytical power afforded by a classical program proof tool is ideal for the(More)
ÐThis paper describes the use of formal development methods on an industrial safety-critical application. The Z notation was used for documenting the system specification and part of the design, and the SPARK 1 subset of Ada was used for coding. However, perhaps the most distinctive nature of the project lies in the amount of proof that was carried out:(More)
Existing security models require that information of a given security level be prevented from ``leaking'' into lower-security information. High-security applications must be demonstrably free of such leaks, but such demonstration may require substantial manual analysis. Other authors have argued that the natural way to enforce these models automatically is(More)
Using automated reasoning techniques, we tackle the niche activity of proving that a program is free from run-time exceptions. Such a property is particularly valuable in high integrity software, e.g. safety or security critical applications. The context for our work is the SPARK Approach for the development of high integrity software. The SPARK Approach(More)