Learn More
Formal methods are mathematically-based techniques, often supported by reasoning tools, that can offer a rigorous and effective way to model, design and analyze computer systems. The purpose of this study is to evaluate international industrial experience in using formal methods. The cases selected are, we believe, representative of industrial-grade(More)
" Formal Methoak " refers to the use of mathematically based techniques in so~are and system engineering. This pa~r summarizes observations on their use in a dozen applications in industrial settings. Application goals rangedfiom re-engineering to ~stem certification. Code scale rangesfiom 1000 LOC for a complex safety-critical application) through 10, 000s(More)
when they were writing the specification, but that was late in the process. RATP would have liked direct simulation of the specification. UK government groups. GEC Alsthom has used B in two subsequent applica­ tions: a transportation system in Calcutta, India, and a safety net to protect against driver failure on all the electrified lines operated by the(More)
Darlington is a four-reactor nuclear plant east of Toronto. It is operated by Ontario Hydro. Each reactor has two independent shutdown systems: SDS1 drops neutron-absorbing rods into the core, while SDS2 injects liquid poison into the moderator. Both are safety-critical and require high levels of confidence. In 1982, Ontario Hydro, with the concurrence of(More)
  • 1