Vital software: Formal method and coded processor
暂无分享,去创建一个
Siemens Transportation Systems has been developing mass transit systems for 30 years and for more than 10 years it has used the B formal method to develop and validate its safety critical software. With B, the software is derived stepwise from an abstract mathematical specification and formal proof ensures that each intermediate step is equivalent to the previous one. With the Vital Coded Processor, any run time error caused either by a compiler error or a hardware failure is detected and the unit is set in a safe state. A high level of productivity is achieved through the use of a tool that derives semi-automatically the code from the formal specification.
[1] Frank Waters,et al. The B Book , 1971 .
[2] P. Forin,et al. VITAL CODED MICROPROCESSOR PRINCIPLES AND APPLICATION FOR VARIOUS TRANSIT SYSTEMS , 1990 .
[3] Gérard D. Guiho,et al. SACEM: A fault tolerant system for train speed control , 1993, FTCS-23 The Twenty-Third International Symposium on Fault-Tolerant Computing.
[4] Paul Benoit,et al. Météor: A Successful Application of B in a Large Project , 1999, World Congress on Formal Methods.