Environment-based specification of real-time interlock and control systems

The author advocates a new approach to specifying requirements which is to describe the environment and then define the properties it should exhibit under the influence of the required logic system using defined sensors and actuators. By concentrating on the environment, the specification should: be high-level, avoiding any reference to the internal structures of the required system and thus avoiding implementation bias; use terminology which is familiar to the users and thus should be more likely to reflect their real requirements. In addition, a specification where the plant is made the focus of attention should form a better basis for discussion between customer and developer, reducing the chance of error in implementation. >