Abstract Ansaldo Trasporti Computer Based Interlocking System “ACC” is based on multiprocessor architecture and software developed with safety criteria. It achieves the same levels of safety and availability as relay interlocking. Safety and availability are fundamental attributes of dependability requirements for the ACC system; they are assured by the following fault avoidance and fault tolerance techniques: - development methodology (Structured Analysis and Design). -independent Verification & Validation (V&V) methodology. -fault-detection techniques. -software diversity for the three sections of TMR developed by different teams using different languages. -software voting of results. This paper discusses in some detail: -adopted V&V methodology. -V&V environment. V&V activities are carried out during the whole software development cycle (“Step by Step V&V”), in parallel with the project team activities. V&V activities are conducted separately from software development activities by an independent group. This organization increases the V&V efficiency to avoid repeating specification misconception during V&V phases. Software tools have been especially developed for V&V activities. Data related with errors found during the different V&V phases and data logged during the first period of ACC real service will be examined.
[1]
A. M. Traverso.
A Tool For Specification Analysis: "Complete" Decision Tables
,
1985
.
[2]
John B. Goodenough,et al.
Toward a theory of test data selection
,
1975
.
[3]
Glenford J Myers,et al.
Reliable software through composite design
,
1975
.
[4]
Robert Dunn,et al.
Software Defect Removal
,
1984
.
[5]
Algirdas Avizienis,et al.
The N-Version Approach to Fault-Tolerant Software
,
1985,
IEEE Transactions on Software Engineering.
[6]
Barry W. Boehm,et al.
Seven basic principles of software engineering
,
1983,
J. Syst. Softw..