Skip to main content
Springer Nature Link
Log in

Safety Demonstration and Software Development

  • Conference paper
Computer Safety, Reliability, and Security (SAFECOMP 2007)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 4680))

Included in the following conference series:

  • 2042 Accesses

Abstract

The paper reports about a study conducted for RATP, the utility organisation for public transportation in Paris and region.

RATP has developed since the mid eighties a mathematically formal approach for the development of safety-critical software, based on the B method.

The question raised, in the context of evolutions in software development, was:

Is it possible to demonstrate the same level of safety without resorting to mathematically formal approaches?

In order to respond this question, several steps were considered: 1) reminding the infeasibility of quantifying safety-critical software, and its consequences on the development process, and on the system vision, 2) situating the current RATP approach with respect to other safety-critical domains, 3) examining and comparing alternate approaches for developing safety-critical software, 4) coming back to the RATP approach, for examining underlying assumptions.

The conclusion was the recommendation to pursue the mathematically formal development approach.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Abrial, J.R.: The B book — Assigning programs to meanings. Cambridge University Press, Cambridge (1996)

    MATH  Google Scholar 

  2. Abrial, J.R.: B: passé, présent, futu (B: past, present, future). Technique et science informatiques 22(1), 89–118 (1993)

    Article  Google Scholar 

  3. Arlat, J., Kanoun, K., Laprie, J.C.: Dependability modeling and evaluation of software-fault tolerant systems. IEEE Transactions on Computers 39(4), 504–513 (1990)

    Article  Google Scholar 

  4. Avizienis, A., He, Y.: Microprocessor entomology: a taxonomy of design faults in COTS microprocessors. In: Weinstock, C.B., Rushby, J. (eds.) Dependable Computing for Critical Applications 7, pp. 3–23. IEEE CS Press, Los Alamitos (1999)

    Chapter  Google Scholar 

  5. Benveniste, A., Berry, G.: The synchronous approach to reactive real-time systems. Proceedings of the IEEE 79, 1270–1282 (1999)

    Article  Google Scholar 

  6. Benveniste, A., Caspi, P., Edwards, S.A., Halbwachs, N., Le Guernic, P., de Simone, R.: The synchronous languages 12 years later. Proceedings of the IEEE 91, 64–83 (2003)

    Article  Google Scholar 

  7. Bert, D.: La recherche en B (The research in B). Technique et science informatiques 22(1), 129–130 (1993)

    Google Scholar 

  8. Bieber, P., Castel, C., Seguin, C.: Combination of fault tree analysis and model checking for safety assessment of complex systems. In: Proc. 4th European Dependable Computing Conference (EDCC-4), October 2002, Toulouse, France (2002)

    Google Scholar 

  9. Bishop, P.G., Esp, D.G., Barnes, M., Humphrey, P., Dahll, G., Lahti, J.: PODS — A project on diverse software. IEEE Trans. on Software Engineering SE-12(9), 929–940 (1986)

    Google Scholar 

  10. Bohn, J., Damn, W., Wittke, H., Klose, J., Moik, A.: Modeling and validating train system applications using Statemate and live sequence charts. In: Proc. Integrated Design and Process Technology (IPDT 2002) (June 2002)

    Google Scholar 

  11. Brière, D., Traverse, P.: Airbus A/320/A330/A340 electrical flight controls — A family of fault-tolerant systems. In: Proc. 23rd IEEE Int. Symp. on Fault-Tolerant Computing (FTCS-23), Toulouse, France, June 1993, pp. 616–623 (1993)

    Google Scholar 

  12. Butler, R.W., Finelli, G.B.: The infeasibility of quantifying the reliability of life-critical real-time software. IEEE Trans. on Software Engineering 19(1), 3–12 (1993)

    Article  Google Scholar 

  13. Callahan, J., Schneider, F., Easterbrook, S.: Automated testing using model-checking. In: Proc. 1996 SPIN Workshop, August 1996, Rutgers, NJ., USA (1996)

    Google Scholar 

  14. Carrington, D., Stocks, P.: A tale of two paradigms: formal methods and software testing. In: Proc. 8th Z User Meeting, Springer, Heidelberg (1994)

    Google Scholar 

  15. Caspi, P.: Eléments pour le choix de méthodes de développement de systèmes logiciels critiques. Elements for selecting development methods of critical software systems, 2005, Rapport de recherche Verimag no TR-2005-17 (In French) (Novembre 2005)

    Google Scholar 

  16. Railway applications - Communications, signalling and processing systems - Software for railway control and protection systems, EN 50128, European Committee for Electrotechnical Standardization (2001)

    Google Scholar 

  17. Chapront, P.: Vital coded processor and safety related software design. In: Proc. Safety of Computer Control Systems 1992 (SAFECOMP 1992), October 1992, pp. 141–145. Pergamon Press, Zurich (1992)

    Google Scholar 

  18. Cho, C.K.: Quality programming. In: Developing and testing software with statistical quality control, Wiley J. & Sons, Chichester (1987)

    Google Scholar 

  19. Clarke, E.M., Wing, J.M.: Formal methods: state-of-the-art and future directions. ACM Computing Surveys 28(4), 626–643 (1996)

    Article  Google Scholar 

  20. Craigen, D., Gerhart, S., Ralston, T.: An International Survey of Industrial Applications of Formal Methods, NIST report no. 93/626, p. 327

    Google Scholar 

  21. Cousot, P., Cousot, R.: Basic concepts of abstract interpretation, in Building the Information Society. In: Jacquart, R. (ed.) Proc. of the 18th IFIP World Computer Congress (WCC 2004), Toulouse, August 2004, pp. 359–366. Kluwer, Dordrecht (2004)

    Google Scholar 

  22. Delebarre, V., Gallardo, M., Juppeaux, E., Natkin, S.: Validation des constantes de sécurité du pilote automatique de METEOR (Validation of the safety parameters of the automatic pilot of METEOR). In: Proc. 12th Int. Conf. Software and Systems Engineering and Applications (ICSSEA 1999), December 1999, Paris, France, paper 13-4. (In French) (1999)

    Google Scholar 

  23. Dollé, B., Essamé, D., Falampin, J.: B dans le transport ferroviaire. l’expérience de Siemens Transportation Systems (B in railway transportation, the Siemens Transportation Systems experience). Technique et science informatiques, (In French) 22(1), 11–32 (1993)

    Google Scholar 

  24. Forin, P.: Vital coded processor: principles and applications. In: Proc. IFAC-GCCT, Paris, France, pp. 79–84 (1989)

    Google Scholar 

  25. Halbwachs, N., Caspi, P., Raymond, P., Pilaud, D.: The synchronous data flow programming language LUSTRE. Proceedings of the IEEE 79, 1305–1320 (1999)

    Article  Google Scholar 

  26. Hall, A.: Using formal methods to develop an ATC information system. IEEE Software 13(2), 66–76 (1996)

    Article  Google Scholar 

  27. Hamon, G., de Moura, L., Rushby, J.: Generating efficient test sets with a model checker. In: Proc. 2nd IEEE Int. Conf. on Software Engineering and Formal Methods (SEFM), Beijing, China, September 2004, pp. 261–270 (2004)

    Google Scholar 

  28. Hansen, K.M., Ravn, A.P., Stavridou, V.: From safety analysis to software requirements. IEEE Trans. on Software Engineering 24(7), 573–584 (1998)

    Article  Google Scholar 

  29. Hennebert, C., Guiho, G.: SACEM: a fault tolerant system for train speed control. In: Proc. 23rd IEEE Int. Symp. on Fault-Tolerant Computing (FTCS-23), Toulouse, France, June 1993, pp. 624–628 (1993)

    Google Scholar 

  30. Howden, W.E.: Functional program testing and analysis. Mc Graw Hill (1987)

    Google Scholar 

  31. Howden, W.E.: Good enough versus high assurance software testing and analysis methods. In: Proc. 3rd Int. Symp. on high Assurance Systems Engineering (HASE 1998), November 1996, pp. 166–175 (1996)

    Google Scholar 

  32. Hunns, D.M., Wainwright, N.: Software-based protection for Sizewell B: the regulator’s perspective. Nuclear Engineering International, 38–40 (September 1991)

    Google Scholar 

  33. Software for computers in the safety systems of nuclear power stations / Logiciel pour les calculateurs utilisés dans les systèmes de sûreté des centrales nucléaires, CEI 880 (1986)

    Google Scholar 

  34. Kantz, H., Koza, C.: The Elektra railway signalling system: field experience with an actively replicated system with diversity. In: Proc. 25th IEEE Int. Symp. on Fault-Tolerant Computing (FTCS-25), Pasadena, CA, USA, June 1995, pp. 453–458 (1995)

    Google Scholar 

  35. Knight, J.C., Leveson, N.G.: An experimental evaluation of the assumption of independence in multi-version programming. IEEE Trans. on Software Engineering 12(1), 96–109 (1986)

    Google Scholar 

  36. Laprie, J.C., Arlat, J., Beounes, C., Kanoun, K.: Definition and analysis of hardware-and-software fault-tolerant architectures. IEEE Computer, Special Issue on Fault-Tolerant Systems 23(7), 39–51 (1990)

    Google Scholar 

  37. Laprie, J.C.: For a Product-in-a-Process Approach to Software Reliability Evaluation. In: Proc. 3rd IEEE International Symposium on Software Reliability Engineering (ISSRE 1992), October 1992, pp. 134–139. Research Triangle Park (1992)

    Google Scholar 

  38. Laprie, J.C., Littlewood, B.: Quantitative assessment of safety-critical software: why and how? Communications of the ACM 35(2), 13–21 (1992)

    Article  Google Scholar 

  39. Ledang, H., Souquières, J.: Modeling class operations in B: application to UML behavorial diagrams. In: Proc. 16th Annual Int. Conf. on Auitomated Software Engineering (ASE 2001), November 2001, pp. 289–296 (2001)

    Google Scholar 

  40. The Swedish state railways experience with n-version programming. In: Redmill, F., Anderson, T. (eds.) Directions in Safety-Critical Systems, pp. 36–42. Springer, Heidelberg (1993)

    Google Scholar 

  41. Littlewood, B., Popov, P., Strigini, L.: Modeling software diversity — A review. ACM Computing Surveys 33(2), 177–208 (2001)

    Article  Google Scholar 

  42. Littlewood, B., Wright, D.: Some conservative stopping rules for the operational testing of safety-critical software. IEEE Trans. on Software Engineering 23(11), 673–683 (1997)

    Article  Google Scholar 

  43. Lutz, R.R.: Targeting safety-related errors during software requirements analysis. Journal of Systems and Software 34, 223–230 (1996)

    Article  Google Scholar 

  44. Nguyen, T., Ourghanlian, A.: Dependability assessment of safet-critical system software by static analysis methods. In: Proc. IEEE/IFIP 2003 Int. Symp. on Dependable Systems and Networks (DSN 2003), San Francisco, CA, USA, June 2003, pp. 75–79 (2003)

    Google Scholar 

  45. The Economic Impacts of Inadequate Infrastructure for Software Testing, NIST Planning Report 02-3 (May 2002)

    Google Scholar 

  46. Pilaud, E.: Some experiences of critical software development. In: Proc. 12th Int. Conf. on Software Engineering, Nice, France, March 1990, pp. 225–226 (1990)

    Google Scholar 

  47. Pilaud, D.: Vérification statique de programmes par interprétation abstraite: principes et expériences industrielles (Static verification of programmes by abstract interpretation: principles and industrial experience). In: Polyspace Technologies / Prod270999 (In French)

    Google Scholar 

  48. Potet, M.L.: Spécifications et développements structurés dans la méthode B (Structured specifications and development in B method). Technique et science informatiques (In French) 22(1), 62–88 (1993)

    Google Scholar 

  49. Profeta III, J.A., Andrianos, N.P., Yu, B., Johnson, B.W., DeLong, T.A., Guaspari, D., Jamsek, D.: Safety-critical systems built with COTS. Computer, 54–60 (November 1996)

    Google Scholar 

  50. Rauzy, A.: Modes automata and their compilation into fault trees. Reliability Engineering and System Safety 78(2), 1–12 (2002)

    Article  Google Scholar 

  51. Remus, L.: Methodology for software development of a digital integrated protection system. In: presented at the EWICS TC-7 meeting, Brussels, January 1982, p. 19 (1982)

    Google Scholar 

  52. Software considerations in airborne systems and equipment certification, DO-178-B/ED-12-B, Requirements and Technical Concepts for Aviation/European Organisation for Civil Aviation Equipment (1992)

    Google Scholar 

  53. Rushby, J.: Theorem proving for verification. In: Cassez, F., Jard, C., Rozoy, B., Dermot, M. (eds.) MOVEP 2000. LNCS, vol. 2067, Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  54. Rushby, J.: A practical introduction to formal methods. In: Workshop Utilisation of formal methods in dependable systems, IFIP 10.4, July 2001, Stenungsund, Sweden (2001), http://www.csl.sri.com/~rushby/slides/fmtutorial.pdf

  55. Shooman, M.L.: Avionics software problem occurrence rates. In: Proc. 7th Int. IEEE Symp. on Software Reliability Engineering (ISSRE 1996), White Plains, NY, USA, November 1996, pp. 55–64 (1996)

    Google Scholar 

  56. Schnoebelen, P. (coord.).: Vérification de logiciels — Techniques et outils du model-checking (Software verification – Model-checking techniques and tools), Vuibert (In French) (1999)

    Google Scholar 

  57. Snook, C., Butler, M.: U2B Manual, University of Southampton, Electronics and Computer Science http://www.soton.ac.uk/~cds/U2Bdownmoads/U2B_Manual.pdf

  58. Yeh, Y.C.: Dependability of the 777 primary flight control system. In: Iyer, R.K., Morganti, M., Fuchs, W.K., Gligor, V. (eds.) Dependable Computing for Critical Applications 5, pp. 3–18. IEEE Computer Society Press, Los Alamitos (1998)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LAAS-CNRS – Université de Toulouse, 7 avenue Colonel Roche, 31077 Toulouse, France

    Jean-Claude Laprie

Authors
  1. Jean-Claude Laprie
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Francesca Saglietti Norbert Oster

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Laprie, JC. (2007). Safety Demonstration and Software Development. In: Saglietti, F., Oster, N. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2007. Lecture Notes in Computer Science, vol 4680. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75101-4_29

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-75101-4_29

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-75100-7

  • Online ISBN: 978-3-540-75101-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics