Skip to main content
SpringerLink
Log in

Experience with Z developing a control program for a radiation therapy machine

  • Conference paper
  • First Online:
ZUM '97: The Z Formal Specification Notation (ZUM 1997)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1212))

Included in the following conference series:

Abstract

We are developing a control program for a unique radiation therapy machine. The program is safety-critical, executes several concurrent tasks, and must meet real-time deadlines. Development employs both formal and traditional methods: we produce an informal specification in prose (supplemented by tables, diagrams and a few formulas) and a formal description in Z. The Z description includes an abstract level that expresses overall safety requirements and a concrete level that serves as a detailed design, where Z paragraphs correspond to data structures, functions and procedures in the code. We validate the Z texts against the prose specification by inspection. We derive most of the code from the Z texts by intuition and verify it by inspection but a small amount of code is derived and verified more formally. We have produced about 250 pages of informal specification and design description, about 1200 lines of Z and about 6000 lines of code. Experiences developing a large Z specification and writing the program are reported, and some errors we discovered and corrected are described.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Richard J. Anderson, Paul Beame, Steve Burns, William Chan, Francesmary Modugno, David Notkin, and Jon Reese. Model checking large software specifications. In David Garlan, editor, SIGSOFT '96: Proceedings of the Fourth ACM SIGSOFT Symposium on the Foundations of Software Engineering, pages 156–166, 1996. (also published as ACM Software Engineering Notes 21(6), Nov. 1996).

    Google Scholar 

  2. Joanne M. Atlee and John Gannon. State-based model checking of event-driven system requirements. IEEE Transactions on Software Engineering, 19(1):24–40, January 1993.

    Google Scholar 

  3. L. R. Dalesio, M. R. Kraimer, and A. J. Kozubal. EPICS architecture. In C. O. Pak, S. Kurokawa, and T. Katoh, editors, Proceedings of the International Conference on Accelerator and Large Experimental Physics Control Systems, pages 278–282, 1991. ICALEPCS, KEK, Tsukuba, Japan.

    Google Scholar 

  4. Andy S. Evans. Specifying and verifying concurrent systems using Z. In Maurice Naftalin, Tim Denvir, and Miquel Bertran, editors, FME '94: Industrial Benefit of Formal Methods, pages 366–380. Springer-Verlag, 1994. (Lecture Notes in Computer Science number 873).

    Google Scholar 

  5. Jonathan Jacky. Formal specifications for a clinical cyclotron control system. In Mark Moriconi, editor, Proceedings of the ACM SIGSOFT International Workshop on Formal Methods in Software Development, pages 45–54, Napa, California, USA, May 9–11 1990. (Also in ACM Software Engineering Notes, 15(4), Sept. 1990).

    Google Scholar 

  6. Jonathan Jacky. Formal specification and development of control system input/output. In J. P. Bowen and J. E. Nicholls, editors, Z User Workshop, London 1992, pages 95–108. Proceedings of the Seventh Annual Z User Meeting, Springer-Verlag, Workshops in Computing Series, 1993.

    Google Scholar 

  7. Jonathan Jacky. Specifying a safety-critical control system in Z. IEEE Transactions on Software Engineering, 21(2):99–106, 1995.

    Google Scholar 

  8. Jonathan Jacky. The Way of Z: Practical Programming with Formal Methods. Cambridge University Press, 1997.

    Google Scholar 

  9. Jonathan Jacky and Michael Patrick. Modelling, checking, and implementing a control program for a radiation therapy machine. In Daniel Jackson, editor, AAS '97: First ACM SIGPLAN Workshop on Automated Analysis of Software, 1997. (in press).

    Google Scholar 

  10. Jonathan Jacky, Michael Patrick, and Ruedi Risler. Clinical neutron therapy system, control system specification, Part III: Therapy console internals. Technical Report 95-08-03, Radiation Oncology Department, University of Washington, Seattle, WA, August 1995.

    Google Scholar 

  11. Jonathan Jacky, Michael Patrick, and Jonathan Unger. Formal specification of control software for a radiation therapy machine. Technical Report 95-12-01, Radiation Oncology Department, University of Washington, Seattle, WA, December 1995.

    Google Scholar 

  12. Jonathan Jacky, Ruedi Risler, Ira Kalet, and Peter Wootton. Clinical neutron therapy system, control system specification, Part I: System overview and hardware organization. Technical Report 90-12-01, Radiation Oncology Department, University of Washington, Seattle, WA, December 1990.

    Google Scholar 

  13. Jonathan Jacky, Ruedi Risler, Ira Kalet, Peter Wootton, and Stan Brossard. Clinical neutron therapy system, control system specification, Part II: User operations. Technical Report 92-05-01, Radiation Oncology Department, University of Washington, Seattle, WA, May 1992.

    Google Scholar 

  14. Jonathan Jacky and Jonathan Unger. From Z to code: A graphical user interface for a radiation therapy machine. In J. P. Bowen and M. G. Hinchey, editors, ZUM '95: The Z Formal Specification Notation, pages 315–333. Ninth International Conference of Z Users, Springer-Verlag, 1995. Lecture Notes in Computer Science 967.

    Google Scholar 

  15. Jonathan Jacky, Jonathan Unger, and Michael Patrick. CNTS implementation. Technical Report 96-04-01, Department of Radiation Oncology, University of Washington, Box 356043, Seattle, Washington 98195-6043, USA, April 1996.

    Google Scholar 

  16. Jonathan Jacky and Cheryl P. White. Testing a 3-D radiation therapy planning program. International Journal of Radiation Oncology, Biology and Physics, 18:253–261, January 1990.

    Google Scholar 

  17. Irwin Meisels and Mark Saaltink. The Z/EVES reference manual. Technical Report TR-95-5493-03, ORA Canada, 267 Richmond Road, Suite 100, Ottawa, Ontario K1Z 6X3 Canada, December 1995.

    Google Scholar 

  18. Ruedi Risler, Jüri Eenmaa, Jonathan P. Jacky, Ira J. Kalet, Peter Wootton, and S. Lindbaeck. Installation of the cyclotron based clinical neutron therapy system in Seattle. In Proceedings of the Tenth International Conference on Cyclotrons and their Applications, pages 428–430, East Lansing, Michigan, May 1984. IEEE.

    Google Scholar 

  19. J. M. Spivey. The Fuzz Manual. J. M. Spivey Computing Science Consultancy, Oxford, second edition, July 1992.

    Google Scholar 

  20. J. M. Spivey. The Z Notation: A Reference Manual. Prentice-Hall, New York, second edition, 1992.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Radiation Oncology, University of Washington, Box 356043, 98195-6043, Seattle, WA

    Jonathan Jacky, Jonathan Unger, Michael Patrick, David Reid & Ruedi Risler

Authors
  1. Jonathan Jacky
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jonathan Unger
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michael Patrick
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. David Reid
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ruedi Risler
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Jonathan P. Bowen Michael G. Hinchey David Till

Rights and permissions

Reprints and permissions

Copyright information

© 1997 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jacky, J., Unger, J., Patrick, M., Reid, D., Risler, R. (1997). Experience with Z developing a control program for a radiation therapy machine. In: Bowen, J.P., Hinchey, M.G., Till, D. (eds) ZUM '97: The Z Formal Specification Notation. ZUM 1997. Lecture Notes in Computer Science, vol 1212. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0027295

Download citation

  • DOI: https://doi.org/10.1007/BFb0027295

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-62717-3

  • Online ISBN: 978-3-540-68490-9

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation