Abstract
This paper presents a formal specification in the Z notation for a safety-critical control system. It describes a particular medical device but is quite generic and should be widely applicable. The specification emphasizes safety interlocking and other discontinuous features that are not considered in classical control theory. A method for calculating interlock conditions for particular operations from system safety assertions is proposed; it is similar to ordinary Z precondition calculation, but usually results in stronger pre-conditions. The specification is presented as a partially complete framework that can be edited and filled in with the specific features of a particular control system. Our system is large but the specification is concise. It is built up from components, subsystems, conditions and modes that are developed separately, but also accounts for behaviors that emerge at the system level. The specification illustrates several useful idioms of the Z notation, and demonstrates that an object-oriented specification style can be expressed in ordinary Z.
This is a preview of subscription content, log in via an institution.
Preview
Unable to display preview. Download preview PDF.
References
Dan Craigen. FM89: Assessment of formal methods for trustworthy computer systems. In 12th International Conference on Software Engineering Proceedings, pages 233–235, IEEE Computer Society, 1990.
Gene F. Franklin, J. David Powell, and Abbas Emami-Naeini. Feedback Control of Dynamic Systems. Addison-Wesley, second edition, 1991.
David Garlan and Norman Delisle. Formal specifications as reusable frameworks. In D. Bjorner, C. A. R. Hoare, and H. Langmaack, editors, VDM '90: VDM and Z — Formal Methods in Software Development, pages 150–163, Third International Symposium of VDM Europe, Springer-Verlag, Kiel, FRG, April 1990. Lecture Notes in Computer Science number 428.
K.L. Heninger. Specifying software requirements for complex systems: new techniques and their application. IEEE Transactions on Software Engineering, SE-6(1):2–13, 1980.
Jonathan Jacky. Formal Specification and Development of Control System Input/Output. Technical Report 92-05-02, Radiation Oncology Department, University of Washington, Seattle, WA, May 1992.
Jonathan Jacky. Formal specifications for a clinical cyclotron control system. In Mark Moriconi, editor, Proceedings of the ACM SIGSOFT International Workshop on Formal Methods in Software Development, pages 45–54, Napa, California, USA, May 9–11 1990. (also in ACM Software Engineering Notes, 15(4), Sept. 1990).
Jonathan Jacky, Ruedi Risler, Ira Kalet, and Peter Wootton. Clinical Neutron Therapy System, Control System Specification, Part I: System Overview and Hardware Organization. Technical Report 90-12-01, Radiation Oncology Department, University of Washington, Seattle, WA, December 1990.
Jonathan Jacky, Ruedi Risler, Ira Kalet, Peter Wootton, and Stan Brossard. Clinical Neutron Therapy System, Control System Specification, Part II: User Operations. Technical Report 92-05-01, Radiation Oncology Department, University of Washington, Seattle, WA, May 1992.
Matthew S. Jaffe, Nancy G. Leveson, Mats P. E. Heimdahl, and Bonnie E. Melhart. Software requirements analysis for real-time process control systems. IEEE Transactions on Software Engineering, 17(3):241–258, March 1991.
Ruaridh Macdonald. Z Usage and Abusage. Technical Report 91003, Royal Signals and Radar Establishment, St. Andrews Road, Malvern, Worcestershire, WR14 3PS, February 1991.
Carroll Morgan and Bernard Sufrin. Specification of the UNIX file system. IEEE Transactions on Software Engineering, SE-10(2):128–142, March 1984.
David Lorge Parnas and Jan Madey. Functional Documentation for Computer Systems Engineering (Version 2). Technical Report, Telecommunications Research Institute of Ontario (TRIO), McMaster University, Hamilton, Ontario, L8S 4K1, September 1991. CRL Report No. 237.
Ben Potter, Jane Sinclair, and David Till. An Introduction to Formal Specification and Z. Prentice Hall International (UK) Ltd, Hemel Hempstead, Hertfordshire, 1991.
Ruedi Risler, Jüri Eenmaa, Jonathan P. Jacky, Ira J. Kalet, Peter Wootton, and S. Lindbaeck. Installation of the cyclotron based clinical neutron therapy system in Seattle. In Proceedings of the Tenth International Conference on Cyclotrons and their Applications, pages 428–430, IEEE, East Lansing, Michigan, May 1984.
J. M. Spivey. The Z Notation: A Reference Manual. Prentice-Hall, New York, 1989.
Susan Stepney, Rosalind Barden, and David Cooper. A survey of object orientation in Z. Software Engineering Journal, 7(2):150–160, March 1992.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1993 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jacky, J. (1993). Specifying a safety-critical control system in Z. In: Woodcock, J.C.P., Larsen, P.G. (eds) FME '93: Industrial-Strength Formal Methods. FME 1993. Lecture Notes in Computer Science, vol 670. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0024658
Download citation
DOI: https://doi.org/10.1007/BFb0024658
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-56662-5
Online ISBN: 978-3-540-47623-8
eBook Packages: Springer Book Archive