Swipe to navigate through the chapters of this book
This chapter discusses formal methods, which consist of a set of mathematic techniques that provide an extra level of confidence in the correctness of the software. They consist of a formal specification language, and employ a collection of tools to support the syntax checking of the specification, as well as the proof of properties of the specification. They allow questions to be asked about what the system does independently of the implementation, and they may be employed to formally state the requirements of the proposed system, and to derive a program from its mathematical specification. They may be employed to provide a rigorous proof that the implemented program satisfies its specification, and they have been applied mainly to the safety critical field.
Please log in to get access to this content
To get access to this content you need the following product:
It is debatable whether step-wise refinement is cost effective in mainstream software engineering, as it involves re-writing a specification ad nauseam. It is time-consuming, as significant time is required to prove that each refinement step is valid.
We mentioned the serious problems with the Therac-25 radiotherapy machine in Chap. 17.
A comprehensive disclaimer of responsibility for problems (rather than a guarantee of quality) accompany most software products, and so the legal aspects of licensing software may protect software companies from litigation. However, greater legal protection for the customer can be built into the contract between the supplier and the customer for bespoke-software development.
The U.K. Defence Standards 0055 and 0056 have been revised in recent years to be less prescriptive on the use of formal methods.
However, the resulting software was never actually deployed on the A-7 aircraft.
This was an impressive use of mathematical techniques and it has been acknowledged that formal methods must play an important role in future developments at Darlington. However, given the time and cost involved in the software inspection of the shutdown software some managers have less enthusiasm in shifting from hardware to software controllers [ 7].
The IFAD Toolbox has been renamed to VDMTools as IFAD sold the VDM Tools to CSK in Japan.
Many existing theorem provers are difficult to use and are for specialist use only. There is a need to improve their usability.
This verification was controversial with RSRE and Charter overselling VIPER as a chip design that conforms to its formal specification.
This position is controversial with others arguing that if correctness is defined mathematically then the mathematical definition (i.e. formal specification) is a theorem, and the task is to prove that the program satisfies the theorem. They argue that the proofs for non-trivial programs exist, and that the reason why there are not many examples of such proofs is due to a lack of mathematical specifications.
The VDM Tools are now available from the CSK Group in Japan.
The domain in which the software is being used will influence the willingness or otherwise of the customers to become familiar with the mathematics required. There is very little interest from customers in mainstream software engineering, and the perception is that formal methods are difficult to use. However, in some domains such as the regulated sector there is a greater willingness of customers to become familiar with the mathematical notation.
The author?s experience is that most customers have a very limited interest in using mathematics.
Mathematics that is potentially useful to software engineers was discussed in Chap. 17.
The Z Notation. A Reference Manual. J.M. Spivey. Prentice Hall. International Series in Computer Science. 1992.
Rational for the development of the U.K. Defence Standards for Safety Critical software. M.J.D Brown. Compass Conference. 1990.
Applications of Formal Methods. Edited by Michael Hinchey and Jonathan Bowen. Prentice Hall International Series in Computer Science. 1995.
00-55 (Part 1)/ Issue 1. The Procurement of Safety Critical Software in Defence Equipment. Part 1: Requirements. Ministry of Defence. Interim Defence Standard. UK. 1991.
00-55 (Part 2)/ Issue 1. The Procurement of Safety Critical Software in Defence Equipment. Part 2: Guidance. Ministry of Defence. Interim Defence Standard. UK. 1991.
The Evolution of Def Stan 00-55 and 00-56. An intensification of the formal methods debate in the UK. Margaret Tierney. Research Centre for Social Sciences. University of Edinburgh. 1991.
Experience with Formal Methods in Critical Systems. Susan Gerhart, Dan Craighen and Ted Ralston. IEEE Software. January 1994.
The Structure of Scientific Revolutions. Thomas Kuhn. University of Chicago Press. 1970.
Mathematical Approaches to Software Quality. Gerard O? Regan.Springer. 2006.
The Vienna Development Method. The Meta language. Dines Bjørner and Cliff Jones. Lecture Notes in Computer Science (61). Springer Verlag. 1978.
Formal Specification and Software Development. Dines Bjørner and Cliff Jones. Prentice Hall International Series in Computer Science. 1982.
Computation Models and Computing. PhD Thesis. Mícheál Mac An Airchinnigh. Dept. of Computer Science. Trinity College Dublin.
How to Solve It. A New Aspect of Mathematical Method. Georges Polya. Princeton University Press. 1957.
Proof and Refutations. The Logic of Mathematical Discovery. Imre Lakatos. Cambridge University Press. 1976.
MSc. Thesis. Eoin McDonnell. Dept. of Computer Science. Trinity College Dublin. 1994.
The Science of Programming. David Gries. Springer Verlag. Berlin. 1981.
A Disciple of Programming. E.W. Dijkstra. Prentice Hall. 1976.
Communicating Sequential Processes. C.A.R. Hoare. Prentice Hall International Series in Computer Science. 1985.
A Calculus of Mobile Processes. Part 1. Robin Milner et al. LFCS Report Series. ECS-LFCS-89-85. Department of Computer Science. University of Edinburgh.
A Personal View of Formal Methods. B.A. Wichmann. National Physical Laboratory. March 2000.
On the Criteria to be used in Decomposing Systems into Modules. David Parnas. Communications of the ACM, 15(12). 1972.
- Formal Methods
- Springer International Publishing
- Sequence number
- Chapter number
- Chapter 18