Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Civil Engineering

Industrial Experience with SPARK PDF icon / 233k PDF Author

advertisement 
Industrial Experience with SPARK PDF icon / 233k PDF
Author: Roderick Chapman [published for SIGAda 00, Laurel, MD, USA].
Nov 2000
Abstract...
This paper considers a number of large, real-world projects that are using SPARK – an annotated
sublanguage of Ada that is appropriate for the development of high-integrity systems.
Three projects are considered in some detail where SPARK has made a contribution to meeting
the most stringent software engineering standards. The projects are the Ship/Helicopter
Operational Limits Instrumentation System (UK Interim Defence Standard 00-55), the MULTOS
CA (a high-security system developed to the standards of ITSEC level E6), and the Lockheed C130J
Mission Computer (DO-178B Level A). A less successful project is also described. The lessons
learnt from these projects show that SPARK offers a cost-effective approach for the construction
of high-integrity software when it is deployed judiciously within an appropriate software
development process.
Is Proof More Cost Effective than Testing? PDF icon / 656k PDF
Authors: Steve King, Jonathan Hammond, Rod Chapman and Andy Pryor [IEEE Transactions on
Software Engineering, Vol 26, no 8].
Abstract...
This paper describes the use of formal development methods on an industrial safety-critical
application. The Z notation was used for documenting the system specification and part of the
design, and the SPARK 1 subset of Ada was used for coding. However, perhaps the most
distinctive nature of the project lies in the amount of proof that was carried out: proofs were
carried out both at the Z level – approximately 150 proofs in 500 pages – and at the SPARK code
level – approximately9,000 verification conditions generated – and discharged. The project was
carried out under UK Interim Defence Standards 00-55 and 00-56, which require the use of
formal methods on safety-critical applications. It is believed to be the first to be completed
against the rigorous demands of the 1991 version of these standards.
The paper includes comparisons of proof with the various types of testing employed, in terms of
their efficiency at finding faults. The most striking result is that the Z proof appears to be
substantially more efficient at finding faults than the most efficient testing phase. Given the
importance of early fault detection, we believe this helps to show the significant benefit and
practicality of large-scale proof on projects of this kind.
Nov 2000
Related documents
‘My research journey started with a
‘My research journey started with a
ch 3 Enhance the Curriculum with Materials wout all pictures
ch 3 Enhance the Curriculum with Materials wout all pictures
Ignition System Diagnostics Reading A Scope Pattern
Ignition System Diagnostics Reading A Scope Pattern
zaharia
zaharia
20140511StatusOfDarkCurrentMeas_V2 - Indico
20140511StatusOfDarkCurrentMeas_V2 - Indico
Spark 101 Burning House ES Sci TEKS Lesson Plan
Spark 101 Burning House ES Sci TEKS Lesson Plan
Slides PDF - Spark Summit
Slides PDF - Spark Summit
Spark 101 Burning House HS Science Lesson Plan
Spark 101 Burning House HS Science Lesson Plan
How to gap spark plugs
How to gap spark plugs
Spark 101 Physics of Exploding Car TEKS HS Science Lesson Plan
Spark 101 Physics of Exploding Car TEKS HS Science Lesson Plan
Acceleration due to Gravity
Acceleration due to Gravity
Hydrogen Nickname
Hydrogen Nickname
Download
advertisement