Abstract
The paper treats a safety-critical computing system as a component of a larger system which could cause or allow the overall system to enter into a hazardous state. It is argued that to gain a complete understanding of such systems, the requirements of the overall system and the properties of the environment must be analysed in a common formal framework. A system development model based on the separation of safety and mission issues is discussed. A formal model for the representation of the specifications produced during the analysis is presented. The semantics of the formal model are based on the notion of a system history. To overcome some of the problems associated with an unstructured specification the concept of a mode is introduced. To illustrate the strategy a simple example is presented.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
