| The software in a safety critical system has the potential to cause loss of life, loss of property/money, or environmental disaster. Researchers have found that most safety-critical errors are introduced in the requirements, rather than the design and implementation stages of development. These errors are conceptual in nature and reflect misunderstandings about the intended operation of the system or the system's environment. Furthermore, requirements for safety critical systems can be difficult to express: the software must interact with a variety of analog and digital components and be able to detect and recover from error conditions in the environment. To compound the problems, a requirements specification goes through many changes before it is completed—these changing requirements are a major cost driver in industrial projects.; A mathematically precise, or formal, specification of the requirements provides an unambiguous representation; therefore, use of a formal specification language to model the requirements promises to improve the quality of (and thus, assurance in) the requirements. Nevertheless, formal specifications are costly to develop and little research has been conducted on structuring formal requirements specifications. In most cases, there is a lack of a clear methodology for specification development. Ideally, such specifications would be easy to maintain and reuse, particularly in light of the fact the many companies build families of related systems. Unfortunately, this is beyond the current state-of-the-art and is a critical barrier to industrial acceptance of these techniques.; To address these concerns, this dissertation makes three key contributions. First, we have extended the state-of-the-art in expressing the structure of product families. Second, we have defined a methodology for creating formal specifications of safety-critical process-control systems that includes the overall process for creating the specifications as well as techniques directed specifically at reuse. Finally, a module construct designed to support the methodology and product family structuring has been added to the formal specification language RSML−e. |
