s and compressed postscript files are available via http://svrc.it.uq.edu.au Using CARE to Construct Verified Software Peter Lindsay David Hemer Abstract The CARE project investigated integration of wellunderstood formal development principles into an industrial organisation's software development methodology. The result was a method for construction and verification of programs from formal specifications, using libraries of preproven, formally specified components. Tools help the user build products by selecting and instantiating components to fit the problem at hand, and generating and discharging correctness-of-fit proof obligations. This paper illustrates the method on part of the development of a software module for logging events in a medical embedded device. Keywords formal methods, program development, software verification, refinement 1 1. Introduction 1.1. Motivation Formal specification techniques are currently being used in industry mainly to offer improved unders...

Component based software engineering (CBSE), can in principle lead to savings in the time and cost of software development, by encouraging software reuse. However the reality is that CBSE has not been widely adopted. From a technical perspective, the reason is largely due to the di#culty of locating suitable components in the library and adapting these components to meet the specific needs of the user.

Care provides a framework for construction and verification of programs, based around the recording of reusable design knowledge in parameterized templates. This paper shows how pattern-matching can be used to aid in the selection and application of design templates from a reusable library. A general framework is presented which is independent of the particular matching algorithm used at the level of mathematical expressions. A prototype has been built which supports a large subset of the Z mathematical language.

Safety critical systems usually have hard real-time requirements. However assuring that the real-time design aspects meet stringent correctness criteria presents practical difficulties to any project based on empirical testing. This is particularly so where the system design includes software. Formally specifying the system functions and timing requirements is an alternative and complementary means to achieving the level of assurance needed for certification of the system. Potential benefits of this approach are to significantly reduce the time required to test a system to a given level of assurance and also to provide a far deeper insight into the critical aspects of functionality which must be covered in the design phase. In the last few years, there have been a number of successful applications of using formal specification techniques in the aviation industry. These systems often need to be modified or upgraded on a regular basis, i.e. functionality and timing constraints may be altered, thus adding to the problems of managing the design and testing process. Therefore, the functional specifications need to be easily maintained and modified. In this paper, we are interested in applying formal object modelling techniques to specify scheduling requirements of the multi-parallel processes of an aircraft operational flight program (OFP). Our aim is not only to formalise the scheduling requirements for a particular aircraft, but more importantly, to demonstrate an incremental and extendible modelling approach.