2024-03-29T05:37:04Zhttps://ipsj.ixsq.nii.ac.jp/ej/?action=repository_oaipmhoai:ipsj.ixsq.nii.ac.jp:000133152022-10-21T05:24:51Z00581:00729:00732
A Formal Specification of Fault Trees for SAMA Formal Specification of Fault Trees for SAMeng論文http://id.nii.ac.jp/1001/00013315/Journal Articlehttps://ipsj.ixsq.nii.ac.jp/ej/?action=repository_action_common_download&item_id=13315&item_no=1&attribute_id=1&file_no=1Copyright (c) 1997 by the Information Processing Society of Japanソフトウェア工学Faculty of Information Sciences Hiroshima city UniversityDepartment of Computer Science University of YorkShaoying, LiuJohnA.McdermidWith the progress of research on formal methods formal specifications can now be employed as an effective technique for system development by professionals and practitioners in both academia and industry.In the ASAM☆☆ project (A Safety Argument Manager) we used Z to specify fault trees their consistency properties and various operations for a support system.Through our experience we find that (1) writing a formal specification is very effective in helping the specifiers identify problems eliminate the ambiguity and discover the real requirements for a desired software system from the users;(2) a formal specification may be precise in expression but may be imprecise for understanding;(3) formal specifications are defficult for engineers to understand so that the role of a formal specification for deriving an implementation is very limited.With the progress of research on formal methods,formal specifications can now be employed as an effective technique for system development by professionals and practitioners in both academia and industry.In the ASAM☆☆ project (A Safety Argument Manager),we used Z to specify fault trees,their consistency properties,and various operations for a support system.Through our experience,we find that (1) writing a formal specification is very effective in helping the specifiers identify problems,eliminate the ambiguity,and discover the real requirements for a desired software system from the users;(2) a formal specification may be precise in expression,but may be imprecise for understanding;(3) formal specifications are defficult for engineers to understand so that the role of a formal specification for deriving an implementation is very limited.AN00116647情報処理学会論文誌3810201420301997-10-151882-77642009-06-29