Abstract
Keywords:
automatic subways, formal specification, safety critical software, arithmetic coding
Abstract:
Siemens Transportation Systems has been developing mass transit systems for 30 years and for more than 10 years it has used the B formal method to develop and validate its safety critical software. With B, the software is derived stepwise from an abstract mathematical specification and formal proof ensures that each intermediate step is equivalent to the previous one. With the Vital Coded Processor, any run time error caused either by a compiler error or a hardware failure is detected and the unit is set in a safe state. A high level of productivity is achieved through the use of a tool that derives semi-automatically the code from the formal specification.