High-Integrity System Specification and Design

  • Jonathan P. Bowen
  • Michael G. Hinchey

Table of contents

  1. Front Matter
    Pages i-xix
  2. Frederick P. Brooks Jr., David Harel
    Pages 1-51
  3. Ken Orr, Chris Gane, Edward Yourdon, Peter P. Chen, Larry L. Constantine, John R. Cameron
    Pages 53-125
  4. Anthony Hall, Jonathan P. Bowen, Michael G. Hinchey, Jeannette M. Wing, C. A. R. Hoare
    Pages 127-230
  5. Grady Booch, Robert G. Fichman, Chris F. Kemerer
    Pages 231-294
  6. C. A. R. Hoare, Leslie Lamport
    Pages 295-358
  7. Jonathan Ostroff, Susan Gerhart, Dan Craigen, Ted Ralston, Nancy G. Leveson, Jonathan Bowen et al.
    Pages 359-528
  8. Lesley Semmens, Robert France, Tom Docker
    Pages 529-555
  9. I. J. Hayes, C. B. Jones, Norbert E. Fuchs
    Pages 557-607
  10. Elliot J. Chikofsky, Burt L. Rubenstein, David Harel
    Pages 609-657
  11. Back Matter
    Pages 659-701

About this book


Errata, detected in Taylor's Logarithms. London: 4to, 1792. [sic] 14.18.3 6 Kk Co-sine of 3398 3298 - Nautical Almanac (1832) In the list of ERRATA detected in Taylor's Logarithms, for cos. 4° 18'3", read cos. 14° 18'2". - Nautical Almanac (1833) ERRATUM ofthe ERRATUM ofthe ERRATA of TAYLOR'S Logarithms. For cos. 4° 18'3", read cos. 14° 18' 3". - Nautical Almanac (1836) In the 1820s, an Englishman named Charles Babbage designed and partly built a calculating machine originally intended for use in deriving and printing logarithmic and other tables used in the shipping industry. At that time, such tables were often inaccurate, copied carelessly, and had been instrumental in causing a number of maritime disasters. Babbage's machine, called a 'Difference Engine' because it performed its cal­ culations using the principle of partial differences, was intended to substantially reduce the number of errors made by humans calculating the tables. Babbage had also designed (but never built) a forerunner of the modern printer, which would also reduce the number of errors admitted during the transcription of the results. Nowadays, a system implemented to perform the function of Babbage's engine would be classed as safety-critical. That is, the failure of the system to produce correct results could result in the loss of human life, mass destruction of property (in the form of ships and cargo) as well as financial losses and loss of competitive advantage for the shipping firm.


communication concurrency design development distributed systems formal methods formal specification language operating system safety-critical system simulation software engineering system system development system specification

Authors and affiliations

  • Jonathan P. Bowen
    • 1
  • Michael G. Hinchey
    • 2
  1. 1.Department of Computer ScienceUniversity of ReadingReading, BerkshireUK
  2. 2.Department of Computer Science, College of Information Science and TechnologyUniversity of Nebraska-OmahaOmahaUSA

Bibliographic information