Skip to main content
SpringerLink
Log in

Background

  • Chapter
Using Event-B for Critical Device Software Systems

  • 617 Accesses

Abstract

Formal methods based system development is considered as a promising approach to develop the safe critical systems. This chapter discusses the standard safety life-cycle, traditional safety analysis techniques, traditional system engineering approach, standard design methodologies and safety standards that are used for developing the critical systems. Furthermore, we have given a list of successful industrial case studies based on formal techniques. Moreover, we discuss the role of medical device regulations. Finally, this chapter shows the usability of formal techniques for developing the critical systems and to motivate for developing a new methodology, and associated techniques and tool in the context of medical device development, which are covered in the remaining chapters.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://www.aldservice.com/en/safety/what-is-safety.html.

References

  1. Abdelmoez, W., Nassar, D. M., Shereshevsky, M., Gradetsky, N., Gunnalan, R., Ammar, H. H., et al. (2004). Error propagation in software architectures. In Proceedings, 10th international symposium on software metrics (pp. 384–393).

    Google Scholar 

  2. Abrial, J.-R. (1996). The B-book: Assigning programs to meanings. New York: Cambridge University Press.

    Book  MATH  Google Scholar 

  3. Abrial, J.-R. (2010). Modeling in Event-B: System and software engineering (1st ed.). New York: Cambridge University Press.

    Book  MATH  Google Scholar 

  4. Acuña, S. T., & Juristo, N. (2005). International series in software engineering. Software process modeling. Berlin: Springer.

    Book  Google Scholar 

  5. Archinoff, G. H., Hohendorf, R. J., Wassyng, A., Quigley, B., & Borsch, M. R. (1990). Verification of the shutdown system software at the Darlington nuclear generating station. Presented at the international conference on control instrumentation and nuclear installations, Glasgow.

    Google Scholar 

  6. Artigou, J. Y., & Monsuez, J. J. (2007). Cardiologie et maladies vasculaires. Paris: Elsevier Masson.

    Google Scholar 

  7. Bayes, B. V. N., de Luna, A., & Malik, M. (2006). The morphology of the electrocardiogram. In The ESC textbook of cardiovascular medicine (pp. 1–36). Oxford: Blackwell.

    Google Scholar 

  8. Bell, R., & Reinert, D. (1993). Risk and system integrity concepts for safety-related control systems. Microprocessors and Microsystems, 17, 3–15.

    Article  Google Scholar 

  9. Berry, G., Bouali, A., Fornari, X., Ledinot, E., Nassor, E., & de Simone, R. (2000). ESTEREL: A formal method applied to avionic software development. Science of Computer Programming, 36(1), 5–25.

    Article  Google Scholar 

  10. Bjørner, D., & Jones, C. B. (Eds.) (1978). The Vienna development method: The meta-language. London: Springer.

    MATH  Google Scholar 

  11. Blanc, L., & Dissoubray, S. (2000). Esterel methodology for complex system design. Microelectronic Engineering, 54(1–2), 163–170.

    Article  Google Scholar 

  12. Blanchard, B. S., & Fabrycky, W. J. (2006). Prentice Hall international series in industrial and systems engineering. Systems engineering and analysis. Upper Saddle River: Pearson Prentice Hall.

    Google Scholar 

  13. Bowen, J., & Stavridou, V. (1993). Safety-critical systems, formal methods and standards. Software Engineering Journal, 8(4), 189–209.

    Article  Google Scholar 

  14. Bozzano, M., & Villafiorita, A. (2010). Design and safety assessment of critical systems (1st ed.). Boston: Auerbach.

    Book  Google Scholar 

  15. Britt, J. J. (1994). Case study: Applying formal methods to the traffic alert and collision avoidance system (TCAS) II. In Ninth annual conference on computer assurance, COMPASS’94 (pp. 39–51).

    Google Scholar 

  16. Butler, M., & Yadav, D. (2007). An incremental development of the Mondex system in Event-B. Formal Aspects of Computing, 20(1), 61–77.

    Article  Google Scholar 

  17. Cai, K.-Y. (1996). Introduction to fuzzy reliability. Norwell: Kluwer Academic.

    Book  MATH  Google Scholar 

  18. CC. Common criteria. http://www.commoncriteriaportal.org/.

  19. CC (2009). Common criteria for information technology security evaluation, part 1: Introduction and general model. http://www.iec.ch/.

  20. CC (2009). Common criteria for information technology security evaluation, part 2: Security functional requirements. http://www.iec.ch/.

  21. CC (2009). Common criteria for information technology security evaluation, part 3: Security assurance components. http://www.iec.ch/.

  22. CDRH (2006). Safety of marketed medical devices. Center for Devices and Radiological Health, US FDA.

    Google Scholar 

  23. Clarke, E. M., & Wing, J. M. (1996). Formal methods: State of the art and future directions. ACM Computing Surveys, 28, 626–643.

    Article  Google Scholar 

  24. Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., et al. (2007). Combination of abstractions in the Astrée static analyzer. In Lecture notes in computer science. Proceedings of the 11th Asian computing science conference on advances in computer science: Secure software and related issues (pp. 272–300). Berlin: Springer.

    Google Scholar 

  25. Craigen, D., Gerhart, S., & Ralston, T. (1993). An international survey of industrial applications of formal methods. In J. P. Bowen & J. E. Nicholls (Eds.), Workshops in computing. Z user workshop, London, 1992 (pp. 1–5). London: Springer. ISBN 978-3-540-19818-5.

    Google Scholar 

  26. Crow, J., Owre, S., Rushby, J., Shankar, N., & Srivas, A. (1995). A tutorial introduction to PVS. Computer Science Laboratory, SRI International.

    Google Scholar 

  27. Cullyer, W. J. (1989). Implementing high integrity systems: The viper microprocessor. IEEE Aerospace and Electronic Systems Magazine, 4(6), 5–13.

    Article  Google Scholar 

  28. Cullyer, W. J., Goodenough, S. J., & Wichmann, B. A. (1991). The choice of computer languages for use in safety critical systems. Software Engineering Journal, 6, 51–58.

    Article  Google Scholar 

  29. Dobrica, L., & Niemelä, E. (2002). A survey on software architecture analysis methods. IEEE Transactions on Software Engineering, 28(7), 638–653.

    Article  Google Scholar 

  30. Draft defence standard 00-56 (1996). Safety management requirements for defence systems containing programmable electronics. Ministry of Defence, UK.

    Google Scholar 

  31. Eubanks, C. F., Kmenta, S., & Ishii, K. (1996). System behavior modeling as a basis for advanced failure modes and effects analysis. In Proceedings of the ASME design engineering technical conference. London: UCL Press.

    Google Scholar 

  32. Fankhauser, H. (2001). Safety functions versus control functions. In U. Voges (Ed.), Lecture notes in computer science: Vol. 2187. Computer safety, reliability and security (pp. 66–74). Berlin: Springer.

    Chapter  Google Scholar 

  33. FDA. Food and Drug Administration. http://www.fda.gov/.

  34. Fries, R. C. (2011). Handbook of medical device design. New York: Dekker.

    Google Scholar 

  35. Gall, H. (2008). Functional safety IEC 61508/IEC 61511 the impact to certification and the user. In Proceedings of the 2008 IEEE/ACS international conference on computer systems and applications, AICCSA’08 (pp. 1027–1031). Washington: IEEE Comput. Soc.

    Chapter  Google Scholar 

  36. Gibbs, W. W. (1994). Software’s chronic crisis. Scientific American, September.

    Google Scholar 

  37. Gordon, M. J. C. (1983). LCF-LSM: A system for specifying and verifying hardware. University of Cambridge Computer Laboratory.

    Google Scholar 

  38. Halbwachs, N., Caspi, P., Raymond, P., & Pilaud, D. (1991). The synchronous dataflow programming language Lustre. In Proceedings of the IEEE (pp. 1305–1320).

    Google Scholar 

  39. Hall, A. (1996). Using formal methods to develop an ATC information system. IEEE Software, 13(2), 66–76.

    Article  Google Scholar 

  40. Harel, D. (1987). Algorithmics: The spirit of computing. Boston: Addison-Wesley Longman.

    Google Scholar 

  41. Harrild, D. M., & Henriquez, C. S. (2000). A computer model of normal conduction in the human atria. Circulation Research, 87, 25–36.

    Article  Google Scholar 

  42. Hegde, V., & Raheja, D. (2010). Design for reliability in medical devices. In Reliability and maintainability symposium (RAMS), 2010 proceedings—annual (pp. 1–6).

    Chapter  Google Scholar 

  43. Heimdahl, M. P. E., & Leveson, N. G. (1996). Completeness and consistency in hierarchical state-based requirements. IEEE Transactions on Software Engineering, 22, 363–377.

    Article  Google Scholar 

  44. Hennebert, C., & Guiho, G. (1993). SACEM: A fault tolerant system for train speed control. In The twenty-third international symposium on fault-tolerant computing, FTCS-23 (pp. 624–628). Digest of papers.

    Chapter  Google Scholar 

  45. High Confidence Software and Systems Coordinating Group (2009). High-confidence medical devices: Cyber-physical systems for 21st century health care (Technical report). NITRD. http://www.nitrd.gov/About/MedDevice-FINAL1-web.pdf.

  46. Hiller, M., Jhumka, A., & Suri, N. (2001). An approach for analysing the propagation of data errors in software. In Proceedings of the 2001 international conference on dependable systems and networks (formerly: FTCS), DSN’01 (pp. 161–172). Washington: IEEE Comput. Soc.

    Google Scholar 

  47. Hinchey, M. G., & Bowen, J. P. (1995). Prentice Hall international series in computer science. Applications of formal methods. London: Prentice Hall.

    MATH  Google Scholar 

  48. Hokstad, P., & Corneliussen, K. (2004). Loss of safety assessment and the IEC 61508 standard. Reliability Engineering & Systems Safety, 83(1), 111–120.

    Article  Google Scholar 

  49. Houston, I., & King, S. (1991). CICS project report experiences and results from the use of Z in IBM. In S. Prehn & W. Toetenel (Eds.), Lecture notes in computer science: Vol. 551. VDM’91 formal software development methods (pp. 588–596). Berlin: Springer.

    Chapter  Google Scholar 

  50. IEC60513 (1994). International Electrotechnical Commission: Fundamental aspects of safety standards for medical electrical equipment. http://www.iec.ch/.

  51. IEC62304 (2006). International Electrotechnical Commission: Medical device software—software life-cycle processes. http://www.iec.ch/.

  52. IEC60513 (2007). International Electrotechnical Commission: Medical electrical equipment. http://www.iec.ch/.

  53. IEC61508 (2008). IEC functional safety and IEC 61508: Working draft on functional safety of electrical/electronic/programmable electronic safety-related systems. http://www.iec.ch/.

  54. IEEE-SA. IEEE Standards Association. http://standards.ieee.org/.

  55. IEEE Std. 1012-1998. IEEE standard for software verification and validation. http://standards.ieee.org/.

  56. IEEE Std. 1074-1997. IEEE standard for developing software life cycle processes. http://standards.ieee.org/.

  57. Imperial Chemical Industries Ltd., Chemical Industries Association, & Chemical Industry Safety and Health Council (1977). A guide to hazard and operability studies. London: Chemical Industry Safety and Health Council of the Chemical Industries Association.

    Google Scholar 

  58. ISO. International Organization for Standardization. http://www.iso.org/.

  59. ISO 13485. International Organization for Standardization: Medical devices—quality management systems—requirements for regulatory purposes. http://www.iso.org/.

  60. ISO 14971. International Organization for Standardization: Medical devices—application of risk management to medical devices. http://www.iso.org/.

  61. Jetley, R. P., Carlos, C., & Purushothaman Iyer, S. (2004). A case study on applying formal methods to medical devices: Computer-aided resuscitation algorithm. International Journal on Software Tools for Technology Transfer, 5(4), 320–330.

    Article  Google Scholar 

  62. Jetley, R., Purushothaman Iyer, S., & Jones, P. (2006). A formal methods approach to medical device review. Computer, 39(4), 61–67.

    Article  Google Scholar 

  63. Johnson, J. A. (2012). FDA regulation of medical devices. http://www.fas.org/sgp/crs/misc/R42130.pdf.

  64. Jones, C. B. (1990). Systematic software development using VDM (2nd ed.). Upper Saddle River: Prentice Hall.

    MATH  Google Scholar 

  65. Kaivola, R., Ghughal, R., Narasimhan, N., Telfer, A., Whittemore, J., Pandav, S., et al. (2009). Replacing testing with formal verification in Intel Coretm i7 processor execution engine validation. In Proceedings of the 21st international conference on computer aided verification, CAV’09 (pp. 414–429). Berlin: Springer.

    Chapter  Google Scholar 

  66. Kanholm, J. (2003). ISO 13485:2003 & FDA QSR, 21 CFR 820, quality manual: 34 procedures and forms. Los Angeles: AQA Press.

    Google Scholar 

  67. Kapur, K. C. (2007). Reliability and maintainability (pp. 1921–1955). New York: Wiley.

    Google Scholar 

  68. Keatley, K. L. (1999). A review of the FDA draft guidance document for software validation: Guidance for industry. Quality Assurance, 7(1), 49–55.

    Google Scholar 

  69. Khan, M. G. (2008). Rapid ECG interpretation. Clifton: Humana Press.

    Book  Google Scholar 

  70. Laprie, J. C. C., Avizienis, A., & Kopetz, H. (Eds.) (1992). Dependability: Basic concepts and terminology. Secaucus: Springer.

    MATH  Google Scholar 

  71. Lecomte, T., Servat, T., & Pouzancre, G. (2007). Formal methods in safety-critical railway systems. In 10th Brazilian symposium on formal methods, Ouro Preto (pp. 29–31).

    Google Scholar 

  72. Leveson, N. G. (1991). Software safety in embedded computer systems. Communications of the ACM, 34, 34–46.

    Article  Google Scholar 

  73. Leveson, N. G., & Harvey, P. R. (1983). Software fault tree analysis. The Journal of Systems and Software, 3(2), 173–181.

    Article  Google Scholar 

  74. Leveson, N. G., & Turner, C. S. (1993). An investigation of the Therac-25 accidents. Computer, 26, 18–41.

    Article  Google Scholar 

  75. Leveson, N. G., Heimdahl, M. P. E., Hildreth, H., & Reese, J. D. (1994). Requirements specification for process-control systems. IEEE Transactions on Software Engineering, 20(9), 684–707.

    Article  Google Scholar 

  76. Lions, J. L. (Chairman) (1996). Ariane 5 flight 501 failure: Report by the inquiry board (Technical report). Paris: European Space Agency.

    Google Scholar 

  77. Lyu, M. R. (Ed.) (1996). Handbook of software reliability engineering. Hightstown: McGraw-Hill.

    Google Scholar 

  78. Macedo, H. D., Larsen, P. G., & Fitzgerald, J. (2008). Incremental development of a distributed real-time model of a cardiac pacing system using VDM. In Lecture notes in computer science. Proceedings of the 15th international symposium on formal methods, FM’08 (pp. 181–197). Berlin: Springer.

    Google Scholar 

  79. Main Commission (1994). Report on the accident to Airbus A320-211 aircraft in Warsaw on 14 September 1993 (Technical report). Warsaw: Aircraft Accident Investigation.

    Google Scholar 

  80. Marciniak, J. J. (2002). Encyclopedia of software engineering (2nd ed.). New York: Wiley.

    Book  Google Scholar 

  81. McDermid, J. A. (2002). Software hazard and safety analysis. In Proceedings of the 7th international symposium on formal techniques in real-time and fault-tolerant systems, FTRTFT’02 (pp. 23–36). London: Springer. Co-sponsored by IFIP WG 2.2.

    Chapter  Google Scholar 

  82. McDermid, H. C., Forder, J., & Storrs, G. (1993). Sam—a tool to support the construction, review and evolution of safety arguments. In Directions in safety-critical systems (pp. 195–216). London: Springer.

    Google Scholar 

  83. MIL-STD-882C (1993). System safety program requirements. US DoD. http://www.system-safety.org/.

  84. Miller, S. P., & Srivas, M. (1995). Formal verification of the AAMP5 microprocessor: A case study in the industrial use of formal methods. In Proceedings, Workshop on industrial-strength formal specification techniques (pp. 2–16).

    Chapter  Google Scholar 

  85. Milner, R. (1982). A calculus of communicating systems. Secaucus: Springer.

    Google Scholar 

  86. NASA Technical Team (2004). NASA software safety guidebook (Technical report). NASA Technical Standard.

    Google Scholar 

  87. Neumann, P. (1995). Safeware: System safety and computers. Software Engineering Notes, 20, 90–91.

    Article  Google Scholar 

  88. Overture. Overture: Formal modelling in VDM. http://www.overturetool.org/.

  89. Parnas, D. L. (1972). On the criteria to be used in decomposing systems into modules. Communications of the ACM, 15, 1053–1058.

    Article  Google Scholar 

  90. Paulk, M. C. (1995). The SEI series in software engineering. The capability maturity model: Guidelines for improving the software process. Reading: Addison-Wesley.

    Google Scholar 

  91. Price, D. (1995). Pentium FDIV flaw-lessons learned. IEEE MICRO, 15(2), 86–88.

    Article  Google Scholar 

  92. Redmill, M. C. F., & Catmur, J. (1999). System safety: HAZOP and software HAZOP (1st ed.). Chichester: Wiley.

    Google Scholar 

  93. Register, O. F. (1999). Code of federal regulations. Guidance for industry and FDA: Regulation of medical devices: Background information for international officials.

    Google Scholar 

  94. Register, O. F. (2011). Code of federal regulations. Title 21, Food and drugs, Pt. 1-99 (p. 511). Revised as of April 1, 2011. US Independent Agencies and Commissions. ISBN 9780160883941.

    Google Scholar 

  95. Rouse, W. B., & Compton, W. D. (2009). Systems engineering and management. Information, Knowledge, Systems Management, 8(1–4), 231–240.

    Google Scholar 

  96. RTCA (1992). Do-178B, software considerations in airborne systems and equipment certification. Committee: SC-167. http://www.rtca.org/.

  97. Rushby, J. (1995). Formal methods and their role in the certification of critical systems (Technical report). Safety and reliability of software based systems (twelfth annual CSR workshop).

    Google Scholar 

  98. Schumann, J. M. (2001). Automated theorem proving in software engineering. New York: Springer.

    Book  Google Scholar 

  99. Sommerville, I. (1995). Software engineering (5th ed.). Redwood City: Addison-Wesley Longman.

    Google Scholar 

  100. Stepney, S., Cooper, D., & Woodcock, J. (2000). An electronic purse: Specification, refinement, and proof (Technical monograph PRG-126). Oxford University Computing Laboratory Programming Research Group.

    Google Scholar 

  101. Tekinerdogan, B., Sozer, H., & Aksit, M. (2008). Software architecture reliability analysis using failure scenarios. The Journal of Systems and Software, 81(4), 558–575.

    Article  Google Scholar 

  102. Thomas, M. (1993). The industrial use of formal methods. Microprocessors and Microsystems, 17, 31–36.

    Article  Google Scholar 

  103. Trafford, P. J. (1997). The use of formal methods for safety-critical system. PhD thesis, Kingston University.

    Google Scholar 

  104. Tretmans, J., Wijbrans, K., & Chaudron, M. R. V. (2001). Software engineering with formal methods: The development of a storm surge barrier control system revisiting seven myths of formal methods. Formal Methods in System Design, 19(2), 195–215.

    Article  MATH  Google Scholar 

  105. Voas, J. (1997). Error propagation analysis for cots systems. Computing and Control Engineering Journal, 8(6), 269–272.

    Article  Google Scholar 

  106. von Neumann, J. (1966). Theory of self-reproducing automata. Chicago: University of Illinois Press. A. W. Burks (Ed.).

    Google Scholar 

  107. Wassyng, A., & Lawford, M. (2003). Lessons learned from a successful implementation of formal methods in an industrial project. In K. Araki, S. Gnesi, & D. Mandrioli (Eds.), Lecture notes in computer science: Vol. 2805. FME 2003: Formal methods (pp. 133–153). Berlin: Springer.

    Chapter  Google Scholar 

  108. Wichmann, B. A., & British Computer Society (1992). Software in safety-related systems (Special report). BCS.

    Google Scholar 

  109. Wilkinson, P. J., & Kelly, T. P. (1998). Functional hazard analysis for highly integrated aerospace systems. In Certification of ground/air systems seminar (pp. 4–146). New York: IEEE. Ref. No. 1998/255.

    Chapter  Google Scholar 

  110. Wizemann, T. (Ed.) (2010). Public health effectiveness of the FDA 510(k) clearance process: Balancing patient safety and innovation: Workshop report. Washington: National Academies Press.

    Google Scholar 

  111. Woodcock, J., & Banach, R. (2007). The verification grand challenge. Journal of Universal Computer Science, 13(5), 661–668.

    Google Scholar 

  112. Woodcock, J., Stepney, S., Cooper, D., Clark, J. A., & Jacob, J. (2008). The certification of the Mondex electronic purse to ITSEC level E6. Formal Aspects of Computing, 20(1), 5–19.

    Article  Google Scholar 

  113. Woodcock, J., Larsen, P. G., Bicarregui, J., & Fitzgerald, J. (2009). Formal methods: Practice and experience. ACM Computing Surveys, 41, 19:1–19:36.

    Article  Google Scholar 

  114. Xu, H., & Maibaum, T. (2012). An Event-B approach to timing issues applied to the generic insulin infusion pump. In Z. Liu & A. Wassyng (Eds.), Lecture notes in computer science: Vol. 7151. Foundations of health informatics engineering and systems (pp. 160–176). Berlin: Springer.

    Chapter  Google Scholar 

  115. Zhang, Y., Jones, P. L., & Jetley, R. (2010). A hazard analysis for a generic insulin infusion pump. Journal of Diabetes Science and Technology, 4(2), 263–283.

    Google Scholar 

  116. Zio, E. (2009). Reliability engineering: Old problems and new challenges. Reliability Engineering & Systems Safety, 94(2), 125–141.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computing and Software, McMaster University, Hamilton, Ontario, Canada

    Neeraj Kumar Singh

Authors
  1. Neeraj Kumar Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag London

About this chapter

Cite this chapter

Singh, N.K. (2013). Background. In: Using Event-B for Critical Device Software Systems. Springer, London. https://doi.org/10.1007/978-1-4471-5260-6_2

Download citation

  • DOI: https://doi.org/10.1007/978-1-4471-5260-6_2

  • Publisher Name: Springer, London

  • Print ISBN: 978-1-4471-5259-0

  • Online ISBN: 978-1-4471-5260-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation