Formal specification in collaborative design of critical software tools

Engineers use software tools to analyze designs for critical systems. Because important decisions are based on tool results, tools must provide valid modeling constructs, engineers must understand them to validate their models; and tools must be implemented without major error. Such tools thus demand careful conceptual and software design. One aspect of such design is the use of rigorous specification and design techniques. This paper contributes a case study on the use of such techniques in the collaborative development of a dynamic fault tree analysis tool. The collaboration involved software engineering researchers knowledgeable in software specification and design and reliability engineering researchers expert in fault tree analysis. Our work revealed conceptual and implementation errors in an earlier version of the tool. Our study supports the position that there is a need for rigorous software specification and design in developing novel analysis tools, and that collaboration between software engineers and domain experts is feasible and profitable