A case study in developing complex safety critical systems

Safety-critical systems were traditionally monitored and controlled by mechanical or electronic devices. Today, this task has largely been taken over by software. However, the growing complexity and safety relevance of such software raises questions about the choice of adequate techniques and tools to be used in its construction and safety assessment. In this paper, we review a case study on the stepwise development of a distributed control program for a safety-critical technical production process. The case study, which slightly simplifies a real production situation, provides a patent example for a university course on software engineering for distributed technical systems. We emphasize the elicitation of adequate modeling ideas, the development of precise and alternative descriptions of system functions and safety requirements, and carry out a careful analysis of specifications and design solutions. We use a variety of techniques to address different aspects of the case study adequately. To reduce the potential for inconsistencies, we maintain a consistent naming scheme and rely on closely related variants of temporal logic formulas to systematically relate the results of requirements analysis and design activities