Development Life-cycle of Critical Software Under FoCaL

Before their installation, critical systems must be assessed by an independent authority, who ensures that software components are really compliant with a set of requirements described in standards. Such standards describe the framework and the rules to be strictly followed along the development process. Moreover high levels of safety highly recommand the use of formal methods. In this paper, we examine how the FoCaL development environment can help to fulfil these requirements and to ease assessment. This tool aims to help all stages of critical software development, at least when formal methods are required (step-by-step specification and implementation, properties expressed by first-order formulae, proofs helped by automatic tool). Upon our experience as either software safety assessor or researchers in software engineering and formal methods, we propose a development life cycle adapted to the FoCaL specificity and compliant with independent assessment requirements, through a complete example. We show how features such as inheritance, late binding, redefinition, parametrisation, encapsulation and declarations/definitions, properties/theorems, whole development checked by an independent proof assistant and partially automatic documentation can be used to improve the global safety and the re-use of software components.