Timing Tolerances in Safety-Critical Software

Abstract: Abstract. Many safety-critical software applications are hard real-time systems. They have stringent timing requirements that have to be met. We present a description of timing behaviour that includes precise definitions as well as analysis of how functional timing requirements interact with performance timing requirements, and how these concepts can be used by software designers. The definitions and analysis presented explicitly deal with tolerances in all timing durations. Preliminary work indicates that som… Show more

“…Motivated by our work on the Darlington Nuclear Generating Station Shutdown Systems software redesign project [3] and the difficulties and effort involved with the verification of timing requirements on that project, we began studying timing requirements with tolerances. In [1] we justified use of several different types of tolerances that must be fully specified at the requirements level in order to properly deal with the timing tolerances that are inherent in the system implementation. These included tolerances on functional timing requirements, and tolerances on performance timing requirements that allow for deviation from the idealized behaviour specified by the requirements models.…”

“…In this work we refine the model and formalize the analysis of the Held for with tolerance operator of [1] in the PVS 1 theorem prover. We identify different clock information assumptions for implementations, showing how changing the order of quantifiers in a high order logic formula can capture what is required to implement the Held for requirement under each of the clock information assumptions.…”

“…We identify different clock information assumptions for implementations, showing how changing the order of quantifiers in a high order logic formula can capture what is required to implement the Held for requirement under each of the clock information assumptions. For the "perfect clock at sample times case" that was implicit in the manual analysis of [1], we provide a full formal proof of necessary and sufficient conditions for when it is possible to implement a requirement that a boolean condition has been sustained for a duration d within a tolerance…”

“…While there has been a large amount of work on validation of timing requirements, there has been relatively little work on the implementability of timing requirements. We have previously provided definitions of fundamental timing operators that explicitly considered tolerances on property durations and intersample jitter [1]. In this work we refine the model and formalize the analysis of the Held for operator of [1] in the PVS theorem prover.…”

“…We have previously provided definitions of fundamental timing operators that explicitly considered tolerances on property durations and intersample jitter [1]. In this work we refine the model and formalize the analysis of the Held for operator of [1] in the PVS theorem prover. We formalize different implementation environments incorporating nonuniform samples with bounded jitter and for one of the environments provide a full formal proof of necessary and sufficient conditions for when it is possible to implement a Held for requirement.…”

Formal Verification of the Implementability of Timing Requirements

“…Motivated by our work on the Darlington Nuclear Generating Station Shutdown Systems software redesign project [3] and the difficulties and effort involved with the verification of timing requirements on that project, we began studying timing requirements with tolerances. In [1] we justified use of several different types of tolerances that must be fully specified at the requirements level in order to properly deal with the timing tolerances that are inherent in the system implementation. These included tolerances on functional timing requirements, and tolerances on performance timing requirements that allow for deviation from the idealized behaviour specified by the requirements models.…”

“…In this work we refine the model and formalize the analysis of the Held for with tolerance operator of [1] in the PVS 1 theorem prover. We identify different clock information assumptions for implementations, showing how changing the order of quantifiers in a high order logic formula can capture what is required to implement the Held for requirement under each of the clock information assumptions.…”

“…We identify different clock information assumptions for implementations, showing how changing the order of quantifiers in a high order logic formula can capture what is required to implement the Held for requirement under each of the clock information assumptions. For the "perfect clock at sample times case" that was implicit in the manual analysis of [1], we provide a full formal proof of necessary and sufficient conditions for when it is possible to implement a requirement that a boolean condition has been sustained for a duration d within a tolerance…”

“…While there has been a large amount of work on validation of timing requirements, there has been relatively little work on the implementability of timing requirements. We have previously provided definitions of fundamental timing operators that explicitly considered tolerances on property durations and intersample jitter [1]. In this work we refine the model and formalize the analysis of the Held for operator of [1] in the PVS theorem prover.…”

“…We have previously provided definitions of fundamental timing operators that explicitly considered tolerances on property durations and intersample jitter [1]. In this work we refine the model and formalize the analysis of the Held for operator of [1] in the PVS theorem prover. We formalize different implementation environments incorporating nonuniform samples with bounded jitter and for one of the environments provide a full formal proof of necessary and sufficient conditions for when it is possible to implement a Held for requirement.…”

Formal Verification of the Implementability of Timing Requirements

Precise Documentation and Validation of Requirements

Current and Future Research Directions in Requirements Engineering