Formal Methods: Use and Relevance for the Development of Safety-Critical Systems

Abstract

We are now starting to see the first applications of formal methods to the development of safety-critical computer based systems. Discussion on what are appropriate methods and tools is still intense, and there is no standard approach that presents a complete solution for the formal development of such systems. Some of the protagonists claim that formal methods offer a complete solution to the problems of safety-critical software development. Others claim that formal methods are of little or no use – or at least that their utility is severely limited by the cost of applying the techniques. The aim of this paper is to try to cast some light on this debate and to discuss from a technico-philosophical viewpoint the benefits and limitations of formal methods in this context.