1 Department of Information Technology, Technical University of Denmark
Exemplified by Railway Interlocking Systems
Software for safety critical systems must deal with the hazards identified by safety analysistechniques: Fault trees, event trees,and cause consequence diagrams can be interpreted as safety requirements and used in the design activity. We propose that the safety analysis and the system design use the same system model and that this model is formalized in a real-time, interval logic, based on a conventional dynamic systems model with a state over time. The three safety analysis techniques are interpreted in this model and it is shown how to derive safety requirements for components of a system.