Formal Specification in Collaborative Design of Critical Software Tools

Engineers use software tools to model and analyze designs for critical systems. Because important design decisions are based on tool results, tools must provide valid modeling constructs; engineers must understand them to validate their models; and tools must implement these constructs without significant error. Such tools thus demand careful conceptual and software design. An important aspect of such design is the use of rigorous specification and advanced design techniques. This paper contributes a case study on the use of such techniques in the collaborative development of a fault tree analysis tool. The collaboration involved software engineering researchers knowledgable about software specification and design and reliability engineering researchers expert in fault tree techniques. Our work revealed conceptual and implementation errors in an earlier version of the tool. Our study supports the position that there is a need for rigorous software specification and design in developing novel analysis tools, and that collaboration between software engineers and domain experts is feasible and profitable.