Information Technology Reference
In-Depth Information
3.4
“Open Proof” the ultimate Objective for openETCS
Wheeler's statement confirms the need for an open source tools chain to
cover the software production and documentation process for verification and
validation into the open source concept in total, providing an “Open Proof”
(OP) methodology [33]. OP should be then the ultimate objective for an
openETCS project, in order to make the system as robust as possible for
reliability, safety as well as for security reasons. An essential precondition for
any high quality product is an unambiguous specification. Until this day only
a written - more or less - structured text in natural language is the basis for
ETCS product development, leaving more room for divergent interpretation
(figure 3) than desirable.
A potential solution for avoiding ambiguities right in the beginning of
the product development process could be the conversion into a formal that
means “mathematical” description of the functional requirement specification.
As recommended by Jan Peleska in his “Habiltationsschrift” (post doctorial
thesis) [34]:
“. . . how the software crisis should be tackled in the future:
-
The complexity of today's applications can only be managed by applying
a combination of methods; each of them specialized to support specific
development steps in an optimized way during the system development
process.
-
The application of formal methods should be supported by development
standards, i.e., explanations or “recipes” showing how to apply the meth-
ods in the most ecient way to a specific type of development task. ...
-
The application of formal methods for the development of dependable sys-
tems will only become cost-effective if the degree of reusability is increased
by means of reusable (generic) specifications, reusable proofs, code and
even reusable development processes.”
Despite the fact that several attempts have been made in the past, a com-
prehensive Formal Functional Requirement Specification (FFRS) has never
been completed for ETCS due to lack of resources and/or funding. Based
on proprietary software business concepts there is obviously not a positive
business case for suppliers for a FFRS.
Formal specification works does not have to be started from scratch, be-
cause there are already a number of partial results from a series of earlier
work, although that different approaches, methods and tools have been used
[35], [36], [37]. Evaluating those results and trying to apply a method success-
fully applied in several open source projects and known as a so called “Stone
Soup Development Methodology” might be able to bring all those elements
and all experts involved together in order to contribute to such project at
relatively low cost [3], [38].
