VDM and B are two mature formal methods currently in use by industry and supported by commercial tools. Though the methods are basically similar, the coverage of their supporting tools differ significantly. The SPECTRUM project has shown the feasibility of integrating support for the two methodologies.
Contrary to past practice of method proliferation, SPECTRUM demonstrates that an integration of two complementary market offerings is the way forward. Furthermore, it identifies needs where the enhanced use of formality could bring further benefits. These benefits result from an earlier use of analysis in development reducing specification and design defects and a greater use of automation such as automated derivation of test-cases and test-harnesses from specifications.
Within the design process, a high-level specification is subject to two conflicting tensions. It is used as a vehicle for validating the requirements, and also as a first step of the refinement process. Whilst the structuring mechanisms available in the B method are well-suited for the latter purpose, the rich type constructions of VDM are useful for the former. VDM's richer type language and its greater support for data abstraction make it more suited to the earlier analysis and specification phases and the corresponding integration and system test stages, whereas B's modularity, refinement support and code generation facilities are of best use in detailed design, implementation and unit testing.
The scope of the VDM and B integration has been assessed in particular in the following four application areas: - Avionics on-board stores management; - Command and control of railway trains; - Nuclear plant control; - Global satellite aircraft navigation.
Project URL : http://www.dci.clrc.ac.uk/Activity.asp?VDMB