On 18 August I wrote an essay on eight themes in System Safety Engineering which addressed the use (or not) of so-called formal methods. On 28 August, Rod Chapman of Praxis HIS wrote a note to the University of York Safety-Critical Systems Mailing List which gave some figures for Praxis’s experience on a medium-large project…

I was led recently to think of some of the main issues in safety engineering of systems with computer-based components, when they occurred in the course of a discussion on the University of York safety-critical systems mailing list (look for “Certification of Tools/Components” in the archive). Here are some of these issues and my views…

with Martyn Thomas, co-author. [A couple of weeks ago, Martyn Thomas and I were contacted by a journalist for the German weekly Der Spiegel. He asked me a question which I found hard to answer for non-specialists: what are “formal methods?” Here is the answer which Martyn and I supplied.] There has long been a…