System Development
iFACTS specification and design
iFACTS is a suite of tools for National Air Traffic Services, the UK’s leading air traffic services provider, to improve the capacity of en-route airspace by assisting controllers in monitoring and predicting aircraft behaviour. It uses advanced algorithms developed over several years by NATS. I worked with the Altran Praxis team carrying out the engineering of iFACTS and its integration into the existing area control software. This project is based on specifications and designs written largely in the formal notation Z. The specification captures the user requirements and the system interfaces. It is critical to the development and testing of the software and also to the necessary safety analysis. Writing and maintaining the specification has required new processes and tools for structuring and managing a large specification.
Chief designer, CDIS
CDIS is an air traffic information system for the London Terminal Control Centre. It was one of the earliest large scale industrial uses of formal methods to specify and design software, and CDIS remains one of the largest operational systems built using formal methods. It is a distributed system with nearly 100 computers running about 200KLOC of code. It has a highly resilient high performance architecture with hardware fault tolerance in the central processor, workstations and communications infrastructure.
CDIS was integrated smoothly into the operational environment and has given excellent service to its users since it went operational in 1993. It had a ten-year warranty against category 1 defects and has proved extremely reliable in service. Measured defects of all kinds in the first 16 months from delivery were around 0.75 per KLOC, far better than industry norms at the time.
Requirements Engineering
Consultancy and training
Requirements engineering projects in air traffic control and aero engine development have applied REVEAL to elicit stakeholder needs and transform them into specifications to suppliers of systems and components. National Air Traffic Services and the US Federal Aviation Administration have both had requirements engineering training and consultancy in REVEAL.
Software Engineering
Consultancy
I have investigated the re-engineering and maintenance of a major operational system and planned a programme of sustainment using modern software engineering techniques.