Formal domain-driven system development in Event-B: Application to interactive critical systems

The design of complex and/or critical systems requires handling the environment constraints in which these systems evolve. Formal methods allow system developers to design models of such systems. They provide constructs for modelling components and views of these systems. However, these formal methods do not include built-in constructs for modelling the environment, and more broadly, domain knowledge associated with system models. Although ontologies have demonstrated their efficiency in modelling domain-specific features, they are not available as built-in constructs in formal methods. This paper shows how formal ontologies can be used to model domain-specific knowledge, as well as how system models may refer to these ontologies through annotation. We rely on the Event-B refinement and proof state-based method, and the associated theories, to define a framework in which domain-specific knowledge ontologies are formalised as Event-B theories defining data types used to type Event-B system design models. Finally, this framework is deployed for the specific case of interactive critical systems. To illustrate the proposed approach, a case study of the Traffic Collision Avoidance System (TCAS) is developed.