Modelling complex timing requirements with refinement

In the domain of formal modelling and verification of real-time safety-critical systems, our focus is on complex - i.e. nested, interdependent and cyclic - timing constraints. In Event-B, we present methodological support for our concept of timing interval by defining a set of refinement transformations, designed for structured modelling of such timing constraints. All timing interval related aspects are generated by our tool. An example development, abstracted from our work modelling a cardiac pacemaker, serves to illustrate the use of the transformations. The development is undertaken, proved and model-checked in the Rodin tool-kit for Event-B