We describe a project to develop a set of design tools for a railway signalling application, which is safety critical and has complex functional requirements. The toolset generates design specifications from functional requirements and verifies them against safety principles. The project addresses the overall engineering design process and has applicability to other domains.