Results 1  10
of
13
Facing up to faults
 The Computer Journal
, 2000
"... As individuals, organisations and indeed the world at large have become more dependent on computerbased systems, so there has been an evergrowing amount of research into means for improving the dependability of these systems. In particular there has been much work on trying to gain increased under ..."
Abstract

Cited by 17 (0 self)
 Add to MetaCart
As individuals, organisations and indeed the world at large have become more dependent on computerbased systems, so there has been an evergrowing amount of research into means for improving the dependability of these systems. In particular there has been much work on trying to gain increased understanding of the many and varied types of faults that need to be prevented or tolerated in order to reduce the probability and severity of system failures. In this talk I discuss the assumptions that are often made by computing system designers regarding faults, survey a number of continuing issues related to fault tolerance, and identify some of the latest challenges facing researchers in this arena. In The Beginning It is a great honour and privilege to be asked to give this, the second, Turing Lecture. Let me start by mentioning that, to my great regret, I never met Alan Turing, whose tragic death occurred just a few years before I became involved with computing. His character and achievements have however always fascinated me at one time I spent much effort trying to investigate his wartime work on cryptanalysis and codebreaking devices. As a result I managed to uncover and help to gain belated
An ObjectOriented Refinement Calculus with Modular Reasoning
, 1992
"... In this thesis, the refinement calculus is extended to support a variety of objectoriented programming styles. The late binding of procedure calls in objectoriented languages is modelled by defining an objectoriented system to be a function from procedure names and argument values to the procedur ..."
Abstract

Cited by 15 (1 self)
 Add to MetaCart
In this thesis, the refinement calculus is extended to support a variety of objectoriented programming styles. The late binding of procedure calls in objectoriented languages is modelled by defining an objectoriented system to be a function from procedure names and argument values to the procedures that are invoked by late binding. The first model allows multiple dispatch late binding, in the style of CLOS. This model is then specialised to the single dispatch case, giving a model that associates types with objects, which is similar to existing class based objectoriented languages. Both models are then restricted so that they support modular reasoning. The concept of modular reasoning has been defined informally in the literature, both for nonobjectoriented systems and for objectoriented systems. This thesis gives the first formal definition of modular reasoning for objectoriented languages. Intuitively, the definition seems to capture the minimum possible requirements necessa...
The Early Search for Tractable Ways of Reasoning About Programs
 IEEE Annals of the History of Computing
, 2003
"... This paper traces the important steps in the history up to around 1990 of research on reasoning about programs. The main focus is on sequential imperative programs but some comments are made on concurrency. Initially, researchers focussed on ways of verifying that a program satisfies its specifi ..."
Abstract

Cited by 15 (2 self)
 Add to MetaCart
This paper traces the important steps in the history up to around 1990 of research on reasoning about programs. The main focus is on sequential imperative programs but some comments are made on concurrency. Initially, researchers focussed on ways of verifying that a program satisfies its specification (or that two programs were equivalent). Over time it became clear that post facto verification is only practical for small programs and attention turned to verification methods which support the development of programs; for larger programs it is necessary to exploit a notation of compositionality. Coping with concurrent algorithms is much more challenging  this and other extensions are considered briefly. The main thesis of this paper is that the idea of reasoning about programs has been around since they were first written; the search has been to find tractable methods.
On the Search for Tractable Ways of Reasoning about Programs
, 2001
"... This paper traces the important steps in the history up to around 1990 of research on reasoning about programs. The main focus is on sequential imperative programs but some comments are made on concurrency. Initially, researchers focussed on ways of verifying that a program satifies its specific ..."
Abstract

Cited by 9 (1 self)
 Add to MetaCart
This paper traces the important steps in the history up to around 1990 of research on reasoning about programs. The main focus is on sequential imperative programs but some comments are made on concurrency. Initially, researchers focussed on ways of verifying that a program satifies its specification (or that two programs were equivalent). Over time it has become clear that post facto verification is only practical for small programs and attention turned to verification methods which support the development of programs; for larger programs it is necesary to exploit a notion of composability.
Logical Specifications for Functional Programs
, 1993
"... We present a formal method of functional program development based on stepbystep transformation. In their most abstract form, specifications are essentially predicates that relate the result of the specified program to the free variables of that program. In their most concrete form, specifications ..."
Abstract

Cited by 9 (3 self)
 Add to MetaCart
We present a formal method of functional program development based on stepbystep transformation. In their most abstract form, specifications are essentially predicates that relate the result of the specified program to the free variables of that program. In their most concrete form, specifications are simply programs in a functional programming language. Development from abstract specifications to programs is calculational. Using logic in the specification language has many advantages. Importantly it allows nondeterministic specifications to be given, and thus does not force overspecification.
Integrating reasoning about ordinal arithmetic into ACL2
 In Formal Methods in ComputerAided Design: 5th International Conference – FMCAD2004, LNCS
, 2004
"... Abstract. Termination poses one of the main challenges for mechanically verifying infinite state systems. In this paper, we develop a powerful and extensible framework based on the ordinals for reasoning about termination in a general purpose programming language. We have incorporated our work into ..."
Abstract

Cited by 7 (5 self)
 Add to MetaCart
Abstract. Termination poses one of the main challenges for mechanically verifying infinite state systems. In this paper, we develop a powerful and extensible framework based on the ordinals for reasoning about termination in a general purpose programming language. We have incorporated our work into the ACL2 theorem proving system, thereby greatly extending its ability to automatically reason about termination. The resulting technology has been adopted into the newly released ACL2 version 2.8. We discuss the creation of this technology and present two case studies illustrating its effectiveness. 1
Ordinal arithmetic: Algorithms and mechanization
 Journal of Automated Reasoning
, 2006
"... Abstract. Termination proofs are of critical importance for establishing the correct behavior of both transformational and reactive computing systems. A general setting for establishing termination proofs involves the use of the ordinal numbers, an extension of the natural numbers into the transfini ..."
Abstract

Cited by 5 (3 self)
 Add to MetaCart
Abstract. Termination proofs are of critical importance for establishing the correct behavior of both transformational and reactive computing systems. A general setting for establishing termination proofs involves the use of the ordinal numbers, an extension of the natural numbers into the transfinite which were introduced by Cantor in the nineteenth century and are at the core of modern set theory. We present the first comprehensive treatment of ordinal arithmetic on compact ordinal notations and give efficient algorithms for various operations, including addition, subtraction, multiplication, and exponentiation. Using the ACL2 theorem proving system, we implemented our ordinal arithmetic algorithms, mechanically verified their correctness, and developed a library of theorems that can be used to significantly automate reasoning involving the ordinals. To enable users of the ACL2 system to fully utilize our work required that we modify ACL2, e.g., we replaced the underlying representation of the ordinals and added a large library of definitions and theorems. Our modifications are available starting with ACL2 version 2.8. 1.
What can be learned from failed proofs of nontheorems
 Oxford University Computer Laboratory
, 2005
"... Abstract. This paper reports an investigation into the link between failed proofs and nontheorems. It seeks to answer the question of whether anything more can be learned from a failed proof attempt than can be discovered from a counterexample. We suggest that the branch of the proof in which fail ..."
Abstract

Cited by 4 (3 self)
 Add to MetaCart
Abstract. This paper reports an investigation into the link between failed proofs and nontheorems. It seeks to answer the question of whether anything more can be learned from a failed proof attempt than can be discovered from a counterexample. We suggest that the branch of the proof in which failure occurs can be mapped back to the segments of code that are the culprit, helping to locate the error. This process of tracing provides finer grained isolation of the offending code fragments than is possible from the inspection of counterexamples. We also discuss ideas for how such a process could be automated. The use of mathematical proof to show that a computer program meets its specification has a long history in Computer Science (e.g. [13, 12]). However the techniques and tools are only used in very specialised situations in industry where programmers generally rely on testing and bug reports from users to assess the extent to which a program meets its specification. One of the many reasons to which this poor uptake is attributed is that the final proof will tell you if the
The use of proof planning critics to diagnose errors in the base cases of recursive programs
 IJCAR 2004 Workshop on Disproving: NonTheorems, NonValidity, NonProvability
, 2004
"... This paper reports the use of proof planning to diagnose errors in program code. In particular it looks at the errors that arise in the base cases of recursive programs produced by undergraduates. It describes two classes of error that arise in this situation. The use of test cases would catch these ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
This paper reports the use of proof planning to diagnose errors in program code. In particular it looks at the errors that arise in the base cases of recursive programs produced by undergraduates. It describes two classes of error that arise in this situation. The use of test cases would catch these errors but would fail to distinguish between them. The system adapts proof critics, commonly used to patch faulty proofs, to diagnose such errors and distinguish between the two classes. It has been implemented in λClam, a proof planning system, and applied successfully to a small set of examples. The use of mathematical proof to show that a computer program meets its specification has a long history in Computer Science (e.g. [14, 13]). Considerable time and effort has been invested in creating computerbased tools to support the process of proving programs correct (e.g. [15, 8]). However the technique and tools are only used in very specialised situations in industry where programmers generally rely on testing and bug reports from users to assess the extent to which a program meets its specification.
Metatheory and Operational Reasoning: Real Languages and Executable Code
, 2006
"... In my PhD thesis [34] I described novel ways to improve the automation in current interactive theorem provers. I also addressed the application of theorem provers to other areas of research, in particular, to the formalisation and mechanisation of proofs about distributed algorithms. I proved severa ..."
Abstract
 Add to MetaCart
In my PhD thesis [34] I described novel ways to improve the automation in current interactive theorem provers. I also addressed the application of theorem provers to other areas of research, in particular, to the formalisation and mechanisation of proofs about distributed algorithms. I proved several key properties of algorithms that, for example, allow streaming of television over the internet. I give more details below. As an undergraduate, I studied mathematics, and later gained a distinction in the Computer Science Diploma. After several years as a professional programmer, I returned to academia and completed a PhD at the Laboratory for the Foundations of Computer Science, Edinburgh, under the supervision of Dr Paul