. We present a failure-divergence model for CSP following the concepts of [BR 85]. Its formal representation within higher order logic in the theorem prover Isabelle/HOL [Pau 94] revealed an error in the basic definition of CSP concerning the treatment of the termination symbol tick. A corrected model has been formally proven consistent with Isabelle/- HOL. Moreover, the changed version maintains the essential algebraic properties of CSP. As a result, there is a proven correct implementation of a "CSP workbench" within Isabelle. 1 Introduction In his invited lecture at FME'96, C.A.R. Hoare presented his view on the status quo of formal methods in industry. With respect to formal proof methods, he ruled that they "are now sufficiently advanced that a [...] formal methodologist could occasionally detect [...] obscure latent errors before they occur in practice" and asked for their publication as a possible "milestone in the acceptance of formal methods" in industry. In this paper, we re...

. We present an approach to integrate several existing tools and methods to a technical framework for correctly developing and executing program transformations. The resulting systems enable program derivations in a user-friendly way. We illustrate the approach by proving and implementing the transformation Global Search on the basis of the tactical theorem prover Isabelle. A graphical user-interface based on the X-Window toolkit Tk provides user friendly access to the underlying machinery. 1 Introduction Development by transformation is a prominent approach in formal program development (CIP [Bau + 85], PROSPECTRA [HK 93], KIDS [Smi 90]). Many case studies have proven its feasibility and demonstrated how much more abstract and user-oriented developments could be achieved than using usual post-verification approaches (fundamental for systems like PVS [OSR 93]). One recent case study is [KW 95]; and a prominent one is [SPW 95] where a strategic transportation scheduling algorithm is de...

Abstract. We present a formal specification and verification approach for industrial product data bases containing Boolean logic formulae to express constraints. Within this framework, global consistency assertions about the product data are converted into propositional satisfiability problems. Today’s state-of-the-art provers turn out to be surprisingly efficient in solving the SAT-instances generated by this process. Moreover, we introduce a method for encoding special non-monotonic constructs in traditional Boolean logic. We have successfully applied our method to industrial automotive product data management and could establish a set of commercially used interactive tools that facilitate the management of change and help raise quality standards.

In this paper we present a national project located in the area of computer aided testing and certifying (CATC) of physical devices. The objective of this project is to develop an information system that supports the various activities of different user groups in a German federal institute of weights and measures. We decided to use formal methods right from the beginning of the project. Our approach is based on the formal object oriented specification language Troll. Starting point of the development is an abstract model of the organization which will serve later on as a formal basis for implementation. We present parts of this specification and its relations with the underlying formal semantics. The experiences we made so far are rather positive and we expect further positive effects in the future. Copyright c fl1997 Elsevier Science Ltd Key words: Object Oriented Specification, Case Study, Information System, Information Modelling, Requirements Engineering, Formal Method 1...

The thesis investigates some of the traditional problems with the established formal methods, such as requirements elicitation, the validation problem, divergence from current industrial practice, adverse effects on early problem solving and the incompleteness of perspective. Recent approaches to solving some of these problems are reviewed, including structured and formal methods integration, hybrid formal methods and multi-paradigmed approaches. The definition of a method first used by Kronlof is adopted and two reasons for integrating methods are hypothesised: ffl The integration of methods which result in a richer methodological profile, such as methods which address different stages of the life-cycle, and; ffl The integration of methods which result in a wider overall perspective, and are thus effective over a wider number of prospective problems, such as methods which consider different orthogonal aspects of requirements. Two pieces of work are then presented, one for each hypot...

In this paper we present a national project located in the area of computer aided testing and certifying (CATC) of physical devices.

This paper describes the lessons learned from an application of formal specification techniques in the development of a security-critical system within a UK company. The authors advocate the gradual introduction of formal methods, beginning with an appreciation of existing development processes, and discuss the role played by non-software professionals, executable specifications, formal proof, training and tool support in this and future projects. Keywords: Applications of Formal Methods; Tool Support; Software Process; Training Introduction If formal methods are to be more than an academic toy, experts in the field must develop a fruitful dialogue with commercial systems developers. We believe the best way to begin this is to discuss formal methods with engineers on their own terms, and then build on their experience. Professionals are generally open to techniques which will help them do a better job, but such techniques cannot be introduced at the expense of existing good practice. ...

This paper presents a case study review of an information system specification based on concepts from the formal and structured integrated method, SAZ. Issues of structured and formal modelling are discussed. Some empirical findings, from a small trial of the approach reviewing a pre-existing commercial specification, are presented.

In this paper we present a national project located in the area of computer aided testing and certifying (CATC) of physical devices. The aim of this project is to develop an Information System that supports the various activities of different user groups in a German federal institute of weights and measures. We decided to use the formal object oriented specification language Troll throughout the project. Our purpose is to provide a method which is based on a formal specification language to design a complex information

Checkpoint Encoding is the process of representing any input domain of a software system into a binary valued domain. Any input data value (i.e.an element of any application domain) can now be translated with minimal loss of information into a binary valued string. This abstraction of any application domain into an uniform format allows a variety of testing techniques to be applied consistently and universally. Anti-random testing is one such scheme that takes advantage of binary representation that checkpoint encoding provides and has shown good results. The checkpoint encoding process is usually applied manually and in an arbitrary fashion. The result varies depending on the choices made by individual test engineer carrying out the process. This thesis attempts to improve checkpoint encoding by automating checkpoint encoding and, by understanding what factors control the effectiveness of checkpoint encoding. The first