Results 1  10
of
28
ModelChecking CSPOZ Specifications with FDR
 IN ARAKI ET AL
, 1999
"... CSPOZ is a formal method integrating two different specifications formalisms into one: the formalism ObjectZ for the description of static aspects, and the process algebra CSP for the description of the dynamic behaviour of systems. The semantics of CSPOZ is failure divergence taken from the ..."
Abstract

Cited by 26 (3 self)
 Add to MetaCart
CSPOZ is a formal method integrating two different specifications formalisms into one: the formalism ObjectZ for the description of static aspects, and the process algebra CSP for the description of the dynamic behaviour of systems. The semantics of CSPOZ is failure divergence taken from the process algebra side. In this paper we propose a method for checking correctness of CSPOZ specifications via a translation into the CSP dialect of the model checker FDR.
A Corrected FailureDivergence Model for CSP in Isabelle/HOL
, 1997
"... . We present a failuredivergence model for CSP following the concepts of [BR 85]. Its formal representation within higher order logic in the theorem prover Isabelle/HOL [Pau 94] revealed an error in the basic definition of CSP concerning the treatment of the termination symbol tick. A corrected mod ..."
Abstract

Cited by 22 (8 self)
 Add to MetaCart
. We present a failuredivergence model for CSP following the concepts of [BR 85]. Its formal representation within higher order logic in the theorem prover Isabelle/HOL [Pau 94] revealed an error in the basic definition of CSP concerning the treatment of the termination symbol tick. A corrected model has been formally proven consistent with Isabelle/ HOL. Moreover, the changed version maintains the essential algebraic properties of CSP. As a result, there is a proven correct implementation of a "CSP workbench" within Isabelle. 1 Introduction In his invited lecture at FME'96, C.A.R. Hoare presented his view on the status quo of formal methods in industry. With respect to formal proof methods, he ruled that they "are now sufficiently advanced that a [...] formal methodologist could occasionally detect [...] obscure latent errors before they occur in practice" and asked for their publication as a possible "milestone in the acceptance of formal methods" in industry. In this paper, we re...
Automating Test Case Generation from Z Specifications with Isabelle
 LECTURE NOTES IN COMPUTER SCIENCE
, 1997
"... We use a structure preserving encoding of Z in the higherorder logic instance of the generic theorem prover Isabelle to derive test cases from Z specifications. This work shows how advanced theorem provers can be used with little effort to provide tool support for Z beyond mere typechecking. Exp ..."
Abstract

Cited by 20 (1 self)
 Add to MetaCart
We use a structure preserving encoding of Z in the higherorder logic instance of the generic theorem prover Isabelle to derive test cases from Z specifications. This work shows how advanced theorem provers can be used with little effort to provide tool support for Z beyond mere typechecking. Experience with a nontrivial example shows that modular reasoning according to the structure of a specification is crucial to keep the proofload manageable in practical applications. Support for modular reasoning can be based on higherorder equational reasoning as implemented in Isabelle.
HOLOCL: Experiences, Consequences and Design Choices
 UML 2002: MODEL ENGINEERING, CONCEPTS AND TOOLS, NUMBER 2460 IN LECTURE NOTES IN COMPUTER SCIENCE
, 2002
"... Based on experiences gained from an embedding of the Object Constraint Language (OCL) in higherorder logic [1], we explore several key issues of the design of a formal semantics of the OCL. These issues comprise the question of the interpretation of invariants, pre and postconditions, an execu ..."
Abstract

Cited by 15 (5 self)
 Add to MetaCart
Based on experiences gained from an embedding of the Object Constraint Language (OCL) in higherorder logic [1], we explore several key issues of the design of a formal semantics of the OCL. These issues comprise the question of the interpretation of invariants, pre and postconditions, an executable sublanguage and the possibilities of refinement notions. A particular emphasize is put on the issue of mechanized deduction in UML/OCL specification.
Specifying Embedded Systems with Statecharts and Z: An Agenda for Cyclic Software Components
 OF LECTURE NOTES IN COMPUTER SCIENCE
, 1998
"... The application of formal techniques can contribute much to the quality of software, which is of utmost importance for safetycritical embedded systems. These techniques, however, are not easy to apply. In particular, methodological guidance is often unsatisfactory. We address this problem by the ..."
Abstract

Cited by 14 (1 self)
 Add to MetaCart
The application of formal techniques can contribute much to the quality of software, which is of utmost importance for safetycritical embedded systems. These techniques, however, are not easy to apply. In particular, methodological guidance is often unsatisfactory. We address this problem by the concept of an agenda. An agenda is a list of activities to be performed for solving a task in software engineering. Agendas used to support the application of formal specification techniques provide detailed guidance for specifiers, templates of the used specification language that only need to be instantiated, and application independent validation criteria. We apply the agenda approach to a particular class of embedded safetycritical systems, the formal specification of which has been investigated in the casestudies of the German Espress project during the last two years.
Permissive Subsorted Partial Logic in CASL
, 1997
"... . This paper presents a permissive subsorted partial logic used in the CoFI Algebraic Specification Language. In contrast to other ordersorted logics, subsorting is not modeled by set inclusions, but by injective embeddings allowing for more general models in which subtypes can have different data t ..."
Abstract

Cited by 13 (8 self)
 Add to MetaCart
. This paper presents a permissive subsorted partial logic used in the CoFI Algebraic Specification Language. In contrast to other ordersorted logics, subsorting is not modeled by set inclusions, but by injective embeddings allowing for more general models in which subtypes can have different data type representations. Furthermore, there are no restrictions like monotonicity, regularity or local filtration on signatures at all. Instead, the use of overloaded functions and predicates in formulae is required to be sufficiently disambiguated, such that all parses have the same semantics. An overload resolution algorithm is sketched. 1 Introduction During the past decades a large number of algebraic specification languages have been developed. The presence of so many similar specification languages with no common framework hinders the dissemination and application of research results in algebraic specification. In particular, it makes it difficult to produce educational material, to reus...
Encoding ObjectZ in Isabelle/HOL
 International Conference of Z and B Users (ZB 2002), volume 2272 of LNCS
, 2002
"... In this paper, we present a formalisation of the reference semantics of ObjectZ in the higherorder logic (HOL) instantiation of the generic theorem prover Isabelle, Isabelle/HOL. This formalisation has the e#ect of both clarifying the semantics and providing the basis for a theorem prover for ..."
Abstract

Cited by 12 (4 self)
 Add to MetaCart
In this paper, we present a formalisation of the reference semantics of ObjectZ in the higherorder logic (HOL) instantiation of the generic theorem prover Isabelle, Isabelle/HOL. This formalisation has the e#ect of both clarifying the semantics and providing the basis for a theorem prover for ObjectZ. The work builds on an earlier encoding of a value semantics for objectoriented Z in Isabelle/HOL and a denotational semantics of ObjectZ based on separating the internal and external e#ects of class methods.
TAS and IsaWin: Tools for transformational program developkment and theorem proving
 FUNDAMENTAL APPROACHES TO SOFTWARE ENGINEERING FASE’99, NUMBER 1577 IN LECTURE NOTES IN COMPUTER SCIENCE
, 1999
"... ..."
Building formal method tools in the Isabelle/Isar framework
 THEOREM PROVING IN HIGHER ORDER LOGICS (TPHOLS 2007), LNCS
, 2007
"... We present the generic system framework of Isabelle/Isar underlying recent versions of Isabelle. Among other things, Isar provides an infrastructure for Isabelle plugins, comprising extensible state components and extensible syntax that can be bound to tactical ML programs. Thus the Isabelle/Isar ..."
Abstract

Cited by 10 (6 self)
 Add to MetaCart
We present the generic system framework of Isabelle/Isar underlying recent versions of Isabelle. Among other things, Isar provides an infrastructure for Isabelle plugins, comprising extensible state components and extensible syntax that can be bound to tactical ML programs. Thus the Isabelle/Isar architecture may be understood as an extension and refinement of the traditional “LCF approach”, with explicit infrastructure for building derivative systems. To demonstrate the technical potential of the framework, we apply it to a concrete formal methods tool: the HOLZ 3.0 environment, which is geared towards the analysis of Z specifications and formal proof of forwardrefinements.
HOLZ 2.0: A proof environment for Zspecifications
 JOURNAL OF UNIVERSAL COMPUTER SCIENCE
, 2002
"... We present a new proof environment for the specification language Z. The basis is a semantic representation of Z in a structurepreserving, shallow embedding in Isabelle/HOL. On top of the embedding, new proof support for the Z schema calculus and for proof structuring are developed. Thus, we integ ..."
Abstract

Cited by 9 (5 self)
 Add to MetaCart
We present a new proof environment for the specification language Z. The basis is a semantic representation of Z in a structurepreserving, shallow embedding in Isabelle/HOL. On top of the embedding, new proof support for the Z schema calculus and for proof structuring are developed. Thus, we integrate Z into a wellknown and trusted theorem prover with advanced deduction technology such as higherorder rewriting, tableauxbased provers and arithmetic decision procedures. A further achievement of this work is the integration of our embedding into a new toolchain providing a Zoriented type checker, documentation facilities and macro support for refinement proofs; as a result, the gap has been closed between a logical embedding proven correct and a tool suited for applications of nontrivial size.