A goal of software product lines is the economical synthesis of programs in a family of programs. In this paper, we explain how theorems about program properties can be integrated into feature-based development of software product lines. As a case study, we analyze an existing Java/JVM compilation correctness proof for defining, interpreting, compiling, and executing bytecode for the Java language. We explain how features modularize both programs and theorems. By composing features, the source code and theorems for a program are synthesized. Generated theorems may then be certified manually or automatically using a proof checker, opening a new line of research in verification. 1

The main problems of Java Bytecode Verification are embedded subroutines and multiple inheritance via interfaces. The problem with interfaces has been solved (by using sets of reference types or by introducing a run-time check for the invokeinterface instruction). It is widely believed that also the problem with subroutines has been solved.

Abstract State Machines (ASMs) encourage highlevel system specifications without forcing the development into the "formal methods straightjacket ". This makes them an ideal formal method for applications in areas, where otherwise only semi-formal methods are used. One such area is the development of data warehouse and on-line analytical processing (OLAP) applications to which this article contributes. Based on an ASM ground model for data warehouses we show which problems have to be solved in the case of distribution. This mainly amounts to making decisions on materialised views. In this article we develop simple refinement rules for this purpose. Then we develop a cost model that combines the costs of query processing with the maintenance costs arising from redundancy in the local data warehouse fragments. This cost model indicates, whether it is advantageous to apply a refinement rule or not. However, as the refinement process is non-deterministic, there is no guarantee that a global cost optimum will be reached. Keywords. Abstract State Machine, Data Warehouse, Distribution, Cost Model, Refinement 1

Abstract. In a multithreaded program running on a multiprocessor platform, different processors may observe operations in different orders. This may lead to surprising results not anticipated by the programmer. The problem is exacerbated by common compiler and hardware optimization techniques. A memory (consistency) model provides a contract between the system designer and the software designer that constrains the order in which operations are observed. Every memory model strikes some balance between strictness (simplifying program behavior) and laxness (permitting greater optimization). With its emphasis on cross-platform compatibility, the Java programming language needs a memory model that is satisfactory to language users and implementors. Everyone in the Java community must be able to understand the Java memory model and its ramifications. The description of the original Java memory model suffered from ambiguity and opaqueness, and attempts to interpret it revealed serious deficiencies. Two memory models have been proposed as replacements. Unfortunately, these two new models are described at different levels of abstraction and are represented in different formats, making it difficult to compare them. In this paper we formalize these models and develop a unified representation of them, using Abstract State Machines. Using our formal specifications, we relate the new Java memory models to the Location Consistency memory model and to each other. 1

state machines executable. The aim is to specify and implement an execution engine for a language that is as close as possible to the mathematical definition of pure ASM. We present the general architecture of the engine, together with a high-level description of the extensibility mechanisms that are used by the engine to accommodate arbitrary backgrounds, scheduling policies, and new rule forms. 1

We present a high-level executable specification for the Universal Plug and Play (UPnP) standard illustrating the use of Abstract State Machine (ASM) technology as a practical tool for applied systems engineering. The concept of distributed real-time ASM allows us to combine both synchronous and asynchronous execution models in one uniform model of computation.

Abstract. Static single assignment (SSA) form is the intermediate representation of choice in modern optimizing compilers for which no formal semantics has been stated yet. To prove such compilers correct, a formal semantics of SSA representations is necessary. In this paper, we show that abstract state machines (ASMs) are able to capture the imperative as well as the data flow-driven and therefore non-deterministic aspects of SSA representations in a simple and elegant way. Furthermore, we demonstrate that correctness of code generation can be verified based on this ASM semantics by proving the correctness of a simple code generation algorithm. 1

During an attempt to prove that our Java compiler generates code that is accepted by the Java Bytecode Verifier we found examples of legal Java programs which are rejected by any Bytecode Verifier. The examples show that Java Bytecode Verification as it has been introduced by Sun is not possible. We propose therefore to restrict the so-called rules of definite assignment for the try-finally statement as well as for the labeled statement such that our example programs are no longer allowed. Then we can prove, using the framework of Abstract State Machines, that each program from the restricted Java language is accepted by the Java Bytecode Verifier. 1 Introduction The Java programming language [3] is a strongly typed general-purpose language. Java programs are compiled to bytecode instructions (class files) according to the Java Virtual Machine Specification [5]. Class files can be executed by the Java Virtual Machine (JVM). A correct Java compiler produces bytecode instructi...

For each of the principal current models of computation and of highlevel system design, we present a uniform set of transparent easily understandable descriptions, which are faithful to the basic intuitions and concepts of the investigated systems. Our main goal is to provide a mathematical basis for the technical comparison of established models of computation which can contribute to rationalize the scientific evaluation of different system specification approaches in the literature, clarifying in detail their advantages and disadvantages. As a side effect we obtain a powerful yet simple new conceptual framework for teaching the fundamentals of computation theory. 1

Abstract not found