Results 1 
4 of
4
Predicate Transformer Semantics of a Higher Order Imperative Language With . . .
 SCIENCE OF COMPUTER PROGRAMMING
, 1998
"... Using a settheoretic model of predicate transformers and ordered data types, we give a totalcorrectness semantics for a typed higherorder imperative programming language that includes record extension, local variables, and proceduretype variables and parameters. The language includes infeasibl ..."
Abstract

Cited by 19 (9 self)
 Add to MetaCart
Using a settheoretic model of predicate transformers and ordered data types, we give a totalcorrectness semantics for a typed higherorder imperative programming language that includes record extension, local variables, and proceduretype variables and parameters. The language includes infeasible speci cation constructs, for a calculus of re nement. Procedures may have global variables, subject to mild syntactic restrictions to avoid the semantic complications of Algollike languages. The semantics is used to validate simple proof rules for noninterference, type extension, and calls of procedure variables and constants.
A Categorical Model for Higher Order Imperative Programming
 Mathematical Structures in Computer Science
, 1993
"... This paper gives the first complete axiomatization for higher types in the refinement calculus of predicate transformers. ..."
Abstract

Cited by 14 (13 self)
 Add to MetaCart
This paper gives the first complete axiomatization for higher types in the refinement calculus of predicate transformers.
Data refinement, call by value, and higher order programs. unpublished draft
 Formal Aspects of Computing
, 1995
"... higher types, lax exponent. Abstract. Using 2categorical laws of algorithmic refinement, we show soundness of data refinement for stored programs and hence for higher order procedures with value/result parameters. The refinement laws hold in a model that slightly generalizes the standard predicate ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
higher types, lax exponent. Abstract. Using 2categorical laws of algorithmic refinement, we show soundness of data refinement for stored programs and hence for higher order procedures with value/result parameters. The refinement laws hold in a model that slightly generalizes the standard predicate transformer semantics for the usual imperative programming constructs including prescriptions. 1.
Proof Tactics for a Theory of State Machines in a Graphical Environment
 In Proc. 14th Intenational Conference on Automated Deduction (CADE14), Lecture Notes in Artificial Intelligence
, 1997
"... . The state machine paradigm is a popular and convenient means for expressing designs of critical systems. State machines can be readily represented by transition graphs, thus enhancing human understanding of even quite complex problems. In the case of state machines, tracing a path through the ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
. The state machine paradigm is a popular and convenient means for expressing designs of critical systems. State machines can be readily represented by transition graphs, thus enhancing human understanding of even quite complex problems. In the case of state machines, tracing a path through the transition graph can represent a critical sequence in the execution of a machine. State machine notations are also amenable to formal treatment. A highlevel of assurance can be gained by a combination of both these aspects: a machinechecked, formal proof together with a higherlevel argument that can be understood by humans. This paper describes proof tactics that support reasoning about state machines at the level of diagrams and paths, and the construction of a corresponding formal proof. A tool, called Veracity [3], has been developed, which links these powerful proof tactics to a graphical userinterface. The proof tactics are implemented in Isabelle, and the paper discusses s...