Results 1  10
of
38
PROBABILISTIC PREDICATE TRANSFORMERS
, 1995
"... Predicate transformers facilitate reasoning about imperative programs, including those exhibiting demonic nondeterministic choice. Probabilistic predicate transformers extend that facility to programs containing probabilistic choice, so that one can in principle determine not only whether a program ..."
Abstract

Cited by 129 (40 self)
 Add to MetaCart
Predicate transformers facilitate reasoning about imperative programs, including those exhibiting demonic nondeterministic choice. Probabilistic predicate transformers extend that facility to programs containing probabilistic choice, so that one can in principle determine not only whether a program is guaranteed to establish a certain result, but also its probability of doing so. We bring together independent work of Claire Jones and Jifeng He, showing how their constructions can be made to correspond � from that link between a predicatebased and a relationbased view of probabilistic execution we are able to propose `probabilistic healthiness conditions', generalising those of Dijkstra for ordinary predicate transformers. The associated calculus seems suitable for exploring further the rigorous derivation of imperative probabilistic programs.
A Study of The Fragile Base Class Problem
 IN EUROPEAN CONFERENCE ON OBJECTORIENTED PROGRAMMING
, 1998
"... In this paper we study the fragile base class problem. This problem occurs in open objectoriented systems employing code inheritance as an implementation reuse mechanism. System developers unaware of extensions to the system developed by its users may produce a seemingly acceptable revision of a ba ..."
Abstract

Cited by 57 (1 self)
 Add to MetaCart
(Show Context)
In this paper we study the fragile base class problem. This problem occurs in open objectoriented systems employing code inheritance as an implementation reuse mechanism. System developers unaware of extensions to the system developed by its users may produce a seemingly acceptable revision of a base class which may damage its extensions. The fragile
A MetaMethod for Formal Method Integration
 In Proc. Formal Methods Europe 1997, LNCS 1313
, 1997
"... We describe a metamethod for formal method integration [Pai97]. The approach is applied to combining formal methods with other formal and semiformal methods. We discuss the theory behind formal method integration, present two example combinations, and use an integrated method in solving a small pro ..."
Abstract

Cited by 31 (15 self)
 Add to MetaCart
(Show Context)
We describe a metamethod for formal method integration [Pai97]. The approach is applied to combining formal methods with other formal and semiformal methods. We discuss the theory behind formal method integration, present two example combinations, and use an integrated method in solving a small problem.
Procedures and Invariants in the Refinement Calculus
 Science of Computer Programming
, 1994
"... Invariants allow a rigorous treatment of types as sets in the refinement calculus, a method for developing imperative programs. The interaction of procedures and invariants is explored, resulting in a practical formalisation of existing programming practice. 1 Introduction The notion of local invar ..."
Abstract

Cited by 20 (1 self)
 Add to MetaCart
Invariants allow a rigorous treatment of types as sets in the refinement calculus, a method for developing imperative programs. The interaction of procedures and invariants is explored, resulting in a practical formalisation of existing programming practice. 1 Introduction The notion of local invariants [9] was introduced to give rigorous treatment to types in the refinement calculus [7, 6, 8, 10]. Typing is a special kind of invariant. For example, in the scope of the declaration n : N, which introduces a new local variable n of type N (the natural numbers), the invariant is n 2 N, and all commands preserve it. The exploration [9] of the interaction between invariants and statements of a simple languageDijkstra's language [2] with extensionsconsidered only language constructs including assignment, iteration, selection and recursion. We extend that work by examining a more complex language structure: the procedure. Although this paper deals only with parameterless procedures, th...
Specification and Refinement of Finite Dataflow Networks  a Relational Approach
 Proc. FTRTFT'94, LNCS 863
, 1994
"... We specify the black box behavior of dataflow components by characterizing the relation between their input and their output histories. We distinguish between three main classes of such specifications, namely time independent specifications, weakly time dependent specifications and strongly time d ..."
Abstract

Cited by 18 (6 self)
 Add to MetaCart
We specify the black box behavior of dataflow components by characterizing the relation between their input and their output histories. We distinguish between three main classes of such specifications, namely time independent specifications, weakly time dependent specifications and strongly time dependent specifications. Dataflow components are semantically modeled by sets of timed stream processing functions. Specifications describe such sets by logical formulas. We emphasize the treatment of the wellknown fair merge problem and the Brock/Ackermann anomaly. We give refinement rules which allow specifications to be decomposed modulo a feedback operator.
A Tool for Data Refinement
, 1997
"... We describe a tool for data refinement based on the Refinement Calculator. The tool supports the calculational approach to data refinement. As a consequence of the program calculation, a refinement theorem is automatically derived. The operation of the tool is illustrated with a case study. ..."
Abstract

Cited by 14 (3 self)
 Add to MetaCart
We describe a tool for data refinement based on the Refinement Calculator. The tool supports the calculational approach to data refinement. As a consequence of the program calculation, a refinement theorem is automatically derived. The operation of the tool is illustrated with a case study.
From Kleene Algebra to Refinement Algebra
, 2002
"... KAT (Kleene Algebra with Tests) have proved to be useful for reasoning about programs in a partial correctness framework. We describe DRA (demonic Refinement Algebra), a variation of KAT for total correctness and illustrate its modeling and reasoning power with a number of applications and examples. ..."
Abstract

Cited by 12 (0 self)
 Add to MetaCart
KAT (Kleene Algebra with Tests) have proved to be useful for reasoning about programs in a partial correctness framework. We describe DRA (demonic Refinement Algebra), a variation of KAT for total correctness and illustrate its modeling and reasoning power with a number of applications and examples.
User Interface Languages: A Survey of Existing Methods
, 1989
"... This report gives a survey of user interface languages and formal representations of user interfaces. The following aspects of User Interface Languages are considered: ffl expressiveness ffl readability ffl evaluation (is it possible to evaluate the ergonomic and functional quality of the user in ..."
Abstract

Cited by 10 (4 self)
 Add to MetaCart
This report gives a survey of user interface languages and formal representations of user interfaces. The following aspects of User Interface Languages are considered: ffl expressiveness ffl readability ffl evaluation (is it possible to evaluate the ergonomic and functional quality of the user interface from the representation) ffl manipulation ffl compilation/interpretation ffl possibility to include knowledge representation.
Developing Components in the Presence of Reentrance
, 1999
"... Independent development of components according to their specifications is complicated by the fact that a thread of control can exit and reenter the same component. This kind of reentrance may cause problems as the internal representation of a component can be observed in an inconsistent state. We ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
(Show Context)
Independent development of components according to their specifications is complicated by the fact that a thread of control can exit and reenter the same component. This kind of reentrance may cause problems as the internal representation of a component can be observed in an inconsistent state. We argue that the adhoc reasoning used in establishing conformance of components to their specifications that intuitively appears to be correct does not account for the presence of reentrance. Such reasoning leads to a conflict between assumptions that component developers make about the behaviour of components in a system, resulting in the component reentrance problem. We formulate the modular reasoning property that captures the process of independent component development and introduce two requirements that must be imposed to avoid the reentrance problem. Then we define a customised theory of components, component systems, and component refinement which models the process of component d...
Formal Specifications in Software Maintenance: From code to Z++ and back again
 INFORMATION AND SOFTWARE TECHNOLOGY
, 1993
"... This paper presents a number of techniques that have been developed as components of the software maintenance process as part of the ESPRIT REDO project. These techniques are all based on formal methods, and the work described has provided the mathematical underpinning to a large collaborative proje ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
This paper presents a number of techniques that have been developed as components of the software maintenance process as part of the ESPRIT REDO project. These techniques are all based on formal methods, and the work described has provided the mathematical underpinning to a large collaborative project that has been investigating various aspects of software maintenance. The focus of the project has been on reverse engineering, and methods for this part of the maintenance process are reported on here, along with techniques for subsequent reengineering. A proposal for specificationoriented software maintenance is presented, in which specifications in an objectoriented extension of the formal notation Z are maintained in step with the