A framework is developed for studying the implementation process, as a stepwise process in which an abstract specification is successively transformed to reach a final compilable specification adapted to the computer environment. In this context, an implementation relation is referred to as the relation which should link any "valid" implementation to its abstract formal specification. In other words, the implementation relation is intended to express formally the notion of validity. Our framework allows the exact characterization of the transformations which may take place at each step for a given implementation relation. This framework is essential for dealing with non-transitive implementation relations. In the second part of the paper, these results are exemplified in LOTOS on some existing relations, and an apparent paradox is presented. Some new results about these relations are also derived. Keywords LOTOS, implementation relation, refinement, implementation process, transforma...

Abstract not found

This paper treats a probabilistic version of (a subset of) the process algebra LOTOS. It incorporates a probabilistic choice assigning a probability of occurrence to each of its alternatives. Opposed to the traditional interleaving semantics used for existing probabilistic process algebras the presented language is based on a true concurrency semantics. This enables us to distinguish between nondeterminism and parallelism, to reduce the state explosion problem and, moreover, to analyse part of the system without considering other (irrelevant) parts. In this paper the language is presented and the formal semantics is defined by using an extension of bundle event structures. A short example illustrates the novelties of the language and links the language to stochastic analysis based on semi-Markov chains.

A general approach for defining behavioural preorders over process terms as the maximal pre--congruences induced by basic observables is examined. Three different observables, that provide information about the initial communication capabilities of processes and about the possibility that processes get engaged in divergent computations, will be considered. We show that the pre--congruences induced by our basic observables coincide with intuitive and/or widely studied behavioural preorders. In particular, we retrieve in our setting the must preorder of De Nicola and Hennessy and the fair/should preorder introduced by Cleaveland and Natarajan and by Brinksma, Rensink and Vogler. A new form of testing preorder, which we call safe--must, also emerges. The alternative characterizations we offer shed light on the differences between these preorders, and on the role played in their definition by tests for divergence. 1 Introduction In the classical theory of functional programming, the point...

In this paper the notion of action atomicity is relaxed by permitting actions to be observed in the middle of their evolution. Non atomic semantic equivalences, based on the notion of bisimulation, are studied over stable event structures. Splitn bisimulation equivalence (denoted n ¸) considers each event as composed of n phases. ST bisimulation equivalence (denoted ST ¸ ) is a slight refinement of 2 ¸ where each ending phase is unambiguously associated to a beginning phase. We prove that, by increasing n, we get finer and finer equivalences (i.e. n+1 ¸ ` n ¸) and, moreover, that n+1 ¸ coincides with ST ¸ over those event structures whose autoconcurrency is at most n. The main consequence of these results is that, for image finite event structures, ST ¸ is the intersection of all the n ¸. 1 Introduction Most of the behavioural equivalences for concurrent systems are usually based on the assumption that the execution of an action is an atomic activity which cannot b...

We study both the expressive and the distinguishing powers of at temporal logics. These are fragments obtained by restricting the rst argument of the Until operator to propositional formulae. Both the linear-time and the branching-time cases are considered. Keywords: temporal logic, LTL, CTL, expressiveness, bisimulation 1 Introduction Temporal logic lies at the basis of several specication formalisms that are widely used in practice. For a large part, this acceptance stems from the availability of software tools for automated verication, that allow to prove or disprove the satisfaction of a temporal property interpreted over a model of the system under consideration. Model checking is such an approach, that has proven successful in the debugging and verication of hardware circuitry and communication protocols for example. Being based on an exhaustive inspection of the state space of the model, the scalability of model checking is limited, which is referred to as the state expl...

This paper presents a testing-based semantic theory for reasoning about the efficiency of concurrent systems as measured in terms of the amount of their internal activity. The semantic preorders are given an algebraic characterization, and their optimality is established by means of a full abstractness result. They are also shown to subsume existing bisimulation-based efficiency preorders. An example is provided to illustrate the utility of this approach. 1. Introduction Process algebras [12, 10, 3] have attracted substantial attention over the past decade and a half as frameworks for system verification. A hallmark of these theories is the development of behavioral equivalences and preorders that relate systems on the basis of their extensional behavior. In these frameworks, specifications are usually given as "highlevel " systems; to prove a system meets such a specification, one shows that they are related appropriately by such a behavioral relation. When the behavioral relation is...

This paper addresses the subject of linking functional specifications to performance analysis in a process algebraic context. It presents a timed, probabilistic extension of a process algebraic formalism and its application to performance analysis. More specifically, an extension of a subset of LOTOS is presented equipped with a truly concurrent semantical model based on bundle event structures. It is investigated how semi-Markov chains can be obtained from functional specifications using this semantical model. The use of a true concurrency model enables us to distinguish between non-determinism and parallelism, to reduce the state explosion problem and, moreover, to analyse part of the system without considering other (irrelevant) parts. An example illustrates the proposed approach. 1 Introduction The study of formal methods for the specification, design, and analysis of distributed systems has been an important research topic over the past decade. Initially, the research in this ar...

We prove that testing preorder of De Nicola and Hennessy is preserved by all operators of De Simone process languages. Building upon this result we propose an algorithm for generating axiomatisations of testing preorder for arbitrary De Simone process languages. The axiom systems produced by our algorithm are finite and complete for processes with nite behaviour. In order to achieve completeness for a subclass of processes with infiite behaviour we use one infinitary induction rule. The usefulness of our results is illustrated in specification and verification of small concurrent systems, where suspension, resumption and alternation of execution of component systems occur. We argue that better speci cations can be written in customised De Simone process languages, which contain both the standard operators as well as new De Simone operators that are specifically tailored for the task in hand. Moreover, the automatically generated axiom systems for such specification languages make the verification more straightforward.

Spin is a general verification tool for proving correctness properties of concurrent/distributed systems specified in the CSP-like modeling language PROMELA. We extend PROMELA's syntax to differentiate between external and internal transitions in a given model and the SPIN tool with the ability to verify a particular class of semantic relations between two PROMELA models. This document describes this extension and gives an overview of the relevant theoretical foundations.