Results 1 
6 of
6
Operationallybased theories of program equivalence
 Semantics and Logics of Computation
, 1997
"... ..."
Derivation of Data Intensive Algorithms by Formal Transformation: The SchorrWaite Graph Marking Algorithm
, 1996
"... In this paper we consider a particular class of algorithms which present certain difficulties to formal verification. These are algorithms which use a single data structure for two or more purposes, which combine program control information with other data structures or which are developed as a comb ..."
Abstract

Cited by 36 (25 self)
 Add to MetaCart
In this paper we consider a particular class of algorithms which present certain difficulties to formal verification. These are algorithms which use a single data structure for two or more purposes, which combine program control information with other data structures or which are developed as a combination of a basic idea with an implementation technique. Our approach is based on applying proven semanticspreserving transformation rules in a wide spectrum language. Starting with a set theoretical specification of "reachability" we are able to derive iterative and recursive graph marking algorithms using the "pointer switching" idea of Schorr and Waite. There have been several proofs of correctness of the SchorrWaite algorithm, and a small number of transformational developments of the algorithm. The great advantage of our approach is that we can derive the algorithm from its specification using only generalpurpose transformational rules: without the need for complicated induction arg...
Foundations for a Practical Theory of Program Refinement and Transformation
, 1994
"... A wide spectrum language is presented, which is designed to facilitate the proof of the correctness of refinements and transformations. Two different proof methods are introduced and used to prove some fundamental transformations, including a general induction rule (Lemma 3.9) which enables transfor ..."
Abstract

Cited by 21 (14 self)
 Add to MetaCart
A wide spectrum language is presented, which is designed to facilitate the proof of the correctness of refinements and transformations. Two different proof methods are introduced and used to prove some fundamental transformations, including a general induction rule (Lemma 3.9) which enables transformations of recursive and iterative programs to be proved by induction on their finite truncations. A theorem for proving the correctness of recursive implementations is presented (Theorem 3.21), which provides a method for introducing a loop, without requiring the user to provide a loop invariant. A powerful, general purpose, transformation for removing or introducing recursion is described and used in a case study (Section 5) in which we take a small, but highly complex, program and apply formal transformations in order to uncover an abstract specification of the behaviour of the program. The transformation theory supports a transformation system, called FermaT, in which the applicability conditions of each transformation (and hence the correctness of the result) are mechanically verified. These results together considerably simplify the construction of viable program transformation tools; practical consequences are briefly discussed.
Formal Methods to Aid the Evolution of Software
 International Journal of Software Engineering and Knowledge Engineering
, 1995
"... There is a vast collection of operational software systems which are vitally important to their users, yet are becoming increasingly difficult to maintain, enhance and keep up to date with rapidly changing requirements. For many of these so called legacy systems the option of throwing the system awa ..."
Abstract

Cited by 17 (5 self)
 Add to MetaCart
There is a vast collection of operational software systems which are vitally important to their users, yet are becoming increasingly difficult to maintain, enhance and keep up to date with rapidly changing requirements. For many of these so called legacy systems the option of throwing the system away an rewriting it from scratch is not economically viable. Methods are therefore urgently required which enable these systems to evolve in a controlled manner. The approach described in this paper uses formal proven program transformations, which preserve or refine the semantics of a program while changing its form. These transformations are applied to restructure ans simplify the legacy systems and to extract higherlevel representations. By using an appropriate sequence of transformations, the extracted representation is guaranteed to be equivalent to the code. The method is based on a formal wide spectrum language, called WSL, with accompanying formal method. Over the last ten years we h...
NREVERSAL of Fortune  The Thermodynamics of Garbage Collection
 In ACM Sigplan Notices
, 1977
"... The need to reverse a computation arises in many contextsdebugging, editor undoing, optimistic concurrency undoing, speculative computation undoing, trace scheduling, exception handling undoing, database recovery, optimistic discrete event simulations, subjunctive computing, etc. The need to anal ..."
Abstract

Cited by 14 (0 self)
 Add to MetaCart
The need to reverse a computation arises in many contextsdebugging, editor undoing, optimistic concurrency undoing, speculative computation undoing, trace scheduling, exception handling undoing, database recovery, optimistic discrete event simulations, subjunctive computing, etc. The need to analyze a reversed computation arises in the context of static analysisliveness analysis, strictness analysis, type inference, etc. Traditional means for restoring a computation to a previous state involve checkpoints; checkpoints require time to copy, as well as space to store, the copied material. Traditional reverse abstract interpretation produces relatively poor information due to its inability to guess the previous values of assignedto variables. We propose an abstract computer model and a programming languageYLispwhose primitive operations are injective and hence reversible, thus allowing arbitrary undoing without the overheads of checkpointing. Such a computer can be built from reversible conservative logic circuits, with the serendipitous advantage of dissipating far less heat than traditional Boolean AND/OR/NOT circuits. Unlike functional languages, which have one "state " for all times, YLisp has at all times one "state", with unique predecessor and successor states. Compiling into a reversible pseudocode can have benefits even when targeting a traditional computer. Certain optimizations, e.g., updateinplace, and compiletime garbage collection may be more easily performed, because the
On the Origins of Bisimulation and
"... Bisimulation and bisimilarity are coinductive notions, and as such are intimately related to fixed points, in particular greatest fixed points. Therefore also the appearance of coinduction and fixed points is discussed, though in this case only within Computer Science. The paper ends with some histo ..."
Abstract
 Add to MetaCart
Bisimulation and bisimilarity are coinductive notions, and as such are intimately related to fixed points, in particular greatest fixed points. Therefore also the appearance of coinduction and fixed points is discussed, though in this case only within Computer Science. The paper ends with some historical remarks on the main fixedpoint theorems (such as KnasterTarski) that underpin the fixedpoint theory presented.