Results 1  10
of
10
Using the Refinement Calculus for Dataflow Processes
 IN PROC. SECOND AUSTRALASIAN REFINEMENT WORKSHOP
, 1994
"... The refinement calculus, based on predicate transformer semantics, is proving useful in the construction of sequential programs. It is argued that the refinement calculus provides a suitable development formalism for (possibly realtime) dataflowlike processes. Conventional precondition and pos ..."
Abstract

Cited by 16 (2 self)
 Add to MetaCart
The refinement calculus, based on predicate transformer semantics, is proving useful in the construction of sequential programs. It is argued that the refinement calculus provides a suitable development formalism for (possibly realtime) dataflowlike processes. Conventional precondition and postcondition specifications of sequential programs are generalised to assumption and effect specifications of processes. Such specifications may be given predicate transformer semantics and then formally refined to implementations in much the same way as precondition and postcondition specifications of sequential programs. A minimal collection of dataflowprocess operators and associated refinement laws is considered. Small examples of dataflowprocess development are presented to demonstrate the utility of the approach. The compositionality of the approach is considered in detail.
Formal Method Integration via Heterogeneous Notations
, 1997
"... Method integration is the procedure of combining multiple methods to form a new technique. In the context of software engineering, this can involve combining specification techniques, rules and guidelines for design and implementation, and sequences of steps for managing an entire development. In cu ..."
Abstract

Cited by 15 (9 self)
 Add to MetaCart
Method integration is the procedure of combining multiple methods to form a new technique. In the context of software engineering, this can involve combining specification techniques, rules and guidelines for design and implementation, and sequences of steps for managing an entire development. In current practice, method integration is often an adhoc process, where links between methods are defined on a casebycase basis. In this dissertation, we examine an approach to formal method integration based on socalled heterogeneous notations: compositions of compatible notations. We set up a basis that can be used to formally define the meaning of compositions of formal and semiformal notations. Then, we examine how this basis can be used in combining methods used for system specification, design, and implementation. We demonst...
The essence of monotonic state
, 2009
"... We extend a static typeandcapability system with new mechanisms for expressing the promise that a certain abstract value evolves monotonically with time; for enforcing this promise; and for taking advantage of this promise to establish nontrivial properties of programs. These mechanisms are inde ..."
Abstract

Cited by 14 (4 self)
 Add to MetaCart
We extend a static typeandcapability system with new mechanisms for expressing the promise that a certain abstract value evolves monotonically with time; for enforcing this promise; and for taking advantage of this promise to establish nontrivial properties of programs. These mechanisms are independent of the treatment of mutable state, but combine with it to offer a flexible account of “monotonic state”. To demonstrate their use, we present a simple yet challenging example, namely monotonic integer counters. We then show how an implementation of thunks in terms of references can be assigned types that reflect time complexity properties, in the style of Danielsson (2008). This offers a foundational explanation of Danielsson’s system and, at the same time, extends it to a calculus with mutable state. Last, we sketch an application to hashconsing.
A Comparison of Additivity Axioms in Timed Transition Systems
, 1993
"... This paper discusses some axioms from the literature which have been used to define properties of timed transition systems. The additivity axiom proposed by (amongst others) Wang, and Nicollin and Sifakis is compared with the trajectory axiom of Lynch and Vaandrager. Some conditions for an additive ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
This paper discusses some axioms from the literature which have been used to define properties of timed transition systems. The additivity axiom proposed by (amongst others) Wang, and Nicollin and Sifakis is compared with the trajectory axiom of Lynch and Vaandrager. Some conditions for an additive transition system to be trajectoried are discussed. These are proved sufficient by using some simple terminology from category theory to show how this problem about timed transition systems can be turned into an equivalent problem about monotone functions on partially ordered sets. We also discuss trajectory (bi)simulation, which is a variant of HoStuart's path bisimulation, and use similar techniques to discuss when (bi)simulation is equivalent to trajectory (bi)simulation.
Predicative Semantics of Loops
, 1997
"... A predicative semantics is a mapping of programs to predicates. These predicates characterize sets of acceptable observations. The presence of time in the observations makes the obvious weakest fixedpoint semantics of iterative constructs unacceptable. This paper proposes an alternative. We will se ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
A predicative semantics is a mapping of programs to predicates. These predicates characterize sets of acceptable observations. The presence of time in the observations makes the obvious weakest fixedpoint semantics of iterative constructs unacceptable. This paper proposes an alternative. We will see that this alternative semantics is monotone and implementable (feasible). Finally a programming theorem for iterative constructs is proposed, proved, and demonstrated. A novel aspect of this theorem is that it is not based on invariants. Keywords Predicative semantics, fixedpoint semantics, recursion, loops, refinement calculi. 0 FORMALIZATION 0.0 Specifications and refinement Define xnat as the set of all natural numbers (nat) joined with an additional object 1. We will suppose the following properties of 1: it is larger than any natural number; 1 + i = 1 \Gamma i = 1; for all natural numbers i; and 1 \Gamma 1 = 0. I will use a `batch' model for specifications borrowed, in most res...
Diagrammatic Representations in DomainSpecific Languages
, 2000
"... One emerging approach to reducing the labour and costs of software development favours the specialisation of techniques to particular application domains. The rationale is that programs within a given domain often share enough common features and assumptions to enable the incorporation of substantia ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
One emerging approach to reducing the labour and costs of software development favours the specialisation of techniques to particular application domains. The rationale is that programs within a given domain often share enough common features and assumptions to enable the incorporation of substantial support mechanisms into domainspecific programming languages and associated tools. Instead of being machineoriented, algorithmic implementations, programs in many domainspecific languages (DSLs) are rather userlevel, problemoriented specifications of solutions. Taken further, this view suggests that the most appropriate representation of programs in many domains is diagrammatic, in a way which derives from existing design notations in the domain. This thesis conducts an investigation, using mathematical techniques and supported by case studies, of issues arising from the use of diagrammatic representations in DSLs. Its structure is conceptually divided into two parts: the first is co...
Specification and Refinement using a Heterogeneous Notation for Concurrency and Communication
, 1998
"... It is shown how to combine the Z formal specification notation with a predicative notation so as to be able to specify and reason about concurrency and communication. The integration is carried out so as to alleviate some of the limitations noted with previous integration approaches, such as the ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
It is shown how to combine the Z formal specification notation with a predicative notation so as to be able to specify and reason about concurrency and communication. The integration is carried out so as to alleviate some of the limitations noted with previous integration approaches, such as the inability to use Z proof rules and tools with the integrated notation. In the process, it is demonstrated that it is not necessary to combine Z with a very different behavioural formalism in order to reason about concurrency. 1 Introduction The Z notation [15] has proven to be useful and appropriate for specifying and reasoning about sequential software and hardware systems. The strengths of Z include its ability to construct specifications by parts, its growing tool support, and its proof system. Recent work on Z has studied its application to concurrent systems.Inthis growing body of work, there are two general classes of approaches: 1. Extension approaches, which apply Z, perhaps w...
Specification and Renement using a Heterogeneous Notation for RealTime, Concurrency, and Communication
, 1998
"... . It is shown how to combine the Z formal specification notation [18] with a predicative notation [11], so as to be able to specify and reason about realtime, concurrency, and communication. The integration is carried out so as to alleviate some of the deficiencies noted with these approaches [5], ..."
Abstract
 Add to MetaCart
. It is shown how to combine the Z formal specification notation [18] with a predicative notation [11], so as to be able to specify and reason about realtime, concurrency, and communication. The integration is carried out so as to alleviate some of the deficiencies noted with these approaches [5], such as the inability to use Z proof rules and tools. We demonstrate how to carry out refinement in a number of small examples of writing and refining heterogeneous specifications of concurrency and communication. 1 Introduction The Z notation [18] has proven to be useful and appropriate for specifying and reasoning about sequential software and hardware systems. The strengths of Z include its ability to construct specifications by parts, its growing tool support, and its proof system. Recent work on Z has studied its application to concurrent systems. In this growing body of work, there are two general classes of approaches: 1. Extension approaches, which apply Z, perhaps with some s...
Specification and Refinement using a Heterogeneous Notation for RealTime, Concurrency, and Communication
, 1998
"... It is shown how to combine the Z formal specification notation [18] with a predicative notation [11], so as to be able to specify and reason about realtime, concurrency, and communication. The integration is carried out so as to alleviate some of the deficiencies noted with these approaches [5], su ..."
Abstract
 Add to MetaCart
It is shown how to combine the Z formal specification notation [18] with a predicative notation [11], so as to be able to specify and reason about realtime, concurrency, and communication. The integration is carried out so as to alleviate some of the deficiencies noted with these approaches [5], such as the inability to use Z proof rules and tools. We demonstrate how to carry out refinement in a number of small examples of writing and refining heterogeneous specifications of concurrency and communication.
Languages, Theory
"... We extend a static typeandcapability system with new mechanisms for expressing the promise that a certain abstract value evolves monotonically with time; for enforcing this promise; and for taking advantage of this promise to establish nontrivial properties of programs. These mechanisms are indep ..."
Abstract
 Add to MetaCart
We extend a static typeandcapability system with new mechanisms for expressing the promise that a certain abstract value evolves monotonically with time; for enforcing this promise; and for taking advantage of this promise to establish nontrivial properties of programs. These mechanisms are independent of the treatment of mutable state, but combine with it to offer a flexible account of “monotonic state”. We apply these mechanisms to solve two reasoning challenges that involve mutable state. First, we show how an implementation of thunks in terms of references can be assigned types that reflect time complexity properties, in the style of Danielsson (2008). Second, we show how an implementation of hashconsing can be assigned a specification that conceals the existence of an internal state yet guarantees that two pieces of input data receive the same code if and only if they are equal.