Results 1 
7 of
7
Reasoning about Classes in ObjectOriented Languages: Logical Models and Tools
, 1998
"... A formal language ccsl is introduced for describing specifications of classes in objectoriented languages. We show how class specifications in ccsl can be translated into higher order logic. This allows us to reason about these specifications. In particular, it allows us (1) to describe (various) i ..."
Abstract

Cited by 35 (15 self)
 Add to MetaCart
A formal language ccsl is introduced for describing specifications of classes in objectoriented languages. We show how class specifications in ccsl can be translated into higher order logic. This allows us to reason about these specifications. In particular, it allows us (1) to describe (various) implementations of a particular class specification, (2) to develop the logical theory of a specific class specification, and (3) to establish refinements between two class specifications. We use the (dependently typed) higher order logic of the proofassistant pvs, so that we have extensive tool support for reasoning about class specifications. Moreover, we describe our own frontend tool to pvs, which generates from ccsl class specifications appropriate pvs theories and proofs of some elementary results.
Invariants, Bisimulations and the Correctness of Coalgebraic Refinements
 Techn. Rep. CSIR9704, Comput. Sci. Inst., Univ. of Nijmegen
, 1997
"... . Coalgebraic specifications are used to formally describe the behaviour of classes in objectoriented languages. In this paper, a general notion of refinement between two such coalgebraic specifications is defined, capturing the idea that one "concrete" class specification realises the be ..."
Abstract

Cited by 13 (4 self)
 Add to MetaCart
(Show Context)
. Coalgebraic specifications are used to formally describe the behaviour of classes in objectoriented languages. In this paper, a general notion of refinement between two such coalgebraic specifications is defined, capturing the idea that one "concrete" class specification realises the behaviour of the other, "abstract" class specification. Two (complete) prooftechniques are given to establish such refinements: one involving an invariant (a predicate that is closed under transitions) on the concrete class, and one involving a bisimulation (a relation that is closed under transitions) between the concrete and the abstract class. The latter can only be used if the abstract class is what we call totally specified. Parts of the underlying theory of invariants and bisimulations in a coalgebraic setting are included, involving least and greatest invariants and connections between invariants and bisimulations. Also, the proofprinciples are illustrated in examples (which are fully formalise...
Dialgebraic Specification and Modeling
"... corecursive functions COALGEBRA state model constructors destructors data model recursive functions reachable hidden abstraction observable hidden restriction congruences invariants visible abstraction ALGEBRA visible restriction!e Swinging Cube ..."
Abstract

Cited by 4 (4 self)
 Add to MetaCart
(Show Context)
corecursive functions COALGEBRA state model constructors destructors data model recursive functions reachable hidden abstraction observable hidden restriction congruences invariants visible abstraction ALGEBRA visible restriction!e Swinging Cube
Total correctness refinement for sequential reactive systems
 In proceedings of TPHOLs 2000. (13th International Conference on Theorem Proving in Higher Order Logics), number 1869 in LNCS
, 2000
"... Abstract. We introduce a coinductivelydefined refinement relation on sequential nondeterministic reactive systems that guarantees total correctness. It allows the more refined system to both have less nondeterminism in its outputs and to accept more inputs than the less refined system. Data reifi ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
(Show Context)
Abstract. We introduce a coinductivelydefined refinement relation on sequential nondeterministic reactive systems that guarantees total correctness. It allows the more refined system to both have less nondeterminism in its outputs and to accept more inputs than the less refined system. Data reification in VDM is a special case of this refinement. Systems are considered at what we have called fine and medium levels of granularity. At the finegrain level, a system’s internal computational steps are described. The finegrain level abstracts to a mediumgrain level where only input/output and termination behaviour is described. The refinement relation applies to medium grain systems. The main technical result of the paper is the proof that refinement is respected by contexts constructed from fine grain systems. In other words, we show that refinement is a precongruence. The development has been mechanized in PVS to support its use in case studies. 1