GenVoca generators synthesize software systems by composing components from reuse libraries. Although GenVoca components can be composed in a vast number of ways, not all compositions are correct. In this paper, we present a model for validating component compositions. The model is based on attribute grammars and provides a powerful debugging capability of explanation-based error reporting. We demonstrate our results with examples from a GenVoca generator for container data structures. Keywords: software architectures, software system generators, attribute grammars, domain models, GenVoca, software components, explanation-based error reporting. 1 Introduction Software component technologies will play an important role in future software development. Examples of today's componentry include Unix file filters and Visual Basic custom controls (VBXes) [Ude94]. Support for componentry in distributed environments is under development: the Object Management Group's CORBA (Common Object Reque...

: Hyperprogramming is an emerging semantics-based technique for the integration of diverse features of programming environments, in particular, rapid prototyping and formal methods. This approach generalizes the notion of module to that of module cluster , which is an association around a central formal specification of various items of programming information, such as interface, source code, compiled code, rapid prototypes, formal proofs, test cases, performance estimates, documentation, history and accounting information. This allows all information items to be composed at the same time, by evaluating a master text called a module expression, which tells how to compose and transform module clusters. Hyperprogramming thus integrates design, specification, prototyping, coding, configuration, proof, testing, documentation and accounting into a single framework significantly generalizing both Ada generics and Unix 1 make. Hyperprogramming can also support a variety of different progra...

In this chapter we present some basic concepts and results of the theory of institutions, introduced by Goguen and Burstall to formally capture the informal notion of a logical system viewed from a model-theoretic perspective. We also sketch some possibilities of linking this to more proof-oriented concepts. We argue that the theory of institutions provides an appropriate framework for much of the work on formal software specification and development, as presented in this volume. Many standard logical systems used in particular versions of the algebraic specification paradigm may be viewed as institutions; some examples are given explicitly here, some others are hinted at. Developing (as much as possible) the ideas common to different versions of the algebraic specification paradigm in the framework of an arbitrary institution, and in particular providing a theory of formal specification and software development parameterized by an arbitrary institution rather than having a particular logical system built in, should be beneficial both by helping to avoid repetitious work and by bringing the concepts and results to an

This paper discusses an approach to software architecture based on concepts from parameterized programming, particularly its language of "module expressions." A module expression describes the architecture of a system as an interconnection of component modules, and executing the expression actually builds the system. Language features include: modules parameterized by theories, which declare interfaces; a number of module composition operations; views for binding modules to interfaces; and both vertical and horizontal composition. Modules may involve information hiding, theories may declare semantic restrictions with axioms, and views assert behavioral satisfaction of axioms by a module. Some "laws of software composition" are given, showing how various module composition operations are related. We also show how a variety of architectural styles can be supported, and how this approach can be extended to support evolution and traceability. All this is intended to ease the development of large systems, and in particular, to make reuse more effective in practice.

This document describes FOOPS, an object-oriented specification language with an executable subset. The main distinguishing aspect of FOOPS is its advanced facilities for defining and interconnecting modules, which go beyond what other object-oriented languages offer. We present all the language features, explain their formal semantics, and provide a guide to its current implementation at Oxford. Further copies of this Technical Report may be obtained from the Librarian, Oxford University Computing Laboratory, Programming Research Group, 11 Keble Road, Oxford OX1 3QD, England (Telephone: +44-865-273837, Email: library@comlab.ox.ac.uk). y This work was performed while on leave from Dipartimento di Scienze dell'Informazione, Universit'a degli Studi di Milano, Italy. E-mail address: lucia.rapanotti@newcastle.ac.uk. z E-mail address: Adolfo.Socorro@prg.oxford.ac.uk. 1 Introduction This document describes FOOPS and its current implementation at Oxford University. FOOPS is a very hi...

We examine a variety of liberal logical frameworks of partial algebras. Therefore we use simple, conjunctive and weak embeddings of institutions which preserve model categories and may map sentences to sentences, finite sets of sentences, or theory extensions using unique existential quantifiers, respectively. They faithfully represent theories, model categories, theory morphisms, colimit of theories, reducts etc. Moreover, along simple and conjunctive embeddings, theorem provers can be re-used in a way that soundness and completeness is preserved. Our main result states the equivalence of all the logical frameworks with respect to weak embeddability. This gives us compilers between all frameworks. Thus it is a chance to unify the different branches of specification using liberal partial logics. This is important for reaching the goal of formal interoperability of different specification languages for software development. With formal interoperability, a specification can contain part...

this paper, so we leave them out here. Thus we can apply the idea of combining things via colimits to institutions themselves, with the special point that we have to take limits here instead of colimits. Taking limits in CAT results in categories of "amalgamated objects", i. e. we put signatures and models together at the level of single objects. In contrast to this, sentences are combined with colimits in Set (due to the contravariant direction of the sentence component). That is, sets of sentences are combined. To show how this works, we introduce some well-known institutions and morphisms between them.

We describe the formal environment at Kestrel for synthesizing programs. We show that straightforward formalization, persistently applied at all levels of system description and system derivation, produces a scalable architecture for a synthesis environment. The primitive building blocks of our framework are specifications, which encapsulate types and operations, and specification arrows, which are relations between specifications. The design of a system is represented as a diagram of specifications and arrows. Synthesis steps manipulate such diagrams, for example, by adding design detail to some specification, or by building new diagrams. A design history is a diagram of diagrams. Thus, we have a formal, knowledge-based, and machine-supported counterpart to such software engineering methodologies as CASE and OOP. 1 Introduction At the heart of the software problem lies the lack of adequate means to express and manage (1) clear, wellstructured problem specifications, (2) efficient sof...

The purpose of a logical framework such as LF is to provide a language for defining logical systems suitable for use in a logic-independent proof development environment. All inferential activity in an object logic (in particular, proof search) is to be conducted in the logical framework via the representation of that logic in the framework. An important tool for controlling search in an object logic, the need for which is motivated by the difficulty of reasoning about large and complex systems, is the use of structured theory presentations. In this paper a rudimentary language of structured theory presentations is presented, and the use of this structure in proof search for an arbitrary object logic is explored. The behaviour of structured theory presentations under representation in a logical framework is studied, focusing on the problem of "lifting" presentations from the object logic to the metalogic of the framework. The topic of imposing structure on logic presentations...

The Knowledge-based Software Assistant, as proposed in Green et al. (1986), was conceived as an integrated knowledge-based system to support all aspects of the software life cycle. Such an assistant would support specification-based software development: Programs would be written in an executable specification language from which efficient implementations would mechanically be derived. A number of systems have since been developed, each providing assistance for individual software activities. This chapter describes research conducted in the course of developing two of these systems. The first, the Knowledge-based Specification Assistant (KBSA Project 1988; Johnson 1988), was specifically aimed at supporting the evolutionary development of specifications. The second project, ARIES (acquisition of requirements and incremental evolution into specifications), is currently under way. It provides integrated support for both requirement analysis and specification development. ARIES is jointly being developed with Lockheed Sanders. The original project report anticipated that specifications would evolve but did not describe the mechanism for such evolution. In part as a result of the work on the Specification Assistant, the current vision of an ultimate Knowledge-based Software Assistant embraces the notion of a formalized specification development process (Elefante 1989). In our approach, a description of the