The B-Method is a method for the stepwise derivation of sequential programs. In this paper we show how the B-Method can be used for designing distributed systems by embedding action systems within this method. The action system formalism is designed for the construction of parallel and distributed systems in a stepwise manner within the refinement calculus. We describe how action systems are written in B AMN. We also show the correspondence between refinement rules for action systems and the proof obligations generated in the B-Method. Furthermore, we propose an extension of the B-Method to cover parallel and distributed systems. Familiarity with B AMN is assumed.

We extend the action system formalism with a notion of objects that can be active and distributed. With this extension we can model class-based systems as action systems. Moreover, as the introduced constructs can be translated into ordinary action systems, we can use the theory developed for action systems, especially the refinement calculus, even for class-based systems. We show how inheritance can be modelled in different ways via class refinement. Re ning a class with an other class within the refinement calculus ensures that the original behavior of the class is maintained throughout the refinements. Finally, weshowhow to reuse proofs and entire class modules in a refinement step.

Program refinement usually translates an abstract specification to a highlevel language program. However, this process can be taken further by refining a high-level language `specification' to an assembler code `implementation '. It is shown how this can be done in the familiar refinement calculus framework. Several derived refinement rules for modelling program compilation are presented. Keywords: Program refinement; compilation; action systems 1 Introduction Compilation of high-level language programs to assembler code is among the oldest and most well-explored technologies in computer programming. Nevertheless, stories of production compilers containing bugs abound! Often this is merely an annoyance, but in safety-critical applications the danger of unknown compilation errors is unacceptable. One solution to this is to develop a verified, trustworthy compilation strategy for a simplified programming language. Such a strategy can then be used as a basis for either (directly)...

. Action systems are a formalism for representing concurrent behaviours, based on interleaved atomic actions. We show how this model can be used to represent time-consuming, pre-emptible actions with real-time constraints. A development procedure is described which captures the steps programmers typically undertake in the design of real-time multi-tasking systems. 1. Introduction Many approaches to modelling real-time systems have been proposed in recent years. However, for simplicity, most make unrealistic assumptions such as `maximal parallelism' and `instantaneous' actions. Such models are inadequate for representing the practical problems that programmers actually face when developing real-time systems using priority-driven, pre-emptive task scheduling. Action systems [Bac92] are an attractive formalism for modelling concurrent systems. They extend the familiar notion of sequential state machines into the realm of concurrent systems by allowing independent atomic actions to be i...

. Action systems is a formalism designed for the construction of parallel and distributed systems in a stepwise manner within the refinement calculus. In this paper we show how action systems can be derived and refined within a mechanical proof tool, the B-Tool. We describe how action systems are embedded in B-Tool. Due to this embedding we can now develop parallel and distributed systems within the B-Tool. We also show how a typical and nontrivial refinement rule, the superposition refinement rule, is formalized and applied on action systems within B-Tool. A derivation towards a distributed load balancing algorithm is given as a case study. 1 Introduction Action systems are used to construct parallel and distributed systems in a stepwise manner as described by Back et al. [2, 4]. They are often developed using a poweful program modularization and structuring method called superposition [7, 9, 2]. In superposition some new functionality is added to an algorithm in the form of additio...

The OO-action systems formalism is a recent extension of action systems towards object-orientation. An OO-action system models an object-oriented system with active objects. In this paper we make the notion of a distributed object clear within this framework. Moreover, we show how object-based distributed systems are designed stepwise within a formal framework, the re nement calculus.

Superposition is a program modularization and structuring method for developing parallel and distributed systems by adding new functionality to an algorithm while the original computation is preserved. We useaction systems as a formalism for the construction of distributed systems in a stepwise manner within the re nement calculus. The superposition method has been formalized as a program re nement rule for action systems within this calculus. In this paper we derivea distributed load balancing algorithm of Hofstee et al. [8, 7] using the superposition method. We hereby want tocheck ifwe can use superposition as a general formalism for developing distributed systems. 1

Action systems have been used successfully to describe discrete systems, i.e. systems with discrete control acting upon a discrete state space. In this paper we define continuous action systems, which extend the action system approach to hybrid systems, i.e. systems with discrete control over continuously evolving processes. The meaning of continuous action systems is defined in terms of traditional (discrete) action systems. Properties of continuous action systems are proved using standard action system proof techniques. Continuous action systems are very general, and can be used to describe a diverse range of hybrid systems. We describe the essential notions of continuous action systems and illustrate the framework by a collection of examples.

In several state-based approaches to distributed computing, e.g., action systems, or UNITY, the computing nodes are commonly left unspecified or implicit. For instance, an action system comes with an informal description on how the system is supposed to be mapped into the network. The purpose of this paper is to make this mapping explicit so that, e.g., in the action system formalism we are provided with means on the language level to reason about the location of a system in a network. Hence, we define the notion of a topological action system that carries with it information about its location within the network. The action system itself can model some active execution or merely a repository of data or any combination of these. We also show how our approach leads to action systems with data and/or code mobility. Keywords: Distributed computing, Location-aware systems, Mobility, Dynamic binding, Action systems. TUCS Research Group Programming Methodology Group 1 Introduction Distri...

. This paper describes a design technique for interactive systems that allows designs to be specified and refined formally, using a notation based on Action Systems. The rationale underlying the choices made by designers is recorded in a style based on the "Questions, Options, Criteria" notation. The means of capturing formal specifications and the reasoning behind design decisions are presented as parts of a uniform framework; a formal account is given of how design options satisfy criteria and how design options can be combined to answer larger design questions. 1 Introduction The use of formal specification techniques and development methods has been widely advocated as a means of meeting the levels of integrity demanded of computer-based systems. For many interactive systems, the satisfaction of overall objectives and requirements of functionality and dependability depends crucially on the system's usability. For this reason, formal specification and development techniques are mak...