Results 11  20
of
244
Modular Correctness Proofs of Behavioural Implementations
, 1995
"... . We introduce a concept of behavioural implementation for algebraic specifications which is based on an indistinguishability relation (called behavioural equality). The central objective of this work is the investigation of proof rules that first allow us to establish the correctness of behavioural ..."
Abstract

Cited by 32 (13 self)
 Add to MetaCart
. We introduce a concept of behavioural implementation for algebraic specifications which is based on an indistinguishability relation (called behavioural equality). The central objective of this work is the investigation of proof rules that first allow us to establish the correctness of behavioural implementations in a modular (and stepwise) way and, moreover, are practicable enough to induce proof obligations that can be discharged with existing theorem provers. Under certain conditions our proof technique can also be applied for proving the correctness of implementations based on an abstraction equivalence between algebras in the sense of Sannella and Tarlecki. The whole approach is presented in the framework of total algebras and firstorder logic with equality. 1 Introduction Algebraic specification techniques allow one to formalize correctness notions for program development steps. Thereby an important role is played by observability concepts since it is often essential to abst...
Horizontal and Vertical Structuring of Typed Graph Transformation Systems
, 1996
"... this paper we concentrate on structuring and refinement concepts for graph transformation systems. Conceptually, we distinguish between two kinds of structuring. We speak of horizontal structuring if a large specification is obtained by combining and modifying smaller ones, possibly sharing some com ..."
Abstract

Cited by 31 (18 self)
 Add to MetaCart
this paper we concentrate on structuring and refinement concepts for graph transformation systems. Conceptually, we distinguish between two kinds of structuring. We speak of horizontal structuring if a large specification is obtained by combining and modifying smaller ones, possibly sharing some common parts. Instead, if we consider the relationship between a more abstract and a more concrete version of the same specification, or between a specification and its implementation, we speak of vertical structuring.
Abstract datatypes in PVS
 C.S. Lab., SRI International
, 1993
"... under contract NAS 118969 ..."
Modet: Report on the Larch Shared Language, Version 2.3
, 1990
"... work may not be copied or reproduced in whole or in part for any commercial purpose. ..."
Abstract

Cited by 28 (1 self)
 Add to MetaCart
work may not be copied or reproduced in whole or in part for any commercial purpose.
Local Specification of Distributed Families of Sequential Objects
 Recent Trends in Data Types Specification, Proc. 10th Workshop on Specification of Abstract Data Types joint with the 5th COMPASS Workshop, S.Margherita, Italy, May/June 1994, Selected papers
, 1995
"... . Fully concurrent models of distributed object systems are specified using linear temporal logic that does not per se cope with concurrency. This is achieved by employing the principle of local sequentiality: we specify from local viewpoints assuming that there is no intraobject concurrency but ful ..."
Abstract

Cited by 28 (11 self)
 Add to MetaCart
. Fully concurrent models of distributed object systems are specified using linear temporal logic that does not per se cope with concurrency. This is achieved by employing the principle of local sequentiality: we specify from local viewpoints assuming that there is no intraobject concurrency but full interobject concurrency. Local formulae are labelled by identity terms. For interaction, objects may refer to actions of other objects, e.g., calling them to happen synchronously. A locality predicate allows for making local statements about other objects. The interpretation structures are global webs of local life cycles, glued together at shared communication events. These interpretation structures are embedded in an interpretation frame that is a labelled locally sequential event structure. Two initiality results are presented: the category of labelled locally sequential event structures has initial elements, and so has the full subcategory of those satisfying given temporal axioms. As...
Toward Automated Component Adaptation
 IN PROCEEDINGS OF THE 9TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND KNOWLEDGE ENGINEERING
, 1997
"... This paper explores the use of specification matching to discover and select component adaptation strategies. This is done within a formal framework that integrates specificationbased component retrieval with a formal architecture representation to support component retrieval and adaptation. The ke ..."
Abstract

Cited by 25 (4 self)
 Add to MetaCart
This paper explores the use of specification matching to discover and select component adaptation strategies. This is done within a formal framework that integrates specificationbased component retrieval with a formal architecture representation to support component retrieval and adaptation. The key to integration is determining the relationship between what components are potentially reusable and how they can be properly adapted. An example is given to illustrate how the results of specification matching can be used to guide the selection and application of adaptation tactics and automate component adaptation.
The Amsterdam Manifesto on OCL
, 1999
"... In November 1998 the authors participated in a twoday workshop on the ..."
Abstract

Cited by 24 (3 self)
 Add to MetaCart
(Show Context)
In November 1998 the authors participated in a twoday workshop on the
An Overview of the Eucalyptus Toolbox
 University of Maribor
, 1996
"... This article presents the essential features of a protocol engineering environment, the Eucalyptus toolbox, which has been developed or improved in the framework of two successive EuropeanCanadian projects Eucalyptus1 and Eucalyptus2. This toolbox is based on the formal description technique Lo ..."
Abstract

Cited by 24 (4 self)
 Add to MetaCart
This article presents the essential features of a protocol engineering environment, the Eucalyptus toolbox, which has been developed or improved in the framework of two successive EuropeanCanadian projects Eucalyptus1 and Eucalyptus2. This toolbox is based on the formal description technique Lotos standardized by Iso. It offers a wide range of functionalities, including simulation, compilation, verification and test case generation for Lotos descriptions. 1 Introduction The development of telecommunication protocols and distributed systems can be improved by the use of formal methods supported by appropriate software tools. Formal description techniques such as the Lotos language standardized by Iso [30] have been defined to allow a precise and unambiguous description of complex reactive systems. The design of Lotos was motivated by the need for a language with a high abstraction level and a strong mathematical basis, which could be used for the description and analysis of com...
Compositional Semantics for Open Petri Nets based on Deterministic Processes
, 2001
"... In order to model the behaviour of open concurrent systems by means of Petri nets, we introduce open Petri nets, a generalization of the ordinary model where some places, designated as open, represent an interface of the system towards the environment. Besides generalizing the token game to reflect ..."
Abstract

Cited by 22 (5 self)
 Add to MetaCart
In order to model the behaviour of open concurrent systems by means of Petri nets, we introduce open Petri nets, a generalization of the ordinary model where some places, designated as open, represent an interface of the system towards the environment. Besides generalizing the token game to reflect this extension, we define a truly concurrent semantics for open nets by extending the GoltzReisig process semantics of Petri nets. We introduce a composition operation over open nets, characterized as a pushout in the corresponding category, suitable to model both interaction through open places and synchronization of transitions. The deterministic process semantics is shown to be compositional with respect to such composition operation. If a net Z 3 results as the composition of two nets Z 1 and Z 2 , having a common subnet Z 0 , then any two deterministic processes of Z 1 and Z 2 which "agree" on the common part, can be "amalgamated" to produce a deterministic process of Z 3 . Vice versa, any deterministic process of Z 3 can be decomposed into processes of the component nets. The amalgamation and decomposition operations are shown to be inverse to each other, leading to a bijective correspondence between the deterministic processes of Z 3 and pair of deterministic processes of Z 1 and Z 2 which agree on the common subnet Z 0 . Technically, our result is similar to the amalgamation theorem for datatypes in the framework of algebraic specification. A possible application field of the proposed constructions and results is the modeling of interorganizational workflows, recently studied in the literature. This is illustrated by a running example.