Hume is a contemporary programming language oriented to systems with strong resource bounds, based on autonomous concurrent “boxes” interacting across “wires”. Hume’s design reflects the explicit separation of coordination and computation aspects of multi-process systems, which greatly eases establishing resource bounds for programs. However, coordination and computation are necessarily tightly coupled in reasoning about Hume programs. Furthermore, in Hume, local changes to coordination or computation, while preserving input/output correctness, can have profound and unforeseen effects on other aspects of programs such as timing of events and scheduling of processes. Thus, traditional program calculi prove inappropriate as they tend to focus exclusively either on the coordination of interacting processes or on computation within individual processes. The Hume box calculus offers a novel approach to manipulating multi-process systems by accounting seamlessly for both coordination and computation in individual rules. Furthermore, the “Hierarchical Hume” extension enables strong locality of the effects of program manipulation, as well as providing a principled encapsulation mechanism. In this paper, we present an overview of the Hume box calculus and its applications in program development. First of all, a base set of rules for introducing, changing, composing, separating and eliminating Hume boxes and wires, possibly within hierarchies, is presented. Next additional strategies are derived and a constructive approach to program development is illustrated through two examples of system elaboration from truth tables. Finally, at a considerably higher level, the use of the Hume box calculus to verify a generic transformation from a single box to an equivalent multi-box program, offering a balanced parallel implementation, is discussed.

Process algebras are standard formalisms for compositionally describing systems by the dependencies of their observable synchronous communication. In concurrent systems, parallel composition introduces resolvable nondeterminism, i.e., nondeterminism that will be resolved in later design phases or by the operating system. Sometimes it is also important to express inherent nondeterminism for equal (communication) labels. Here, we give operational and axiomatic semantics to a process algebra having a parallel operator interpreted as concurrent and having a choice operator interpreted as inherent, not only w.r.t. different, but also w.r.t. equal next-step actions. In order to handle the different kinds of nondeterminism, the operational semantics uses µ-automata as underlying semantical model. Soundness and completeness of our axiom system w.r.t. the operational semantics is shown.

Formal methods have been applied to reactive systems in order to capture errors early on in the development life-cycle and reduce redesign costs. The Reactive Systems Development Support (RSDS) method provides support for the analysis and design of reactive systems and generates code from these specifications. An RSDS system is specified by a set of invariants, a set of statemachines and a Data Control Flow Diagram (DCFD), which are then verified using the B theorem-prover. B however requires user interaction and is not capable of proving temporal properties easily. This thesis extends RSDS by integrating model checking so that temporal properties can be verified. The model checker used is the Symbolic Model Verifier (SMV). There are two distinct semantic views of statemachines in RSDS: the coarse-grain and the fine-grain, with the key difference between them being the granularity of a step. We describe a translation to SMV for each semantic view and we guarantee the quality of the translations by formally proving their correctness. This proof is a vital part in our provision of transparent formal method support for system design. To overcome the state explosion problem of model checking, we propose some natural ways of using the RSDS decomposition techniques for dividing the system

We present the first full formalisation of our approach to reproduction models and classification using Gibson’s theory of affordances. Our formal reproduction models incorporate a labelled transition system that describes how a reproductive system changes over the course of reproduction. The actors in the system are represented by a set of entities together with a relation describing the states in which those entities are present, and a function mapping actions to sets of entities which enable those actions to be performed. Finally, a sequence of actions uniquely identifies the path taken by a single entity, the reproducer, during reproduction. We show how reproduction models can be classified based on whether the reproducer is assisted or unassisted in reproduction, and whether or not the reproducer is active during reproduction. We prove that all assisted and unassisted reproduction models have a related model which has the opposite classification, and generalise the classifications based on self-description and reproductive mechanism given in earlier work to the general case of classification by aspects. We discuss the relevance to the field of artificial life, give a potential application to the fields of computer virology, and demonstrate reproduction modelling and classification in action using examples.

often, models are required to be executable, as a simulation, on a computer. In this paper, we present some contributions to the process-theoretic and logical foundations of discrete-event modelling with resources and processes. We present a process calculus with an explicit representation of resources in which processes and resources co-evolve. The calculus is closely connected to a logic that may be used as a specification language for properties of models. The logic is strong enough to allow requirements that a system has certain structure; for example, that it is a parallel composite of subsystems. This work consolidates, extends, and improves upon aspects of earlier work of ours in this area. An extended example, consisting of a semantics for a simple parallel programming language, indicates a connection with separating logics for concurrency. 1.

of the United Nations University (UNU). It is based in Macao, and was founded in 1991. It started operations in July 1992. UNU-IIST is jointly funded by the government of Macao and the governments of the People’s Republic of China and Portugal through a contribution to the UNU Endowment Fund. As well as providing two-thirds of the endowment fund, the Macao authorities also supply UNU-IIST with its office premises and furniture and subsidise fellow accommodation. The mission of UNU-IIST is to assist developing countries in the application and development of software technology. UNU-IIST contributes through its programmatic activities: 1. Advanced development projects, in which software techniques supported by tools are applied, 2. Research projects, in which new techniques for software development are investigated, 3. Curriculum development projects, in which courses of software technology for universities in developing countries are developed, 4. University development projects, which complement the curriculum development projects by aiming to strengthen all aspects of computer science teaching in universities in developing countries, 5. Schools and Courses, which typically teach advanced software development techniques, 6. Events, in which conferences and workshops are organised or supported by UNU-IIST, and 7. Dissemination, in which UNU-IIST regularly distributes to developing countries information on international

Abstract: The TWINS project addresses industrial hardware-software co-design product development. In search for a multidisciplinary modeling solution, knowledge is required about the current practice of multidisciplinary development in industry. By analyzing user requirements, use cases, and applied tools and techniques of six industrial partners, this paper presents the current status of multidisciplinary development in the Dutch consortium. The analysis is used to improve a successful collaboration between the industrial partners, and it also identifies the challenging topics that need to be explored within a multidisciplinary environment.

We present an approach to linear logic planning where an explicit correspondence between partial order plans and multiplicative exponential linear logic proofs is established. This is performed by extracting partial order plans from sound and complete encodings of planning problems in multiplicative exponential linear logic in a way that exhibits a non-interleaving behavioral concurrency semantics. Relying on this fact, we argue that this work is a crucial step for establishing a common language for concurrency and planning that will allow to carry techniques and methods between these two fields.

All Rights Reservediii

With the success of model-driven development as well as component-based and service-oriented systems, models of software architecture are key artifacts in the development process. To adapt to changing requirements and improve internal software quality such models have to evolve while preserving aspects of their behaviour. These behaviour preserving developments are known as refactorings. The verification of behaviour preservation requires formal semantics, which can be defined by model transformation, e.g., using process algebras as semantic domain for architectural models. Denotational semantics of programming languages are by definition compositional. In order to enjoy a similar property in the case of model transformations, every component of the source model should be distinguishable in the target model and the mapping compatible with syntactic and semantic composition. To avoid the costly verification of refactoring steps on large systems and create refactoring patterns we present a general method based on compositional typed graph transformations. This method allows us to extract a (usually much smaller) rule