. We describe the Refinement Calculator, a tool which supports

The refinement calculus for the development of programs from specifications is well suited to mechanised support. We review the requirements for tool support of refinement as gleaned from our experience with a number of existing refinement tools, and report on the design and implementation of a new tool to support refinement based on these requirements. The main features of the new tool are close integration of refinement and proof in a single tool (the same mechanism is used for both), good management of the refinement context, an extensible theory base that allows the tool to be adapted to new application domains, and a flexible user interface.

ion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 6.8 Comments on the Specification . . . . . . . . . . . . . . . . . . . . . 107 6.9 The Refinement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 6.10 Comments on the Refinement . . . . . . . . . . . . . . . . . . . . . . 115 7 Conclusions 119 7.1 Future Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Contents ix Appendixes A Definitions 123 A.1 Pairs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 A.2 Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 A.3 Arrays . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125 B Refinement of the Line Editor 127 B.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 B.2 The Refinement of INIT . . . . . . . . . . . . . . . . . . . . . . . . . 127 B.3 The Refinement of EDIT . . . . . . . . . . . . . . . . . . . . . . . . 134 B.4 The Refinem...

A new version of the Ergo theorem prover is under development. It uses a single tactic language, based on Angel, for tactic programming, user interface, and proof representation. This paper describes the language as it is used in each of these cases, and explains the details of its implementation in Qu-Prolog. An example from classical propositional calculus is included. 1 Introduction Ergo is an interactive proof tool that has been designed and implemented at the SVRC over the last ten years. It is implemented in Qu-Prolog (Robinson and Hagen, 1997), and is designed to be extensible, so that users can add new theories, tactics and user interfaces. Ergo 5 is currently under development. Having no inbuilt object logic, it is a generic prover that can be instantiated by providing a collection of axiomatic and/or definitional theories. The core of Ergo 5 provides support for (uninterpreted) sequents with named tuples of arbitrary terms as antecedents and single terms as consequents...

This report examines the requirements for a support tool for the stepwise refinement of program specifications to program code using the refinement calculus. This calculus, which was developed independently by Back, Morgan and Morris, is described briefly and the requirements for a tool to support the major roles of refinement are outlined. These broad requirements are expanded to identify more specific functionality, and some existing tools are compared within this functional framework. After a general comparison, five selected case studies are described, which are used for a more detailed and specific comparison. The results of these comparisons are then classified to identify common and distinctive features of the two major tools. Finally the results obtained are summarized in terms of consequences for the generic program refinement tool project.

The refinement calculus is a formal technique for the development of programs which are provably correct with respect to their specifications. A formal language is presented for the description of program development using the refinement calculus. The language provides an abstract representation of the overall program development, reflecting its tree-like structure. The language is used for recording developments in the refinement editor -- an automated tool supporting the refinement calculus. 1 Introduction Formal techniques of program development [1, 2, 12, 14, 17] have the potential to revolutionise the way in which programs are constructed. The formalization of the process of program development brings with it the benefits of rigour, and increases confidence in the program's correctness. These formal methods also provide a history of the program's development from the initial specification. This is an important aspect, but one which is often overlooked. Our method applies to progra...

In this paper, a tool for structuring and manipulating formal program derivations is specified using the Z [13] notation. A program derivation style based on (transitive) relations between programs, as found in the refinement calculus [1, 8, 9], is assumed. The structuring and manipulation of derivations is based on the notion of refinement diagrams proposed by Back [3]. This allows for a style of derivation that is much more flexible than top-down refinement and is more suited to large-scale program development. The original refinement diagram notion is also extended with ideas from window inference [12] which provides a powerful way of dealing with the use of different relations in sub-derivations.

The refinement calculus is a well-established theory for formal development of imperative program code and is supported by a number of automated tools. Via a detailed case study, this article shows how refinement theory and tool support can be extended for a program with real-time constraints. The approach adapts a timed variant of the refinement calculus and makes corresponding enhancements to a theorem-prover based refinement tool.

Refinement is a mathematically-based technique for developing a program from an abstract specification so that the program satisfies the specification. The aim of the Program Refinement Tool project is to develop a generic refinement tool suitable for supporting a methodology for the interactive development of programs based on the refinement calculus. This report summarizes our investigation into an appropriate engine to use for the refinement calculator and theorem prover in this tool. Contents 1 Introduction 2 2 Refinement Engine 3 2.1 Structure of Refinement Rules : : : : : : : : : : : : : : : : : : 3 2.2 Applicability Conditions : : : : : : : : : : : : : : : : : : : : : 5 2.3 Parameters : : : : : : : : : : : : : : : : : : : : : : : : : : : : 5 2.4 Monotonicity : : : : : : : : : : : : : : : : : : : : : : : : : : : 7 2.5 Proving Refinement Rules : : : : : : : : : : : : : : : : : : : : 8 2.6 Schematic Developments : : : : : : : : : : : : : : : : : : : : : 8 2.7 Customizing t...

Software development by formal methods involves an overwhelming amount of technical and managerial detail. Systematic organisation of this information in a method's support environment is an important engineering concern. In this paper, we introduce a model for object organisation in software environments for formal methods, with particular emphasis on easy construction, modification, review and reuse of software objects. We demonstrate how the model can be instantiated to individual methodologies to obtain the object organisation architectures for their support environments.