We present three descriptions, at di#erent abstract levels, of the tree identify protocol from the IEEE 1394 serial multimedia bus standard. The descriptions are given using the language Maude based on rewriting logic. Particularly, the time aspects of the protocol are studied. We prove the correctness of the protocol in two steps. First, the descriptions are validated by an exhaustive exploration of all the possible states reachable from an initial configuration of a network, checking that always only one leader is chosen. Then, we give a formal proof showing that the desirable properties of the protocol are always fulfilled by any network, provided that the network is connected and acyclic.

AbstractMany distributed applications can be understood in terms of components interacting in an open environment such as the Internet. Open environmentsare subject to change in uncontrollable ways, as other applications may arrive, change, or disappear. In order to test the behavior of components in suchenvironments, it is necessary to build a testing environment which reflects this highly unpredictable behavior. To avoid over-specification of environmentcomponents, we use the observable communication history to abstractly reflect the state of communicating components. Rewriting logic has beenused to capture many different systems of concurrency and communication in an executable manner. In this paper, we show how rewriting logic models canbe extended with observable communication histories in a transparent way and suggest using this extension to capture a form of assumption guaranteespecification based testing of components in open environments.

On the one hand network and... In this paper we present the specification of a network model in Maude and some primitives for de ning simulation strategies. The use of the model is illustrated with a simple HELLO sub-protocol taken from the IETF PIMDM (Protocol Independent Multi-Cast-Dense Mode) RFC [6], and based on a pseudo-code specification [21]. The network model we present reflects the key aspects of the infra-structure on which typical communication protocols run. The model is designed so that we may execute isolated protocols as well as develop techniques for composing sub-protocols, to model the more complex protocols used in practice. The long term goal is to support simulation and formal analysis at many levels of detail...

An executable computational logic can provide the desired bridge between formal system properties and formal methods to verify them on the one hand, and executable models of system designs based on programming languages on the other. However, not all such logics are equally well suited for the task. This paper gives some requirements that seem important for a computational logic to be suitable in practice, and discusses the experience with rewriting logic, its Maude language implementation, and its formal tool environment, concluding that they seem to meet well those requirements. 1. The General Idea The present conference explores a convergence of formal methods and programming language based approaches to system design in both hardware and embedded hardwaresoftware systems. There are many practical benefits to be gained from such a convergence and, furthermore, there are important research issues involved. I wish to put forward a simple general idea that in my view provides a conceptual key to exploring a convergence of this kind. As suggested in the title, the idea is that an executable computational logic can provide the desired bridge between formal system properties and formal methods to verify them on the one hand, and executable models of system designs based on programming languages on the other. The general idea as such is hardly new: it has already been demonstrated very successfully by different researchers using different computational logics. There are

Abstract not found

Abstract. Orc is a theory of orchestration of services that allows structured programming of distributed and timed computations. Several formal semantics have been proposed for Orc, including a rewriting logic semantics developed by the authors. Orc also has a fully fledged implementation in Java with functional programming features. However, as with descriptions of most distributed languages, there exists a fairly substantial gap between Orc’s formal semantics and its implementation, in that: (i) programs in Orc are not easily deployable in a distributed implementation just by using Orc’s formal semantics, and (ii) they are not readily formally analyzable at the level of a distributed Orc implementation. In this work, we overcome problems (i) and (ii) for Orc. Specifically, we describe an implementation technique based on rewriting logic and Maude that narrows this gap considerably. The enabling feature of this technique is Maude’s support for external objects through TCP sockets. We describe how sockets are used to implement Orc site calls and returns, and to provide real-time timing information to Orc expressions and sites. We then show how Orc programs in the resulting distributed implementation can be formally analyzed at a reasonable level of abstraction, and discuss the assumptions under which the analysis can be deemed correct. Finally, the distributed implementation and the formal analysis methodology are illustrated with a case study. 1

We describe a first proposal for a strategy language for Maude, to control the rewriting process and to be used at the object level instead of at the metalevel. We also describe a prototype implementation built over Full Maude using the metalevel and the metalanguage facilities provided by Maude. Finally, we include a series of examples that illustrate the main features of the proposed language.

routing protocol, with optimizations to minimize both the routing instability incurred after topology changes, as well as the use of bandwidth and processing power in the router. We show here an executable specification using the rewriting logic based language Maude, that allows us to connect several Maude instances, each one running the protocol and on top of which concrete applications can be executed. We also simulate the protocol by using Real-Time Maude, that allows us to formally analyze it in several ways.

The last decade has seen an explosive growth of both: (1) enterprise service-oriented software systems, for managing enterprise resources and automating business processes, and (2) usercentric, cloud-based web applications, which provide richer experiences and more intelligent services to end-users than traditional, monolithic applications. The adoption of systems that are based on Internet-accessible software components, a class of distributed software systems to which we simply refer as Internet software, is expected to grow tremendously in the future. Nevertheless, designing and developing dependable Internet software poses a unique set of challenges, making the already difficult issue of whether a deployed system meets its specification requirements even harder to address than for traditional software systems. In this dissertation, we develop formal specification, simulation, prototyping, and formal analysis techniques and tools for distributed software services, based on rewriting logic, the Maude system, and the theory of Orc, with the overall goal of improving the reliability of Internet software. The dissertation focuses on the formal specification and analysis of two fundamentally important aspects of Internet software systems: (1) the correctness of service