Testing can be formal, too
, 1995
"... Abstract. The paper presents a theory of program testing based on formal specifications. The formal semantics of the specifications is the basis for a notion of an exhaustive test set. Under some minimal hypotheses on the program under test, the success of this test set is equivalent to the satisfac ..."
Abstract. The paper presents a theory of program testing based on formal specifications. The formal semantics of the specifications is the basis for a notion of an exhaustive test set. Under some minimal hypotheses on the program under test, the success of this test set is equivalent to the satisfaction of the specification. The selection of a finite subset of the exhaustive test set can be seen as the introduction of more hypotheses on the program, called selection hypotheses. Several examples of commonly used selection hypotheses are presented. Another problem is the observability of the results of a program with respect to its specification: contrary to some common belief, the use of a formal specification is not always sufficient to decide whether a test execution is a success. As soon as the specification deals with more abstract entities than the program, program results may appear in a form which is not obviously equivalent to the specificied results. A solution to this problem is proposed in the case of algebraic specifications. 1
Moving Between Logical Systems
 Recent Trends in Data Type Specification
, 1998
"... : This paper presents a number of concepts of a mapping between logical systems modelled as institutions, discusses their mutual merits and demerits, and sketches their role in the process of system specification and development. Some simple properties of the resulting categories of institutions are ..."
: This paper presents a number of concepts of a mapping between logical systems modelled as institutions, discusses their mutual merits and demerits, and sketches their role in the process of system specification and development. Some simple properties of the resulting categories of institutions are given. 1 Introduction We have to live with a multitude of logical systems used in various approaches to software specification and development. The proliferation of logical systems in the area is not just researchers' fancy, but results from the very practical needs to capture various aspects of software systems and to cater for various programming paradigms. Each of them leads to a different notion of a semantic model capturing the semantic essence of the adopted view of software systems. For instance, standard (manysorted) algebras [BL70], [GTW78] provide a satisfactory framework for modelling data types where all operations always yield welldefined results. However, if general recursi...
Behavioural Theories and The Proof of Behavioural Properties
, 1996
"... Behavioural theories are a generalization of firstorder theories where the equality predicate symbol is interpreted by a behavioural equality of objects (and not by their identity). In this paper we first consider arbitrary behavioural equalities determined by some (partial) congruence relation and ..."
Behavioural theories are a generalization of firstorder theories where the equality predicate symbol is interpreted by a behavioural equality of objects (and not by their identity). In this paper we first consider arbitrary behavioural equalities determined by some (partial) congruence relation and we show how to reduce the behavioural theory of any class of algebras to (a subset of) the standard theory of some corresponding class of algebras. This reduction is the basis of a method for proving behavioural theorems whenever an axiomatization of the behavioural equality is provided. Then we focus on the important special case of (partial) observational equalities where two elements are observationally equal if they cannot be distinguished by observable computations over some set of input values. We provide general conditions under which an obvious infinite axiomatization of the observational equality can be replaced by a finitary one and we provide methodological guidelines for finding such...
Proving Correctness Of Refinement And Implementation
, 1996
"... The notions of state and observable behaviour are fundamental to many areas of computer science. Hidden sorted algebra, an extension of many sorted algebra, captures these notions through hidden sorts and the behavioural satisfaction of equations. This makes it a powerful formalisation of abstract m ..."
The notions of state and observable behaviour are fundamental to many areas of computer science. Hidden sorted algebra, an extension of many sorted algebra, captures these notions through hidden sorts and the behavioural satisfaction of equations. This makes it a powerful formalisation of abstract machines, and many results suggest that it is also suitable for the semantics of the object paradigm. Another extension of many sorted algebra, namely order sorted algebra, has proved useful in system specification and prototyping because of the way it handles subtypes and errors. The combination of these two algebraic approaches, hidden order sorted algebra, has also been proposed as a foundation for object paradigm, and has much promise as a foundation for Software Engineering. This paper extends recent work on hidden order sorted algebra by investigating the refinement and implementation of hidden order sorted specifications. We present definitions of refinement and implementation for suc...
On Behavioural Abstraction and Behavioural Satisfaction in HigherOrder Logic
, 1996
"... The behavioural semantics of specifications with higherorder logical formulae as axioms is analyzed. A characterization of behavioural abstraction via behavioural satisfaction of formulae in which the equality symbol is interpreted as indistinguishability, which is due to Reichel and was recently g ..."
The behavioural semantics of specifications with higherorder logical formulae as axioms is analyzed. A characterization of behavioural abstraction via behavioural satisfaction of formulae in which the equality symbol is interpreted as indistinguishability, which is due to Reichel and was recently generalized to the case of firstorder logic by Bidoit et al, is further generalized to this case. The fact that higherorder logic is powerful enough to express the indistinguishability relation is used to characterize behavioural satisfaction in terms of ordinary satisfaction, and to develop new methods for reasoning about specifications under behavioural semantics. 1 Introduction An important ingredient in the use of algebraic specifications to describe data abstractions is the concept of behavioural equivalence between algebras, which seems to appropriately capture the "black box" character of data abstractions, see e.g. [GGM76], [GM82], [ST87] and [ST95]. Roughly speaking (since there ...
A Complete Calculus for Equational Deduction in Coalgebraic Specification
 Recent Trends in Algebraic Development Techniques, WADT 97, volume 1376 of LNCS
, 1997
"... The use of coalgebras for the specification of dynamical systems with a hidden state space is receiving more and more attention in the years, as a valid alternative to algebraic methods based on observational equivalences. However, to our knowledge, the coalgebraic framework is still lacking a compl ..."
The use of coalgebras for the specification of dynamical systems with a hidden state space is receiving more and more attention in the years, as a valid alternative to algebraic methods based on observational equivalences. However, to our knowledge, the coalgebraic framework is still lacking a complete equational deduction calculus which enjoys properties similar to those stated in Birkhoff's completeness theorem for the algebraic case. In this paper we present a sound and complete equational calculus for coalgebras of a restricted class of polynomial functors. This restriction allows us to borrow some "algebraic" notions for the formalization of the calculus. Additionally, we discuss the notion of colours as a suitable dualization of variables in the algebraic case. Then the completeness result is extended to the "nonground" or "coloured" case, which is shown to be expressive enough to deal with equations of hidden sort. Finally we discuss some weaknesses of the proposed results wit...
Proving Behavioural Theorems with Standard FirstOrder Logic
 In Proc. of ALP'94
, 1994
"... . Behavioural logic is a generalization of firstorder logic where the equality predicate is interpreted by a behavioural equality of objects (and not by their identity). We establish simple and general su#cient conditions under which the behavioural validity of some firstorder formula with respect ..."
. Behavioural logic is a generalization of firstorder logic where the equality predicate is interpreted by a behavioural equality of objects (and not by their identity). We establish simple and general su#cient conditions under which the behavioural validity of some firstorder formula with respect to a given firstorder specification is equivalent to the standard validity of the same formula in a suitably enriched specification. As a consequence any proof system for firstorder logic can be used to prove the behavioural validity of firstorder formulas. 1 Introduction Observability plays a prominent role in formal software development, since it provides a suitable basis for defining adequate correctness concepts. For instance, for proving the correctness of a program with respect to a given specification, many examples show that it is essential to abstract from internal implementation details and to rely only on the observable behaviour of the program. A similar situation is the not...
From Informal Requirements to COOP: a Concurrent Automata Approach
, 1999
"... Methods are needed to help using formal specifications in a practical way. We herein present a method for the development of mixed systems, i.e. systems with both a static and a dynamic part. Our method helps the specifier providing means to structure the system in terms of communicating subcomp ..."
Methods are needed to help using formal specifications in a practical way. We herein present a method for the development of mixed systems, i.e. systems with both a static and a dynamic part. Our method helps the specifier providing means to structure the system in terms of communicating subcomponents and to give the sequential components using a semiautomatic concurrent automata generation with associated algebraic data types. These components and the whole system may be verified using common set of tools for transition systems or algebraic specifications. Furthermore, our method is equipped with object oriented code generation in Java, to be used for prototyping concerns.
ObjectOriented Specification of Distributed Systems in the µCalculus and Maude
 ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE
, 1997
"... We refine an abstract propertyoriented specification in the µcalculus to a specification in Maude. As an intermediate step, we use a structured specification in the µcalculus blended with propositions on states appropriate for objectoriented specification. We use the loose approach in refinement ..."
We refine an abstract propertyoriented specification in the µcalculus to a specification in Maude. As an intermediate step, we use a structured specification in the µcalculus blended with propositions on states appropriate for objectoriented specification. We use the loose approach in refinement and refine data types as well as behavior. Throughout, our example is the bounded buffer.
Semantic Refinement Of Concurrent Object Systems Based On Serializability
 OBJECT ORIENTATION WITH PARALLELISM AND PERSISTENCE
, 1996
