Results 1  10
of
79
Specification and verification challenges for sequential objectoriented programs
 UNDER CONSIDERATION FOR PUBLICATION IN FORMAL ASPECTS OF COMPUTING
"... The state of knowledge in how to specify sequential programs in objectoriented languages such as Java and C# and the state of the art in automated verification tools for such programs have made measurable progress in the last several years. This paper describes several remaining challenges and app ..."
Abstract

Cited by 52 (5 self)
 Add to MetaCart
The state of knowledge in how to specify sequential programs in objectoriented languages such as Java and C# and the state of the art in automated verification tools for such programs have made measurable progress in the last several years. This paper describes several remaining challenges and approaches to their solution.
MultiValued Symbolic ModelChecking
 ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY
, 2003
"... This paper introduces the concept and the general theory of multivalued model checking, and describes a multivalued symbolic modelchecker \Chi Chek. Multivalued ..."
Abstract

Cited by 50 (16 self)
 Add to MetaCart
This paper introduces the concept and the general theory of multivalued model checking, and describes a multivalued symbolic modelchecker \Chi Chek. Multivalued
Specification and Verification of ObjectOriented Programs
, 1997
"... Interface specifications should express program properties in a formal, declarative, and implementationindependent way. To achieve implementationindependency, interface specifications have to support data abstraction. Program verification should enable to prove implementations correct w.r.t. suc ..."
Abstract

Cited by 36 (4 self)
 Add to MetaCart
Interface specifications should express program properties in a formal, declarative, and implementationindependent way. To achieve implementationindependency, interface specifications have to support data abstraction. Program verification should enable to prove implementations correct w.r.t. such interface specifications. The presented work bridges the gap between existing specification and verification techniques for objectoriented programs. The integration is done within a formal framework for interface specifications and programming language semantics. Interface specification techniques are enhanced to support the specification of data structure sharing and destructive updating of shared variables. These extensions are necessary for the specification of real life software libraries. Moreover this generalization is needed for intermediate steps in correctness proofs. For verification, Hoare logic is extended to capture recursive classes and subtyping. Based on this extended logic, techniques are presented for proving typing properties, class and method invariants. The new
Declarative AspectOriented Programming
 PROCEEDINGS PEPM’99, 1999 ACM SIGPLAN WORKSHOP ON PARTIAL EVALUATION AND SEMANTICSBASED PROGRAM MANIPULATION PEPM’99, SAN ANTONIO (TEXAS), BRICS NOTES SERIES NS991
, 1999
"... Aspectoriented programming addresses the problem that the implementation of some properties such as error handling and optimization tends to crosscut the basic functionality. To overcome that problem special languages are used to specify such propertiesthe socalled aspectsin isolation. The ..."
Abstract

Cited by 32 (13 self)
 Add to MetaCart
Aspectoriented programming addresses the problem that the implementation of some properties such as error handling and optimization tends to crosscut the basic functionality. To overcome that problem special languages are used to specify such propertiesthe socalled aspectsin isolation. The software application is obtained by weaving the aspect code and the implementation of properties corresponding to basic functionalitythe socalled components. This paper investigates the suitability of functional metaprograms to specify aspects and to perform weaving. The proposal focuses on the declarative paradigm (logic programming, attribute grammars, natural semantics, constructive algebraic specification etc.) as far as components are concerned, whereas aspects are represented by program transformations. Weaving is regarded as a program composition returning a combination of the components satisfying all the aspects. The computational behaviour of the components is preserved during weaving. The proposal improves reusability of declarative programs. The approach is generic in the sense that it is applicable to several representatives of the declarative paradigm. Several roles of aspect code are defined and analysed.
ModelChecking Over MultiValued Logics
 In Proceedings of FME’01
, 2001
"... Classical logic cannot be used to effectively reason about systems with uncertainty (lack of essential information) or inconsistency (contradictory information often occurring when information is gathered from multiple sources). In this paper we propose the use of quasiboolean multivalued logics f ..."
Abstract

Cited by 30 (15 self)
 Add to MetaCart
Classical logic cannot be used to effectively reason about systems with uncertainty (lack of essential information) or inconsistency (contradictory information often occurring when information is gathered from multiple sources). In this paper we propose the use of quasiboolean multivalued logics for reasoning about such systems. We also give semantics to a multivalued extension of CTL, describe an implementation of a symbolic multivalued CTL modelchecker called chek, and analyze its correctness and running time.
A MetaMethod for Formal Method Integration
 In Proc. Formal Methods Europe 1997, LNCS 1313
, 1997
"... We describe a metamethod for formal method integration [Pai97]. The approach is applied to combining formal methods with other formal and semiformal methods. We discuss the theory behind formal method integration, present two example combinations, and use an integrated method in solving a small pro ..."
Abstract

Cited by 27 (15 self)
 Add to MetaCart
We describe a metamethod for formal method integration [Pai97]. The approach is applied to combining formal methods with other formal and semiformal methods. We discuss the theory behind formal method integration, present two example combinations, and use an integrated method in solving a small problem.
Engineering and Theoretical Underpinnings of Retrenchment
, 2001
"... Refinement is reviewed in a partial correctness framework, highlighting in particular the distinction between its use as a specification constructor at a high level, and its use as an implementation mechanism at a low level. Some of its shortcomings as specification constructor at high levels of ..."
Abstract

Cited by 16 (13 self)
 Add to MetaCart
Refinement is reviewed in a partial correctness framework, highlighting in particular the distinction between its use as a specification constructor at a high level, and its use as an implementation mechanism at a low level. Some of its shortcomings as specification constructor at high levels of abstraction are pointed out, and these are used to motivate the adoption of retrenchment for certain high level development steps. Basic properties of retrenchment are described, including a justification of the operation PO, simple examples, simulation properties, and compositionality for both the basic retrenchment notion and enriched versions. The issue of framing retrenchment in the wide variety of correctness notions for refinement calculi that exist in the literature is tackled, culminating in guidelines on how to `brew your own retrenchment theory'. Two short case studies are presented. One is a simple digital redesign control theory problem, the other is a radiotherapy dos...
Formal Method Integration via Heterogeneous Notations
, 1997
"... Method integration is the procedure of combining multiple methods to form a new technique. In the context of software engineering, this can involve combining specification techniques, rules and guidelines for design and implementation, and sequences of steps for managing an entire development. In cu ..."
Abstract

Cited by 15 (9 self)
 Add to MetaCart
Method integration is the procedure of combining multiple methods to form a new technique. In the context of software engineering, this can involve combining specification techniques, rules and guidelines for design and implementation, and sequences of steps for managing an entire development. In current practice, method integration is often an adhoc process, where links between methods are defined on a casebycase basis. In this dissertation, we examine an approach to formal method integration based on socalled heterogeneous notations: compositions of compatible notations. We set up a basis that can be used to formally define the meaning of compositions of formal and semiformal notations. Then, we examine how this basis can be used in combining methods used for system specification, design, and implementation. We demonst...
Inductive Definability and the Situation Calculus
 In Transaction and Change in Logic Databases
, 1998
"... . We explore the situation calculus within the framework of inductive definability. A consequence of this view of the situation calculus is to establish direct connections with different variants of the  calculus [Park, 1970; Hitchcock and Park, 1973; Pratt, 1981; Kozen, 1983; Emerson and Clark ..."
Abstract

Cited by 12 (1 self)
 Add to MetaCart
. We explore the situation calculus within the framework of inductive definability. A consequence of this view of the situation calculus is to establish direct connections with different variants of the  calculus [Park, 1970; Hitchcock and Park, 1973; Pratt, 1981; Kozen, 1983; Emerson and Clarke, 1980], structural operational semantics of concurrent processes [Plotkin, 1981], and logic programming [Apt, 1990]. First we show that the induction principle on situations [Reiter, 1993] is implied by an inductive definition of the set of situations. Then we consider the frame problem from the point of view of inductive definability and by defining fluents inductively we obtain essentially the same form of successor state axioms as [Reiter, 1991]. Our approach allows extending this result to the case where ramification constraints are present. Finally we demonstrate a method of applying inductive definitions for computing fixed point properties of GOLOG programs. 1 Introduction...
Machine code programs are predicates too
 Sixth Refinement Workshop
, 1994
"... I present aninterpretation of machine language programs as boolean expressions. Source language programs may also be so interpreted. The correctness of a code generator can then be expressed as a simple relationship between boolean expressions. Code generators can then be calculated from their speci ..."
Abstract

Cited by 12 (2 self)
 Add to MetaCart
I present aninterpretation of machine language programs as boolean expressions. Source language programs may also be so interpreted. The correctness of a code generator can then be expressed as a simple relationship between boolean expressions. Code generators can then be calculated from their speci cation. 1