Results 1  10
of
34
Universal coalgebra: a theory of systems
, 2000
"... In the semantics of programming, nite data types such as finite lists, have traditionally been modelled by initial algebras. Later final coalgebras were used in order to deal with in finite data types. Coalgebras, which are the dual of algebras, turned out to be suited, moreover, as models for certa ..."
Abstract

Cited by 298 (31 self)
 Add to MetaCart
In the semantics of programming, nite data types such as finite lists, have traditionally been modelled by initial algebras. Later final coalgebras were used in order to deal with in finite data types. Coalgebras, which are the dual of algebras, turned out to be suited, moreover, as models for certain types of automata and more generally, for (transition and dynamical) systems. An important property of initial algebras is that they satisfy the familiar principle of induction. Such a principle was missing for coalgebras until the work of Aczel (NonWellFounded sets, CSLI Leethre Notes, Vol. 14, center for the study of Languages and information, Stanford, 1988) on a theory of nonwellfounded sets, in which he introduced a proof principle nowadays called coinduction. It was formulated in terms of bisimulation, a notion originally stemming from the world of concurrent programming languages. Using the notion of coalgebra homomorphism, the definition of bisimulation on coalgebras can be shown to be formally dual to that of congruence on algebras. Thus, the three basic notions of universal algebra: algebra, homomorphism of algebras, and congruence, turn out to correspond to coalgebra, homomorphism of coalgebras, and bisimulation, respectively. In this paper, the latter are taken
Java Program Verification via a Hoare Logic with Abrupt Termination
 Fundamental Approaches to Software Engineering (FASE 2000), number 1783 in LNCS
, 2000
"... This paper formalises a semantics for statements and expressions (in sequential imperative languages) which includes nontermination, normal termination and abrupt termination (e.g. because of an exception, break, return or continue). This extends the traditional semantics underlying e.g. Hoare logi ..."
Abstract

Cited by 56 (6 self)
 Add to MetaCart
This paper formalises a semantics for statements and expressions (in sequential imperative languages) which includes nontermination, normal termination and abrupt termination (e.g. because of an exception, break, return or continue). This extends the traditional semantics underlying e.g. Hoare logic, which only distinguishes termination and nontermination. An extension of Hoare logic is elaborated that includes means for reasoning about abrupt termination (and sideeffects). It prominently involves rules for reasoning about while loops, which may contain exceptions, breaks, continues and returns. This extension applies in particular to Java. As an example, a standard pattern search algorithm in Java (involving a while loop with returns) is proven correct using the prooftool PVS.
Java Program Verification at Nijmegen: Developments and Perspective
 Nijmegen Institute of Computing and Information Sciences
, 2003
"... This paper presents a historical overview of the work on Java program verification at the University of Nijmegen (the Netherlands) over the past six years (19972003). It describes the development and use of the LOOP tool that is central in this work. Also, it gives a perspective on the field. ..."
Abstract

Cited by 47 (5 self)
 Add to MetaCart
This paper presents a historical overview of the work on Java program verification at the University of Nijmegen (the Netherlands) over the past six years (19972003). It describes the development and use of the LOOP tool that is central in this work. Also, it gives a perspective on the field.
ObjectOriented Verification based on Record Subtyping in HigherOrder Logic
 In 11th International Conference on Theorem Proving in Higher Order Logics, volume 1479 of LNCS, ANU
, 1998
"... We show how extensible records with structural subtyping can be represented directly in HigherOrder Logic (HOL). Exploiting some specific properties of HOL, this encoding turns out to be extremely simple. In particular, structural subtyping is subsumed by naive parametric polymorphism, while ov ..."
Abstract

Cited by 38 (11 self)
 Add to MetaCart
We show how extensible records with structural subtyping can be represented directly in HigherOrder Logic (HOL). Exploiting some specific properties of HOL, this encoding turns out to be extremely simple. In particular, structural subtyping is subsumed by naive parametric polymorphism, while overridable generic functions may be based on overloading. Taking HOL plus extensible records as a starting point, we then set out to build an environment for objectoriented specification and verification (HOOL). This framework offers several wellknown concepts like classes, objects, methods and latebinding. All of this is achieved by very simple means within HOL. 1 Introduction Higherorder Logic (HOL) [2, 1, 3] is a rather simplistic typed system, Church originally even called it "Simple Theory of Types". At first sight, it might seem futile attempting to use HOL to represent extensible records with structural subtyping, or even objectoriented concepts. One might expect that this ...
The Temporal Logic of Coalgebras via Galois Algebras
, 1999
"... This paper introduces a temporal logic for coalgebras. Nexttime and lasttime operators are dened for a coalgebra, acting on predicates on the state space. They give rise to what is called a Galois algebra. Galois algebras form models of temporal logics like Linear Temporal Logic (LTL) and Computatio ..."
Abstract

Cited by 33 (7 self)
 Add to MetaCart
This paper introduces a temporal logic for coalgebras. Nexttime and lasttime operators are dened for a coalgebra, acting on predicates on the state space. They give rise to what is called a Galois algebra. Galois algebras form models of temporal logics like Linear Temporal Logic (LTL) and Computation Tree Logic (CTL). The mapping from coalgebras to Galois algebras turns out to be functorial, yielding indexed categorical structures. This gives many examples, for coalgebras of polynomial functors on sets. Additionally, it will be shown how \fuzzy" predicates on metric spaces, and predicates on presheaves, yield indexed Galois algebras, in basically the same coalgebraic manner. Keywords: Temporal logic, coalgebra, Galois connection, fuzzy predicate, presheaf Classication: 68Q60, 03G05, 03G25, 03G30 (AMS'91); D.2.4, F.3.1, F.4.1 (CR'98). 1 Introduction This paper combines the areas of coalgebra and of temporal logic. Coalgebras are simple mathematical structures (similar, but dual, to...
Towards a Duality Result in the Modal Logic of Coalgebras
 In Coalgebraic Methods in Computer Science, volume 33 of ENTCS
, 2000
"... This paper forms a step in the development of the recently emerged connection between coalgebra and modal logic. It introduces (backandforth) transformations between coalgebras of simple polynomial functors and certain Boolean algebras with operators (BAOs). Categorically, these transformations ta ..."
Abstract

Cited by 21 (0 self)
 Add to MetaCart
This paper forms a step in the development of the recently emerged connection between coalgebra and modal logic. It introduces (backandforth) transformations between coalgebras of simple polynomial functors and certain Boolean algebras with operators (BAOs). Categorically, these transformations take the form of an adjunction. The BAO associated with a coalgebra can be used for specification, e.g. of classes in objectoriented languages.
Formalizing a JVML verifier for initialization in a theorem prover
, 2001
"... The bytecode verier is advertised as a key component of the security and safety strategy for the Java language, making it possible to use and exchange Java programs without fearing too much damage due to erroneous programs or malignant program providers. As Java is likely to become one of the langu ..."
Abstract

Cited by 20 (2 self)
 Add to MetaCart
The bytecode verier is advertised as a key component of the security and safety strategy for the Java language, making it possible to use and exchange Java programs without fearing too much damage due to erroneous programs or malignant program providers. As Java is likely to become one of the languages used to embed programs in all kinds of appliances or computerbased applications, it becomes important to verify that the claim of safety is justified. We worked on a type system proposed in [7] to enforce a discipline for object initialization in the Java Virtual Machine Language and implemented it in the Coq [5] proof and specification language. We first produced mechanically checked proofs of the theorems in [7] and then we constructed a functional implementation of a bytecode verifier. We have a mechanical proof that this bytecode verifier only accepts programs that have a safe behavior with respect to initialization. Thanks to the extraction mechanism provided in Coq...
A Case Study in Class Library Verification: Java's Vector Class
, 1999
"... One of the reasons for the popularity of objectoriented programming is the possibility it offers for reuse of code. Usually, the distribution of an objectoriented programming language comes together with a collection of readytouse classes, in a class library. Typically, these classes contain gen ..."
Abstract

Cited by 19 (6 self)
 Add to MetaCart
One of the reasons for the popularity of objectoriented programming is the possibility it offers for reuse of code. Usually, the distribution of an objectoriented programming language comes together with a collection of readytouse classes, in a class library. Typically, these classes contain general purpose code, which can be used in many applications. Before using such classes, a programmer usually wants to know how they behave and when their methods throw exceptions. One way to do this, is to study the actual code, but since this is timeconsuming and requires understanding all particular ins and outs of the implementation, this is often not the most efficient way. Another approach is to study the documentation provided. As long as the documentation is clear and concise, this works well, but otherwise one still is forced to look at the actual code.