Results 1  10
of
10
Products in the Refinement Calculus
, 1999
"... We study program states that are described as tuples, i.e., product state spaces. Modeling programs as predicate transformers, we define a product operator on program statements that describes the independent execution of statements on disjoint state spaces. The algebraic properties of this product ..."
Abstract

Cited by 30 (2 self)
 Add to MetaCart
We study program states that are described as tuples, i.e., product state spaces. Modeling programs as predicate transformers, we define a product operator on program statements that describes the independent execution of statements on disjoint state spaces. The algebraic properties of this product operator are studied, in particular the basic monotonicity and distributivity properties that the operator has, and their applications. We also consider how to extend the state space by adding new state components, and show how this is modeled using the product operator. Finally, we show how products are useful to formulate data refinement, both as a general concept and as a technique for replacing local state components of program blocks.
Controlling Control Systems: An Application of Evolving Retrenchment
"... We review retrenchment as a liberalisation of refinement, for the description of applications too rich (e.g. using continuous and infinite types) for refinement. A specialisation of the notion, evolving retrenchment is introduced, motivated by the need for an approximate, evolving notion of simu ..."
Abstract

Cited by 15 (12 self)
 Add to MetaCart
We review retrenchment as a liberalisation of refinement, for the description of applications too rich (e.g. using continuous and infinite types) for refinement. A specialisation of the notion, evolving retrenchment is introduced, motivated by the need for an approximate, evolving notion of simulation. The focus of the paper is the case study, a substantial secondorder linear control system. The design step from continuous to zeroorder hold discrete system is expressible as an evolving retrenchment. Thus we demonstrate that the retrenchment approach can formalise the development of useful applications, which are outside the scope of refinement. The work is presented in a data typeenriched language containing the B language of J.R. Abrial. 1
Retrenchment: Extending the Reach of Refinement
"... Discussion of a simple example demonstrates various expressive limitations of the refinement calculus, and suggests a liberalization of refinement, called retrenchment, which will support an analogous formal development calculus. Useful concrete system behaviour can be specified outside the domain o ..."
Abstract

Cited by 11 (8 self)
 Add to MetaCart
Discussion of a simple example demonstrates various expressive limitations of the refinement calculus, and suggests a liberalization of refinement, called retrenchment, which will support an analogous formal development calculus. Useful concrete system behaviour can be specified outside the domain of pure refinement, and a case is made for fluidity between I/O and state components across the development step. A syntax and a formal definition are presented for retrenchment, which has some necessary properties for a formal development calculus: transitivity gives stepwise composition of retrenchments, and monotonicity w.r.t. the specification language constructors gives piecewise construction of retrenchments.
Retrenchment: Extending Refinement for Continuous and Control Systems
, 2000
"... Discussion of a radiation dose calculation example demonstrates various expressive limitations of the refinement calculus, particularly for systems with continuous variables. A liberalization of refinement, called retrenchment, is proposed, which will support an analogous formal development calculus ..."
Abstract

Cited by 10 (10 self)
 Add to MetaCart
Discussion of a radiation dose calculation example demonstrates various expressive limitations of the refinement calculus, particularly for systems with continuous variables. A liberalization of refinement, called retrenchment, is proposed, which will support an analogous formal development calculus. Useful concrete system behaviour can be specified outside the domain of pure refinement, in particular behaviour under controlled precision decay. A syntax and a formal definition are presented for retrenchment in the B notation of J.R. Abrial. Necessary transitivity and monotonicity properties for a formal development calculus are stated. A generalisation, evolving retrenchment, is proposed, and a simple example demonstrates its utility, by analogy, in control systems applications. Evolution in retrenchment is demonstrated to offer the expressive power to describe useful simulationlike behaviour, with evolving precision, in software for control systems. Finally, the dosimetry ...
Structuring retrenchments in B by decomposition
 PROC. FME2003: FORMAL METHODS, VOLUME 2805 OF LNCS
, 2003
"... Simple retrenchment is briefly reviewed in the B language of J.R. Abrial [1] as a liberalization of classical refinement, for the formal description of application developments too demanding for refinement. This work initiates the study of the structuring of retrenchmentbased developments in B b ..."
Abstract

Cited by 6 (5 self)
 Add to MetaCart
Simple retrenchment is briefly reviewed in the B language of J.R. Abrial [1] as a liberalization of classical refinement, for the formal description of application developments too demanding for refinement. This work initiates the study of the structuring of retrenchmentbased developments in B by decomposition. A given coarsegrained retrenchment relation between specifications is decomposed into a family of more finegrained retrenchments. The resulting family may distinguish more incisively between refining, approximately refining, and nonrefining behaviours. Two decomposition results are given, each sharpening a coarsegrained retrenchment within a particular syntactic structure for operations at concrete and abstract levels. A third result decomposes a retrenchment exploiting structure latent in both levels. The theory is illustrated by a simple example based on an abstract model of distributed computing, and methodological aspects are considered.
Tanaka,H.: Definite Clause Knowledge Representation and its Applications
, 2001
"... We introduce the probabilistic action system formalism which combines refinement with performance. Performance is expressed by means of probability and expected costs. Probability is needed to express uncertainty present in physical environments. Expected costs express physical or abstract quantitie ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
We introduce the probabilistic action system formalism which combines refinement with performance. Performance is expressed by means of probability and expected costs. Probability is needed to express uncertainty present in physical environments. Expected costs express physical or abstract quantities that describe a system. They encode the performance objective. The behaviour of probabilistic action systems is described by traces of expected costs. Corresponding notions of refinement and simulationbased proof rules are introduced. Formal notations like B [2] or action systems [8] support a notion of refinement. Refinement relates an abstract specification A to a more deterministic concrete specification C. Knowing A and C one proves C refines, or implements, specification A. In this study we consider specification A as given and concern ourselves with a way to find a good candidate for specification according to their performance. The performance of a
A B C D  Automated Validation of Business Critical Systems with Component Based Designs
, 1999
"... ion Our existing work on stepwise refinement [9] is the foundation for our proposed research on multilevel simulation while our existing work on behavioural abstraction [38, 40] is important for our proposed research on both multilevel simulation and infinitestate modelchecking. Abstract Interp ..."
Abstract
 Add to MetaCart
ion Our existing work on stepwise refinement [9] is the foundation for our proposed research on multilevel simulation while our existing work on behavioural abstraction [38, 40] is important for our proposed research on both multilevel simulation and infinitestate modelchecking. Abstract Interpretation Our existing work on partial evaluation and abstract interpretation [36, 19] is the basis for our proposed research on infinitestate modelchecking. Animation of Formal Specifications Our work on animation tools for formal methods [20, 24, 30] is important for our proposed research on multilevel simulation. Over the last 12 months, the Southampton DSSE team has been applying all of the above expertise in a collective effort in collaboration with ICL. This involved members of the team applying a range of formal methods, including B, CSP, the calculus, PetriNets, Prolog, Spin and Z, to a system being developed by ICL [23]. The results of this were presented to a group of engineers...
Theorem Proving in Higher Order Logics
, 2002
"... Syntax in Nuprl ::::::::::::::::::::::::::::::::::::::::::::: 23 Eli Barzilay, Stuart Allen DOVE: a Graphical Tool for the Analysis and Evaluation of Critical Systems :::::::::::::::::::::: 33 Tony Cant, Jim McCarthy, Brendan Mahony Formalising General Correctness ::::::::::::::::::::::::::::::: ..."
Abstract
 Add to MetaCart
Syntax in Nuprl ::::::::::::::::::::::::::::::::::::::::::::: 23 Eli Barzilay, Stuart Allen DOVE: a Graphical Tool for the Analysis and Evaluation of Critical Systems :::::::::::::::::::::: 33 Tony Cant, Jim McCarthy, Brendan Mahony Formalising General Correctness ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 36 Jeremy E. Dawson Automatic Constraint Calculation using Lax Logic ::::::::::::::::::::::::::::::::::::::::::::: 48 Jeremy E. Dawson, Matt Fairtlough Automating FraenkelMostowski Syntax :::::::::::::::::::::::::::::::::::::::::::::::::::::: 60 Murdoch J. Gabbay AFormal Correctness Proof of the SPIDER Diagnosis Protocol :::::::::::::::::::::::::::::::::: 71 Alfons Geser, Paul S. Miner Using HOL to Study Sugar 2.0 Semantics ::::::::::::::::::::::::::::::::::::::::::::::::::::: 87 Michael J. C. Gordon Extending DOVE with Product Automata :::::::::::::::::::::::::::::::::::::::::::::::::::: 101 Elsa L. Gunter, Yi Meng A HigherOrder System for Representing Metabolic Pathways ::::::::::::::::::::::::::::::::::: 112 Sara Kalvala HigherOrder Pattern Unification and Proof Irrelevance ::::::::::::::::::::::::::::::::::::::::: 121 Jason Reed AVerification of Rijndael in HOL :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 128 Konrad Slind The K Combinator as a Semantically TransparentTagging Mechanism:::::::::::::::::::::::::::: 139 Konrad Slind, Michael Norrish FCM 2002 Invited Talk Real Numbers in Real Applications ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 146 John Harrison v vi FCM 2002 Workshop Papers A PVS Service for MathWeb :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 147 A. A. Adams, A. Franke, J. Zimmer Formalizing Real Calculus in Coq :::::::::::::::::::::::::::::::::::...
Structuring Retrenchments in the small with B
, 2002
"... Simple retrenchment is briefly reviewed as a liberalisation of classical refinement, for the formal description of application developments too demanding for refinement. Two generalisations, output and evolving retrenchment, are presented. Simple monotonicity results for retrenchment are recalle ..."
Abstract
 Add to MetaCart
Simple retrenchment is briefly reviewed as a liberalisation of classical refinement, for the formal description of application developments too demanding for refinement. Two generalisations, output and evolving retrenchment, are presented. Simple monotonicity results for retrenchment are recalled, forming the basis of a piecewise development method.
Supporting Reuse Mechanisms for Developments in EventB: Composition
"... Abstract. The development of specifications often is a combination of smaller subcomponents. Focusing on reuse, an interesting perspective is to formally define the combination of subcomponents through refinement steps, reusing their properties and generating larger systems. The previous situation ..."
Abstract
 Add to MetaCart
Abstract. The development of specifications often is a combination of smaller subcomponents. Focusing on reuse, an interesting perspective is to formally define the combination of subcomponents through refinement steps, reusing their properties and generating larger systems. The previous situation suggests the application of a reuse mechanism: composition. EventB is a formal method that allows modelling and refinement of systems. The combination and reuse of existing subcomponents is not currently supported in EventB. We propose the development of composition by extending the EventB formalism as an option for developing larger models, focusing in distributed systems. A tool is developed to support the shared event composition in the Rodin platform. Properties and proof obligations of subcomponents are reused and sufficient proof obligations are generated to ensure valid composed models. Key words: formal methods, composition, EventB, specification, design techniques