. This paper introduces a formal specification technique for mobile systems based on input/output relations on streams. We consider networks of components communicating asynchronously via unbounded directed channels. Mobility is achieved by allowing the components to communicate channel ports. We distinguish between many-to-many and two variants of point-to-point communication. The communication paradigms are semantically under-pinned by denotational models. The models are formulated in the context of timed nondeterministic data-flow networks and presented in a step-wise fashion. The emphasis is on capturing the special kind of dynamic hiding characterizing mobile systems. We demonstrate the proposed approach in a number of small examples. 1. Introduction Motivated by the need to model object-oriented programming languages and openness in distributed applications, the study of mobile systems has become a very popular research area. Most of the early theoretical research on mobility is...

A dynamic network is a network whose components may interact on channels established dynamically by the communication of their associated ports. This paper generalises a specification technique based on input/output-relations on streams to capture the special kind of privacy preservation found in such networks. Aprivacy preserving component never accesses, depends on or sends a port whose name it does not know. Composite specifications, describing networks of such components, are built from elementary specifications with three specially designed operators: one operator for static hiding, one for dynamic hiding, and one for parallel composition modulo many-to-many communication. The need for the three operators is motivated by a small example.

This paper generalizes a specification technique based on input/output relations on streams to describe mobile systems. We consider networks of components communicating asynchronously via unbounded directed channels. Mobility is achieved by allowing the components to communicate channel ports. We distinguish between many-to-many and twovariants of point-to-point communication. The communication paradigms are semantically under-pinned by denotational models. The models are formulated in the context of timed nondeterministic data-flow networks and presented in a step-wise fashion. The emphasis is on capturing the special kind of dynamic hiding characterizing mobile systems. We demonstrate the proposed approachinanumber of small examples.

The primary focus of my research is to develop formal methods and tools which support the modeling and automated analysis of complex computational systems, including software systems, embedded systems and biological systems. To manage complexity we used two complementary approaches: statistical analysis and modular reasoning. For the latter we carefully distinguish between architectural hierarchy, behavioral hierarchy and interaction hierarchy. Moreover, we equip the modeling formalisms and their associated semantics with corresponding hierarchy building operators. To support automated analysis we focused on (software) model checking and testing techniques. In this context, we use statistical methods to derive a novel Monte Carlo model checking algorithm, which allows to trade time and space for precision and confidence in the result. We also exploit behavioral and interaction hierarchies to devise more efficient search routines as well as new modular reasoning techniques. To apply our techniques to a large variety of applications we developed modeling formalisms for both discrete and mixed discrete and continuous systems. In particular, for discrete systems we proposed algebraic techniques, stream processing functions and relations, hierarchic reactive

Data Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 4.5.4 Special Approaches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 4.6 Semantics of Programming Languages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 4.6.1 Semantics of Ada . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 4.6.2 Action Semantics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 4.7 Specification Languages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 4.7.1 Early Algebraic Specification Languages . . . . . . . . . . . . . . . . . . . . . . . . 53 4.7.2 Recent Algebraic Specification Languages . . . . . . . . . . . . . . . . . . . . . . . 55 4.7.3 The Common Framework Initiative. . . . . . . . . . . . . . . . . . . . . . . . . . . 56 5 Methodology 57 5.1 Development Phases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 5.1.1 Applica...

In this report we will present an object oriented programming language for distributed objects. The sublanguage for expressions is taken from a functional programming language. This allows an elegant formulation of both the sequential and concurrent components of distributed programs. After providing a syntax and an informal semantics we will also give a formal sematics based on stream processing functions. Finally, we mention interesting parts of a prototypic implementation for an interpreter for the language. 1 Contents 1

The primary focus of my research is to develop formal methods and tools which support the modeling and automated analysis of complex computational systems, including software systems, embedded systems and biological systems. The main emphasis is on approaches that scale well for realistic applications. My most notable contributions are in: Establishing a noncommutative Cayley-Hamilton theorem for finite automata; Showing that minimal nondeterministic finite automata may be related via linear transformations; Automatically detecting emergent properties in networks of cardiac myocytes; Automatically learning an efficient model for excitable cells; Defining a model checking technique that allows to trade time and space for precision and confidence; Defining compositional models for discrete and hybrid hierarchic automata, together with modular proof rules and search routines; Providing compositional semantics and refinement rules for UML sequence diagrams, and their automatic translation to statecharts; Providing an algebraic foundation of UML-RT in terms of trace categories; Giving a denotational semantics for dynamically reconfigurable systems. My work resulted in a number of publicly available tools, including model checkers jMocha, Hermes, Gmc and Tempo, and hybrid systems simulators Charon and Eha. Below is a brief description of this work, classified by projects and in inverse chronological order. Ongoing projects also contain a summary of future work. Next-Generation Model Checking and Abstract Interpretation: With a Focus on Embedded