The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Formal methods are gradually making their way onto the “shop floor” of software engineering. As part of this process, industrial software developers are conducting trials of formal techniques in realistic projects. This paper describes two such studies: one each from the nuclear and aerospace industries. Both projects stressed the importance of formal specification as a modelling tool in the early...
In recent years, a number of Dutch companies have used the algebraic specification formalism Asf+Sdf. Bank MeesPierson has specified a language for describing interest rate products, their translation into COBOL, and their generation from interactive questionnaires. A consultancy company has specified a language to represent the company's object-oriented models, and the compilation of this language...
This article releases an industrial experiment of using formal methods to conceive, design, develop and test an embedded software in a massproduced device.
There are almost universal complaints that too much research effort goes wasted and never finds application in the industrial world. The complaints are raised symmetrically both by the academia and by the industrial world. This situation becomes even more frustrating in the case of application of formal methods to software engineering: despite formal methods are advocated as a useful tool to enhance...
At FernUniversität we developed a new distance education course on Distributed Software Engineering especially designed for graduate students of the Electrical Engineering faculty. The course focuses on reactive software systems which are increasingly being used to monitor and control safety-related devices and high risk technical processes. Erroneous assumptions and insufficient foresight during...
This paper talks about an ongoing project at Sun Microsystems Laboratories in which the interface definition language IDL of OMG's CORBA environment is extended with formal specification constructs. Tool support is provided to compile the specifications into code that can perform sanity checks to provide an added amount of security in a distributed system. The software engineering industry...
This paper addresses the problem of how to construct refinements of specifications formally and incrementally. The key idea is to use a taxonomy of abstract design concepts, each represented by a design theory An abstract design concept is applied by constructing a specification morphism from its design theory to a requirement specification. Procedures for propagating constraints, computing colimits,...
We give a new semantics for Nuprl's constructive type theory that justifies a useful embedding of the logic of the HOL theorem prover inside Nuprl. The embedding gives Nuprl effective access to most of the large body of formalized mathematics that the HOL community has amassed over the last decade. The new semantics is dramatically simpler than the old, and gives a novel and general way of adding...
We propose a sound and complete free variable semantic tableau method for handling many-sorted preorders in a first order logic, where functions and predicates behave monotonically or antimonotonically. We formulate additional expansion tableau rules as a more efficient alternative to adding the axioms characterizing a preordered structure. Completeness of the system is proved in detail. Examples...
In order to automate proofs by induction a crucial problem that needs to be addressed is to decide on an induction scheme that leads to appropriate induction hypotheses for carrying out the proof. Boyer and Moore proposed in [5] the use of terminating function definitions for generating induction schemes. Inspired by Boyer and Moore's work, Zhang, Kapur and Krishnamoorthy introduced the cover set...
This paper investigates the existence of pushouts in the category of order-sorted algebraic specifications and specification morphisms. As amain result it is shown that the existence can be guaranteed by imposing certain conditions on the specification morphisms. This result is important as the pushout construction is one of the most widely used approaches to combine specifications.
We present a method for implementing abstract data type specifications by object-oriented programs and for proving implementation correctness. The method uses an algebraic description of the semantics of object-oriented programs which allows one to relate an abstract data type specification and its object-oriented implementation within a common formal framework. On this algebraic level the correctness...
A classical result from Redko [20] says that there does not exist a complete finite equational axiomatization for the Kleene star modulo trace equivalence. Fokkink and Zantema [13] showed, by means of a term rewriting analysis, that there does exist a complete finite equational axiomatization for the Kleene star up to strong bisimulation equivalence. This paper presents a simpler and shorter completeness...
Fokkink ((1994) Inf. Process. Lett.52: 333–337) has recently proposed a complete equational axiomatization of strong bisimulation equivalence for MPA δ* (Aτ), i.e., the language obtained by extending Milner's basic CCS with prefix iteration. Prefix iteration is a variation on the original binary version of the Kleene star operation p* ...
We propose a procedure for generating finite axiomatisations of testing preorder of De Nicola and Hennessy for De Simone process language. We also prove that testing preorder is preserved by all De Simone process operators. The usefulness of our results is illustrated in specification and verification of a (small) multi-media system. The important features of the system are suspension, resumption...
We propose a method for proving refinement between programs, based on augmenting the program by ghost (auxiliary) variables and statements that assign values to these variables. We show that, in many cases, this augmentation can replace the need for an explicit refinement mapping from the variables of one system to the private variables of the other system. A novel feature of the proposed methodology...
The typical program verification sytem is a batch tool that accepts as input a program annotated with Floyd-Hoare assertions, performs syntactic and semantic analysis on it, and generates a list of verification conditions that is subsequently submitted to a theorem prover. When a verification condition cannot be proved, this may be due to an error in the program or an inconsistency in the annotations...
Hoare's logic and Dijkstra's predicate transformer calculus have proved adequate for reducing the correctness problem for programs to the validity problem for logical formulas. However, the size of the logical formulas to be validated grows faster than the size of the program, and, even in the propositional case, the validation problem is NP-complete and becomes practically intractable for large programs...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.