Essays in Honor of Dines Bjørner and Chaochen Zhou on the Occasion of Their 70th Birthdays
With the Distributed File System Replication component, DFS-R, as the central theme, we present selected protocol problems and validation methods encountered during design and development. DFS-R is currently deployed in various contexts; in Windows Server 2003-R2, Windows Live Messenger (Sharing Folders), and Windows Vista (Meeting spaces). The journey from an initial design sketch to a shipped product...
When engineering software intensive systems the quality of the resulting product depends strictly on the quality of the models used explicitly or implicitly in the engineering process. A rich family of such models has been developed in recent years. We discuss some of these models and describe the requirements for system modeling theories.
We present a denotational semantics for a fully functional subset of the Handel-C hardware compilation language [1], based on the concept of typed assertion traces. We motivate the choice of semantic domains by illustrating the complexities of the behaviour of the language, paying particular attention to the prialt (priority-alternation) construct of Handel-C. We then define the typed assertion traces...
This paper investigates how to apply the techniques on solving semi-algebraic systems to invariant generation of polynomial programs. By our approach, the generated invariants represented as a semi-algebraic system are more expressive than those generated with the well-established approaches in the literature, which are normally represented as a conjunction of polynomial equations. We implement this...
Complexity of software development has to be dealt with by dividing the different aspects and different views of the system and separating different concerns in the design. This implies the need of different modelling notations and tools to support more and more phases of the entire development process. To ensure the correctness of the models produced, the tools therefore need to integrate sophisticated...
We present a verification methodology for cooperating traffic agents covering analysis of cooperation strategies, realization of strategies through control, and implementation of control. For each layer, we provide dedicated approaches to formal verification of safety and stability properties of the design. The range of employed verification techniques invoked to span this verification space includes...
Many extensions of Duration Calculus (DC) have been proposed for handling different aspects of real-time systems. For each extension several different semantics are defined for different time structures which are suitable for different applications and achieve low complexity for the decidability of some properties. Hence, different proof systems have to be developed for reasoning in different calculi...
The present paper suggests a modelling method for relating domain concepts intensionally. The method is based on modelling concepts formally and establishing two ordering connections between objects of the concepts. The former connection, we call the characteristics connection. It is a Galois connection and states how objects of the two concepts, describe each other. The latter connection, we call...
Electronic Government offers citizens and businesses a single interface to all public services, implemented through cross-agency processes and applications. This paper presents a fragment of a software infrastructure that enables agencies to collaborate in the delivery of public services, responsible for automated, process-driven exchange of messages between applications. In addition to basic message...
Our goal is to help the developers of computer-based systems to make informed design decisions on the basis of insights gained from the rigorous analysis of abstract system models. The early work on model-oriented specification has inspired the development of numerous formalisms and tools supporting modelling and analysis. There are also many stories of successful industrial application, often driven...
We present an initial link between Z and JML that has enabled us to use Z/Eves to prove theorems about JML classes. We have applied this to the JML type system and the Java HashMap class from the Java Collections Framework. We present and discuss the issues behind a more general strategy for translation in both directions between Z and JML. This work is a contribution to the Verified Software Repository...
The success of model-based testing, in automating the testing of an implementation given its state-based (or model-based) specification, raises the question of how best the specification can be tweaked in order to facilitate that process. This paper discusses several answers. Motivated by an example from web-based systems, and taking account of the restriction imposed by the testing interface, it...
In this paper we consider a high-level hardware description language Gezel, from which hardware can be synthesized through a translation to VHDL. The language is equipped with a simulator and supports exploration of hardware designs. The language has no semantics and it is difficult to get a deep understanding of many of the constructions. We therefore give a semantic domain for Gezel. Aiming at automated...
This paper describes a complete model-based development and verification approach for railway control systems. For each control system to be generated, the user makes a description of the application-specific parameters in a domain-specific language. This description is automatically transformed into an executable control system model expressed in SystemC. This model is then compiled into object code...
Transaction-based services are increasingly being applied in solving many universal interoperability problems. Compensation is one typical feature for long-running transactions. This paper presents a design matrix model for specifying the behaviour of compensable programs and provides new healthiness conditions to capture these new programming features. The new model for handling exception and compensation...
Well understood methods exist for developing programs from formal specifications. Not only do such methods offer a precise check that certain sorts of deviations from their specifications are absent from implementations but they can also increase the productivity of the development process by careful use of layers of abstraction and refinement in design. These methods, however, presuppose a specification...
Fifteen years ago, it would have been hard to predict just how large a role the software industry would play in the life of a developing country. True, the sale of PC’s had started to grow and access to the Internet was slowly spreading but these were trends in the developed world, far remote from the cities, towns and villages of developing countries. It was in this world of promise and uncertainty...
Design Verification Patterns are formal specifications that define the semantics of design patterns. For each design pattern, the corresponding verification pattern give a set of proof obligations. They must be discharged for a correct implementation of the pattern. Additionally there is a set of properties that may be used in the design and verification of applications that employ the pattern. The...
Appearance of computing machines dates back to the 1940s and their corresponding scientific disciplines, computer science resp. informatics, have arisen in the 1960s. Nevertheless, fighting for appropriate programming and specification languages has not yet come to an end: The Java-programming language and the Abstract State Machines ASM are new and representative specimens which have arisen recently...