Redevelopment of an industrial case study using Event-B and Rodin

CDIS is a commercial air traffic information system that was developed using formal methods 15 years ago by Praxis, and it is still in operation today. This system is an example of an industrial scale system that has been developed using formal methods. In particular, the functional requirements of the system were specified using VVSL -- a variant of VDM. A subset of the original specification has been chosen to be reconstructed on the Rodin platform based on the new Event-B formalism. The goal of our reconstruction was to overcome three key difficulties of the original formalisation, namely the difficulty of comprehending the original specification, the lack of any mechanical proof of the consistency of the specification and the difficulty of dealing with distribution and atomicity refinement. In this paper we elucidate how a new formal notation and tool can help to overcome these difficulties

An incremental development of the Mondex system in Event-B

A development of the Mondex system was undertaken using Event-B and its associated proof tools. An incremental approach was used whereby the refinement between the abstract specification of the system and its detailed design was verified through a series of refinements. The consequence of this incremental approach was that we achieved a very high degree of automatic proof. The essential features of our development are outlined. We also present some modelling and proof guidelines that we found helped us gain a deep understanding of the system and achieve the high degree of automatic proo

Guarded atomic actions and refinement in a system-on-chip development flow: bridging the specification gap with Event-B

Modern System-on-chip (SoC) hardware design puts considerable pressure on existing design and verification flows, languages and tools. The Register Transfer Level (RTL)description, which forms the input for synchronous, logic synthesis-driven design is at too low a level of abstraction for efficient architectural exploration and re-use. The existing methods for taking a high-level paper specification and refining this specification to an implementation that meets its performance criteria is largely manual and error-prone and as RTL descriptions get larger, a systematic design method is necessary to address explicitly the timing issues that arise when applying logic synthesis to such large blocks.Guarded Atomic Actions have been shown to offer a convenient notation for describing microarchitectures that is amenable to formal reasoning and high-level synthesis. Event-B is a language and method that supports the development of specifications with automatic proof and refinement, based on guarded atomic actions. Latency-insensitive design ensures that a design composed of functionally correct components will be independent of communication latency. A method has been developed which uses Event-B for latency-insensitive SoC component and sub-system design which can be combined with high-level, component synthesis to enable architectural exploration and re-use at the specification level and to close the specification gap in the SoC hardware flow

An Incremental Process for the Development of Multi-agent Systems in Event-B

A multi-agent system is a group of software or hardware agents that cooperate or compete to achieve individual or shared goals. A method for developing a multi-agent system must be capable of modelling the concepts that are central to multi-agent systems. These concepts are identified in a review of Agent Oriented Software Engineering methodologies. The rigorous development of complex systems using formal methods can reduce the number of design faults. Event-B is a formal method for modelling and reasoning about reactive and distributed systems. There is currently no method that guides the developer specifically in the modelling of agent-based concepts in Event-B. The use of formal methods is seen by some developers as inaccessible. This thesis presents an Incremental Development Process for the development of multi-agent systems in Event-B. Development following the Incremental Development Process begins with the construction of informal models, based on agent concepts. The informal models relate system goals using a set of relationships. The developer is provided with guidance to construct formal Event-B models based on the informal design. The concepts that are central to multi-agent systems are captured in the Event-B models through the translation from the goal models. The Event-B models are refined and decomposed into specifications of roles that will be performed by the agents of the system. Two case studies illustrate how the Incremental Development Process can be applied to multi-agent systems. An additional aid to the developer presented in this thesis is a set of modelling patterns that provide fault-tolerance for Event-B models of interacting agents

Formal patterns for Web-based systems design

The ubiquitous and simple interface of Web browsers has opened the door for the devel- opment of a new class of distributed applications which they have been known as Web applications. As more and more systems become Web-enabled we become increasingly dependent on the Web applications. Therefore, reliability of such systems is a very crucial factor for successful operation of many modern organisations and institutes. In the ¯rst part of this thesis we review how Web systems have evolved from simple static pages, in their early days, to their current situation as distributed applications with sophisticated functionalities. We also ¯nd out how the design methods have evolved to align with the rapid changes both in the new emerging technologies and growing functionalities. Although design approaches for Web applications have improved during the last decade we conclude that dependability should be given more consideration. In Chapter 2 we explain how this could be achieved through the application of formal methods. Therefore, we have provided an overview of dependability and formal methods in this chapter. In the second part of this research we follow a practical approach to the formal modelling of Web Applications. Accordingly, in Chapter 3 we have developed a series of formal models for an integrated holiday booking system. Our main objectives are to gain some common knowledge of the domain and to identify some key areas and features with regard to our formal modelling approach. Formal modelling of large Web applications could be a very complex process. In Chapter 4 we have introduced the idea of formal patterns for speci¯cation and re¯nement to accelerate the modelling process and to help alleviate the burden of formal modelling. In a further attempt to tackle the complexity of the formal modelling of Web applica- tions, we have introduced the idea of speci¯cation partitioning in Chapter 5. Speci¯- cation partitioning is closely related to the notion of composition. In this chapter we have extended some CSP-like composition techniques to build the system speci¯cation from subsystems or parts. The summary of our research, related ¯ndings and some suggestions for the future work are presented in Chapter 6.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

An incremental process for the development of multi-agent systems in Event-B

A multi-agent system is a group of software or hardware agents that cooperate or compete to achieve individual or shared goals. A method for developing a multi-agent system must be capable of modelling the concepts that are central to multi-agent systems. These concepts are identified in a review of Agent Oriented Software Engineering methodologies. The rigorous development of complex systems using formal methods can reduce the number of design faults. Event-B is a formal method for modelling and reasoning about reactive and distributed systems. There is currently no method that guides the developer specifically in the modelling of agent-based concepts in Event-B. The use of formal methods is seen by some developers as inaccessible. This thesis presents an Incremental Development Process for the development of multi-agent systems in Event-B. Development following the Incremental Development Process begins with the construction of informal models, based on agent concepts. The informal models relate system goals using a set of relationships. The developer is provided with guidance to construct formal Event-B models based on the informal design. The concepts that are central to multi-agent systems are captured in the Event-B models through the translation from the goal models. The Event-B models are refined and decomposed into specifications of roles that will be performed by the agents of the system. Two case studies illustrate how the Incremental Development Process can be applied to multi-agent systems. An additional aid to the developer presented in this thesis is a set of modelling patterns that provide fault-tolerance for Event-B models of interacting agents.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

A Proposal for Records in Event-B

The B method is a well known approach to the formal specification and development of sequential computer programs. Inspired by action systems, the B method has evolved to incorporate system modelling and distributed system development. This extension is called Event-B. Even though several of the structuring mechanisms of the original B method are absent from Event-B, the desire to define and maintain structured data persists. We propose the introduction of records to Event-B for this purpose. Our approach upholds the refinement principles of Event-B by allowing the stepwise development of records too