Angelic Processes

In the formal modelling of systems, demonic and angelic nondeterminism play fundamental roles as abstraction mechanisms. The angelic nature of a choice pertains to the property of avoiding failure whenever possible. As a concept, angelic choice first appeared in automata theory and Turing machines, where it can be implemented via backtracking. It has traditionally been studied in the refinement calculus, and has proved to be useful in a variety of applications and refinement techniques. Recently it has been studied within relational, multirelational and higher-order models. It has been employed for modelling user interactions, game-like scenarios, theorem proving tactics, constraint satisfaction problems and control systems. When the formal modelling of state-rich reactive systems is considered, it only seems natural that both types of nondeterministic choice should be considered. However, despite several treatments of angelic nondeterminism in the context of process algebras, namely Communicating Sequential Processes, the counterpart to the angelic choice of the refinement calculus has been elusive. In this thesis, we develop a semantics in the relational setting of Hoare and He's Unifying Theories of Programming that enables the characterisation of angelic nondeterminism in CSP. Since CSP processes are given semantics in the UTP via designs, that is, pre and postcondition pairs, we first introduce a theory of angelic designs, and an isomorphic multirelational model, that is suitable for characterising processes. We then develop a theory of reactive angelic designs by enforcing the healthiness conditions of CSP. Finally, by introducing a notion of divergence that can undo the history of events, we obtain a model where angelic choice avoids divergence. This lays the foundation for a process algebra with both nondeterministic constructs, where existing and novel abstract modelling approaches can be considered. The UTP basis of our work makes it applicable in the wider context of reactive systems

Model Checking and Model-Based Testing : Improving Their Feasibility by Lazy Techniques, Parallelization, and Other Optimizations

This thesis focuses on the lightweight formal method of model-based testing for checking safety properties, and derives a new and more feasible approach. For liveness properties, dynamic testing is impossible, so feasibility is increased by specializing on an important class of properties, livelock freedom, and deriving a more feasible model checking algorithm for it. All mentioned improvements are substantiated by experiments