CoFI: The Common Framework Initiative for Algebraic Specification and Development

An open collaborative effort has been initiated: to design acommon framework for algebraic specification and development of software. The rationale behind this initiative is that the lack of such a common framework greatly hinders the dissemination and application of researchresults in algebraic specification. In particular, the proliferationof specification languages, some differing in only quite minor ways from each other, is a considerable obstacle for the use of algebraic methods in industrial contexts, making it difficult to exploit standard examples, case studies and training material. A common framework with widespread acceptancethroughout the research community is urgently needed.The aim is to base the common framework as much as possible on a critical selection of features that have already been explored in various contexts. The common framework will provide a family of specificationlanguages at different levels: a central, reasonably expressive language, called CASL, for specifying (requirements, design, and architecture of) conventional software; restrictions of CASL to simpler languages, for use primarily in connection with prototyping and verification tools; and extensionsof CASL, oriented towards particular programming paradigms,such as reactive systems and object-based systems. It should also be possibleto embed many existing algebraic specification languages in members of the CASL family. A tentative design for CASL has already been proposed. Task groupsare studying its formal semantics, tool support, methodology, and other aspects, in preparation for the finalization of the design

CASL for ASF+SDF Users

Casl is an expressive language for the algebraic specificationof software requirements, design, and architecture. It has beendeveloped by an open collaborative effort called CoFI (CommonFramework Initiative for algebraic specification and development).Casl combines the best features of many previous algebraic specification languages, and it is hoped that it may provide a focus for future research and development in the use of algebraic techniques, as well being attractive for industrial use.This paper presents Casl for users of the Asf+Sdf framework.It shows how familiar constructs of Asf+Sdf may bewritten in Casl, and considers some problems that may arisewhen translating specifications from Asf+Sdf to Casl. It thenexplains and motivates various Casl constructs that cannot beexpressed directly in Asf+Sdf. Finally, it discusses the role thatthe Asf+Sdf system might play in connection with tool supportfor Casl

Abstraction Barriers and Refinement in the Polymorphic Lambda Calculus

This thesis examines specification refinement in the setting of polymorphic type theory and a complementary logic for relational parametricity. The starting point is the specification of abstract data types as done in the discipline of algebraic specification. Here, algebras are seen to match the standard notion of data type, i.e., a data representation together with operations on that data representation. An abstract data type is then a collection of data types sharing some well-defined abstract properties. In algebraic specification, these properties are specified algebraically by axioms in some suitable logic. Specification refinement then encompasses the idea that high-level specifications may be stepwise refined to executable programs that satisfy the initial specification; all in the framework of formal language and logic. This makes certain aspects of program development amenable to formal, computer-aided proofs of correctness. On the other hand, the discipline of type theory, lambda calculus, and its semantics is the prime field for research on programming languages. This framework is capable of characterising essentially any existing sequential programming-language feature, also advanced features such as recursive types, polymorphism and class-based object orientation. Furthermore, type theory provides a powerful framework for mechanised reasoning. This thesis is a contribution to lifting the idea of algebraic specification refinement into the more powerful domain of type theory and lambda calculus, thus giving the opportunity to expand in a sensible way a traditionally first order and functional framework to a wider range of programming aspects. We take a particular account of specification refinement and express it in a type-theoretic setting consisting of the polymorphic lambda calculus and a logic for relational parametricity. Key elements of algebraic specification are internalised in the syntax, e.g., data types viz. algebras are inhabitants of existential type, the latter providing essential data abstraction. For data types with only first-order operations, this setting automatically resolves certain issues of specification refinement, such as observational equivalence, stability and input sorts. After establishing a correspondence at first order, thus implanting the idea of algebraic specification refinement into the type-theoretic setting, the scene is set for lifting the idea of algebraic specification refinement to any number of programming features. In this thesis we focus on the generalisations to higher-order functions and to polymorphism. A simulation relation between two data types is a relation between their data representations that is preserved by their respective sets of operations. Using simulation relations is a classical way of explaining data refinement and observational equivalence. This combines with specification refinement to form specification refinement up to observational equivalence. With higher-order operations, however, we encounter in the logic a phenomenon related to what happens on the semantic level, i.e., the standard notion of refinement relation in the form of logical relations does not compose and the correspondence with observational equivalence is lost. In the logic it turns out that the standard notion of simulation relation fails to take into account a certain aspect of the abstraction barrier provided by existential types. We remedy this by proposing an alternative notion of simulation relation that observes this abstraction barrier more closely. We do this in two related ways; one relates to syntactic models while the other relates to a non-syntactic PER-model more apt for interpretive investigations. In algebraic specification, there is a universal proof method for specification refinement up to observational equivalence. This method can be imported soundly into the type-theoretic setting by asserting certain axioms. At first order, showing soundness for these axioms is straight-forward w.r.t. the standard parametric PER model for the logic. At higher order there are two problems. First, these axioms seemingly do not hold in the standard model. Secondly, the axioms speak in terms of simulation relations. At higher order, it is pertinent to have versions of the axioms featuring the abstraction barrier-observing simulation relations above, and to prove soundness for these poses an additional challenge. We show that the pure higher-order aspect of this problem can be solved by giving a setoid-based semantics. For the remaining task, we continue working from the observation that standard definitions do not observe abstraction barriers closely enough. Hence, we propose an alternative interpretation into the PER-model for data types that captures the abstraction barrier provided by existential types. The main contribution of this thesis is thus in generalising a prominent account of specification refinement to higher order and polymorphism via type theory incorporating relational parametricity. We also shed light on short-comings in the logic, as well as in the standard semantics, regarding the abstraction barrier provided by existential types. Two central contributions, namely abstraction barrier-observing simulation relations and abstraction barrier-observing semantics for data types, are the result of observing these short-comings. Finally, the work in this thesis also lays a foundation on which to adapt specification refinement to an object-oriented setting, because the theoretical concepts underlying object orientation can be seen as extensions of those for abstract data types

Testing from Structured Algebraic Specifications: The Oracle Problem

Work in the area of specification-based testing has pointed out that testing can be effectively used to verify programs against formal specifications. The aim is to derive test information from formal specifications so that testing can be rigorously applied whenever full formal verification is not cost-effective. However, there are still several obstacles to be overcome in order to establish testing as a standard in formal frameworks. Accurate interpretation of test results is an extremely critical one. This thesis is concerned with testing programs against structured algebraic specifications where axioms are expressed in first-order logic with equations, the usual connectives and quantifiers. The main issue investigated is the so-called oracle problem, that is, whether a decision procedure can be defined for interpreting the results of tests according to a formal specification. In this context, testing consists in checking whether specification axioms are satisfied by programs. Consequently, tests exercise operations referred to by the axioms and oracles evaluate the axioms according to the results produced by the tests. The oracle problem for flat (unstructured) specifications often reduces to the problem of comparing two values of a non-observable sort, namely the equality problem, and also how to deal with quantifiers which may demand infinite test sets. Equality on non-observable sorts is interpreted up to behavioural equivalence with observational equivalence as an important special case. However, a procedure for implementing such a behavioural equality may be hard to define or even impossible. In this thesis, a solution to the oracle problem for flat specifications is presented which tackles the equality problem by using a pair of approximate equalities, one finer than behavioural equality and one coarser, and taking the syntactic position of quantifiers in formulae into account. Additionally, when structured specifications are considered, the oracle problem can be harder. The reason is that specifications may be composed of parts over different signatures, and the structure must be taken into account in order to interpret test results according to specification axioms. Also, an implementation of hidden (non-exported) symbols may be required in order to check axioms which refer to them. Two solutions to the oracle problem for structured specifications are presented in this thesis based on a compositional and a non-compositional style of testing, namely structured testing and flat testing respectively. Structured testing handles the oracle problem more effectively than flat testing and under fewer assumptions. Furthermore, testing from structured specifications may require an approach which lies in between flat and structured testing. Therefore, based on normalisation of ordinary specifications, three normal forms are presented for defining a more practical and combined approach to testing and also coping more effectively with the oracle problem. The use of normal forms gives rise to a style of testing called semi-structured testing where some parts of the specification are replaced by normal forms and the result is checked using structured testing. Testing from normal forms can be very convenient whenever the original specification is too complex or oracles cannot be defined from it

Foundations of Software Science and Computation Structures

This open access book constitutes the proceedings of the 22nd International Conference on Foundations of Software Science and Computational Structures, FOSSACS 2019, which took place in Prague, Czech Republic, in April 2019, held as part of the European Joint Conference on Theory and Practice of Software, ETAPS 2019. The 29 papers presented in this volume were carefully reviewed and selected from 85 submissions. They deal with foundational research with a clear significance for software science

Foundations of Software Science and Computation Structures

This open access book constitutes the proceedings of the 23rd International Conference on Foundations of Software Science and Computational Structures, FOSSACS 2020, which took place in Dublin, Ireland, in April 2020, and was held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2020. The 31 regular papers presented in this volume were carefully reviewed and selected from 98 submissions. The papers cover topics such as categorical models and logics; language theory, automata, and games; modal, spatial, and temporal logics; type theory and proof theory; concurrency theory and process calculi; rewriting theory; semantics of programming languages; program analysis, correctness, transformation, and verification; logics of programming; software specification and refinement; models of concurrent, reactive, stochastic, distributed, hybrid, and mobile systems; emerging models of computation; logical aspects of computational complexity; models of software security; and logical foundations of data bases.

Foundations of Software Science and Computation Structures

This open access book constitutes the proceedings of the 23rd International Conference on Foundations of Software Science and Computational Structures, FOSSACS 2020, which took place in Dublin, Ireland, in April 2020, and was held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2020. The 31 regular papers presented in this volume were carefully reviewed and selected from 98 submissions. The papers cover topics such as categorical models and logics; language theory, automata, and games; modal, spatial, and temporal logics; type theory and proof theory; concurrency theory and process calculi; rewriting theory; semantics of programming languages; program analysis, correctness, transformation, and verification; logics of programming; software specification and refinement; models of concurrent, reactive, stochastic, distributed, hybrid, and mobile systems; emerging models of computation; logical aspects of computational complexity; models of software security; and logical foundations of data bases.