From ACT-ONE to Miranda, a Translation Experiment

It is now almost universally acknowledged that the data language ACT-ONE associated with the formal description technique LOTOS is inappropriate for the purpose of OSI formal description. In response to this the LOTOS restandardisation activity plans to replace ACT-ONE with a functional language. Thus, compatibility between ACT-ONE and the replacement data language becomes an issue. In response to this, we present an experimental investigation of backward compatibility between ACT-ONE and the new LOTOS data language. Specifically, we investigate translating ACT-ONE data types into the functional language Miranda. Miranda has been chosen as it is a widely used functional programming language and it is close in form to the anticipated new data language. This work serves as a ``verification of concept'' for translating ACT-ONE to the E-LOTOS data language. It identifies the bounds on embedding ACT-ONE in a functional data language. In particular, it indicates what can be translated and what cannot be translated. In addition, the paper reveals pertinent issues which can inform the E-LOTOS work. For example, which constructs are needed in E-LOTOS in order to support the class of data type specifications typically made in the LOTOS setting? We conclude with a number of specific recommendations for the E-LOTOS data language

ARM : abstract rewriting machine

Term rewriting is frequently used as implementation technique for algebraic specifications. In this paper we present the abstract term rewriting machine (ARM), which has an extremely compact instruction set and imposes no restrictions on the implemented TRSs. Apart from standard conditional term rewriting, associative lists are supported. ARM code is translated to (ANSI) C; the resulting execution speeds are good (on a sun4, an average of 80000 rewriting steps per second and a maximum of 416000 r/s were measured). Several benchmarks are shown, and related work is discussed in depth

Utilizando LOTOS na concepção formal de uma aplicação para gerência de redes : Especificação e verificação

Este trabalho apresenta um estudo sobre a aplicação da técnica de descrição formal LOTOS na concepção formal de um sistema para gerência de redes denominado Gateway CMIP-SNMP. São apresentados os resultados obtidos durante o trabalho de descrição formal do sistema em LOTOS e durante o desenvolvimento das tarefas de análise, simulação, teste e verificação. Devido ao uso de dados, principalmente para a tarefa de verificação, variadas restrições são impostas pelas ferramentas utilizadas. Tais restrições são abordadas segundo as capacidades e incompatibilidades dessas ferramentas.This work presents a study about the application of the LOTOS formal description technique on the formal conception of a network management system called CMIP-SNMP Gateway. The results reached during the work of the formal description of system using full LOTOS, and during the development of analysis, simutation, test and verification of the specification, are presents. With the use of abstract data types, mostly to the verification task, the tolls presented restrictions. These restrictions are approached by their capacities and incompatibilities.Eje: Procesamiento distribuido y paralelo. Tratamiento de señalesRed de Universidades con Carreras en Informática (RedUNCI

Utilizando LOTOS na concepção formal de uma aplicação para gerência de redes : Especificação e verificação

Este trabalho apresenta um estudo sobre a aplicação da técnica de descrição formal LOTOS na concepção formal de um sistema para gerência de redes denominado Gateway CMIP-SNMP. São apresentados os resultados obtidos durante o trabalho de descrição formal do sistema em LOTOS e durante o desenvolvimento das tarefas de análise, simulação, teste e verificação. Devido ao uso de dados, principalmente para a tarefa de verificação, variadas restrições são impostas pelas ferramentas utilizadas. Tais restrições são abordadas segundo as capacidades e incompatibilidades dessas ferramentas.This work presents a study about the application of the LOTOS formal description technique on the formal conception of a network management system called CMIP-SNMP Gateway. The results reached during the work of the formal description of system using full LOTOS, and during the development of analysis, simutation, test and verification of the specification, are presents. With the use of abstract data types, mostly to the verification task, the tolls presented restrictions. These restrictions are approached by their capacities and incompatibilities.Eje: Procesamiento distribuido y paralelo. Tratamiento de señalesRed de Universidades con Carreras en Informática (RedUNCI

On the Most Suitable Axiomatization of Signed Integers

Part 4: Regular PapersInternational audienceThe standard mathematical definition of signed integers, based on set theory, is not well-adapted to the needs of computer science. For this reason, many formal specification languages and theorem provers have designed alternative definitions of signed integers based on term algebras , by extending the Peano-style construction of unsigned naturals using "zero" and "succ" to the case of signed integers. We compare the various approaches used in CADP, CASL, Coq, Isabelle/HOL, KIV, Maude, mCRL2, PSF, SMT-LIB, TLA+, etc. according to objective criteria and suggest an "optimal" definition of signed integers

Comparative Study of Eight Formal Specifications of the Message Authenticator Algorithm

The Message Authenticator Algorithm (MAA) is one of the first cryptographic functions for computing a Message Authentication Code. Between 1987 and 2001, the MAA was adopted in international standards (ISO 8730 and ISO 8731-2) to ensure the authenticity and integrity of banking transactions. In 1990 and 1991, three formal, yet non-executable, specifications of the MAA (in VDM, Z, and LOTOS) were developed at NPL. Since then, five formal executable specifications of the MAA (in LOTOS, LNT, and term rewrite systems) have been designed at INRIA Grenoble. This article provides an overview of the MAA and compares its formal specifications with respect to common-sense criteria, such as conciseness, readability, and efficiency of code generation.Comment: In Proceedings MARS/VPT 2018, arXiv:1803.0866

Epic and ARM : user's guide

We give a brief introduction to Epic and to ARM (they are discussed in more detail elsewhere). We show how to use the Epic compiler and how to execute ARM code. Then we describe ARM's API (application programmer's interface) which allows ARM to be used as a plug-in library. We describe how to access external functions from ARM and how to add external data types

On Combining Functional Verification and Performance Evaluation using CADP

Considering functional correctness and performance evaluation in a common framework is desirable, both for scientific and economic reasons. In this report, we describe how the CADP toolbox, originally designed for verifying the functional correctness of LOTOS specifications, can also be used for performance evaluation. We illustrate the proposed approach by the performance study of the SCSI-2 bus arbitration protocol

Modélisation et analyse de systèmes asynchrones avec CADP

La conception des systèmes industriels critiques comportant du parallélisme asynchrone nécessite l'utilisation de méthodes formelles, assistées par des outils de vérification adaptés, afin de détecter et corriger les erreurs le plus tôt possible. Dans ce rapport, nous illustrons l'emploi de la boîte à outils CADP pour la modélisation et la vérification formelle de tels systèmes, à travers l'exemple d'une unité dédiée au perçage des pièces métalliques. Nous décrivons en langage LOTOS deux versions différentes de l'unité, régies par un contrôleur principal séquentiel, respectivement parallèle. Ensuite, nous effectuons la génération et la minimisation des deux espaces d'états sous-jacents, ainsi que l'inspection visuelle de celui, plus petit, correspondant à la version équipée du contrôleur séquentiel. Finalement, nous analysons le comportement des deux versions de l'unité de perçage en employant deux méthodes de vérification complémentaires, basées sur les bisimulations (equivalence checking) et les logiques temporelles (model checking)