Refinement Calculus of Reactive Systems

Refinement calculus is a powerful and expressive tool for reasoning about sequential programs in a compositional manner. In this paper we present an extension of refinement calculus for reactive systems. Refinement calculus is based on monotonic predicate transformers, which transform sets of post-states into sets of pre-states. To model reactive systems, we introduce monotonic property transformers, which transform sets of output traces into sets of input traces. We show how to model in this semantics refinement, sequential composition, demonic choice, and other semantic operations on reactive systems. We use primarily higher order logic to express our results, but we also show how property transformers can be defined using other formalisms more amenable to automation, such as linear temporal logic (suitable for specifications) and symbolic transition systems (suitable for implementations). Finally, we show how this framework generalizes previous work on relational interfaces so as to be able to express systems with infinite behaviors and liveness properties

Predicate Transformers and Higher Order Logic

Predicate transformers are formalized in higher order logic. This gives a basis for mechanized reasoning about total correctness and refinement of programs. The notions of program variables and logical variables are explicated in the formalization. We show how to describe common program constructs, such as assignment statements, sequential and conditional composition, iteration, recursion, blocks and procedures with parameters, axe described as predicate transformers in this framework. We also describe some specification oriented constructs, such as assert statements, guards and nondeterministic assignments. The monotonicity of these constructs over the lattice of predicates is proved, as well as the monotonicity of the statement constructors with respect to the refinement ordering on predicate transformers

On a New Notion of Partial Refinement

Formal specification techniques allow expressing idealized specifications, which abstract from restrictions that may arise in implementations. However, partial implementations are universal in software development due to practical limitations. Our goal is to contribute to a method of program refinement that allows for partial implementations. For programs with a normal and an exceptional exit, we propose a new notion of partial refinement which allows an implementation to terminate exceptionally if the desired results cannot be achieved, provided the initial state is maintained. Partial refinement leads to a systematic method of developing programs with exception handling.Comment: In Proceedings Refine 2013, arXiv:1305.563

Weakest Preconditions for Progress

Predicate transformers that map the postcondition and all intermediate conditions of a command to a precondition are introduced. They can be used to specify certain progress properties of sequential programs