Equivalence associée à la relation de conformité "conf" et simplification du testeur canonique en LOTOS

peer reviewe

The existence of refinement mappings

AbstractRefinement mappings are used to prove that a lower-level specification correctly implements a higher-level one. We consider specifications consisting of a state machine (which may be infinite- state) that specifies safety requirements, and an arbitrary supplementary property that specifies liveness requirements. A refinement mapping from a lower-level specification S1 to a higher-level one S2 is a mapping from S1's state space to S2's state space. It maps steps of S1's state machine to steps of S2's state machine and maps behaviors allowed by S1 to behaviors allowed by S2. We show that, under reasonable assumptions about the specification, if S1 implements S2, then by adding auxiliary variables to S1 we can guarantee the existence of a refinement mapping. This provides a completeness result for a practical, hierarchical specification method

Verification of a distributed summation algorithm

A correctness proof of a variant of Segall's Propagation of Information with Feedback protocol is presented. The proof, which is carried out within the I/O automata model of Lynch and Tuttle, is standard except for the use of a prophecy variable. The aim of this paper is to show that, unlike what has been suggested in the literature, assertional methods based on invariant reasoning support an intuitive way to think about and understand this algorithm

Analysis and synthesis of communication protocols and systems

Includes GIT-ICS report no. 85/32Issued as Quarterly progress reports [nos. 1-5], and Final report, Project no. G-36-62

Protocol engineering from Estelle specifications

Bibliography: leaves 129-132.The design of efficient, reliable communication protocols has long been an area of active research in computer science and engineering, and will remain so while the technology continues to evolve, and information becomes increasingly distributed. This thesis examines the problem of predicting . the performance of a multi-layered protocol system directly from formal specifications in the ISO specification language Estelle, a general-purpose Pascal-based language with support for concurrent processes in the form of communicating extended finite-state machines. The thesis begins with an overview of protocol engineering, and a discusses the areas of performance evaluation and protocol specification. Important parts of the mathematics of discrete-time semi-Markov processes are presented to assist in understanding the approaches to performance evaluation described later. Not much work has been done to date in the area of performance prediction from specifications. The idea was first mooted by Rudin, who illustrated it with a simple model based on the global state reachability graph of a set of synchronous communicating FSMs. About the same time Kritzinger proposed a closed multiclass queueing model. Both of these approaches are described, and their respective strengths and weaknesses pointed out. Two new methods are then presented. They have been implemented as part of an Estelle-based CASE tool, the Protocol Engineering Workbench (PE!V). In the first approach, we show how discrete-time semi-Markov chain models can be derived from meta-executions of Estelle specifications, and consider ways of using these models predictively. The second approach uses a structure similar to a global-state graph. Many of the limitations of Rudin's approach are overcome, and our technique produces highly accurate performance predictions. The PEW is also described in some detail, and its use in performance evaluation illustrated with some examples. The thesis concludes with a discussion of the strengths and weaknesses of the new methods, and possible ways of improving them