Extended ML: Past, present and future

An overview of past, present and future work on the Extended ML formal program development framework is given, with emphasis on two topics of current active research: the semantics of the Extended ML specification language, and tools to support formal program development

A Formal Methodology for Deriving Purely Functional Programs From Z Specifications via the Intermediate Specification Language FunZ.

In recent years, both formal methods and software reuse have been increasingly advocated as a means of alleviating the ills of the software crisis. During this same time period, purely functional programming languages, which have a long history in the realm of rapid prototyping, have emerged as a viable medium for real-world applications. Since these trends are likely to continue, this work describes a methodology that facilitates the derivation of purely functional programs from existing Z specifications. A unique aspect of the methodology is its incorporation of an intermediate specification language (FunZ) during the design phase of software development. Most of the previous techniques for translating Z specifications to functional programs were designed primarily to expedite rapid prototyping. In contrast, the FunZ methodology, which is an adapted form of the IBM Hursley method, is a comprehensive approach, spanning the software life cycle from specification through design to final implementation. Due to its greater scope, the FunZ methodology offers several advantages over existing approaches. First, the specification language integrates features from Z with those of the functional programming paradigm to provide a bridge between Z specifications and functional implementations. Since FunZ is expressly designed to target functional languages, the implementor\u27s job is simplified. In fact, a FunZ document looks like extended Haskell code, so an obvious effect in applying FunZ is that the distance from design to code is reduced. Second, the methodology provides a framework for recording design decisions, which is useful for future maintenance. Within this framework, users may select a development path ranging from an intuitive style to a fully formal approach that includes the proofs of functional refinement. Furthermore, FunZ allows software developers to prove properties about a system design within the realm of Z or Haskell. This means that proofs can be performed throughout software development and the designer is free to select the most appropriate notation. In summary, the intermediate specification language FunZ and its related methodology provide software developers with a complete, formal approach for translating Z specifications to Haskell implementations. Previously, such extensive methods were only available for traditional, imperative languages

Distributed Simulation of High-Level Algebraic Petri Nets

In the field of Petri nets, simulation is an essential tool to validate and evaluate models. Conventional simulation techniques, designed for their use in sequential computers, are too slow if the system to simulate is large or complex. The aim of this work is to search for techniques to accelerate simulations exploiting the parallelism available in current, commercial multicomputers, and to use these techniques to study a class of Petri nets called high-level algebraic nets. These nets exploit the rich theory of algebraic specifications for high-level Petri nets: Petri nets gain a great deal of modelling power by representing dynamically changing items as structured tokens whereas algebraic specifications turned out to be an adequate and flexible instrument for handling structured items. In this work we focus on ECATNets (Extended Concurrent Algebraic Term Nets) whose most distinctive feature is their semantics which is defined in terms of rewriting logic. Nevertheless, ECATNets have two drawbacks: the occultation of the aspect of time and a bad exploitation of the parallelism inherent in the models. Three distributed simulation techniques have been considered: asynchronous conservative, asynchronous optimistic and synchronous. These algorithms have been implemented in a multicomputer environment: a network of workstations. The influence that factors such as the characteristics of the simulated models, the organisation of the simulators and the characteristics of the target multicomputer have in the performance of the simulations have been measured and characterised. It is concluded that synchronous distributed simulation techniques are not suitable for the considered kind of models, although they may provide good performance in other environments. Conservative and optimistic distributed simulation techniques perform well, specially if the model to simulate is complex or large - precisely the worst case for traditional, sequential simulators. This way, studies previously considered as unrealisable, due to their exceedingly high computational cost, can be performed in reasonable times. Additionally, the spectrum of possibilities of using multicomputers can be broadened to execute more than numeric applications