107,167 research outputs found
Refinement by interpretation in {\pi}-institutions
The paper discusses the role of interpretations, understood as multifunctions
that preserve and reflect logical consequence, as refinement witnesses in the
general setting of pi-institutions. This leads to a smooth generalization of
the refinement-by-interpretation approach, recently introduced by the authors
in more specific contexts. As a second, yet related contribution a basis is
provided to build up a refinement calculus of structured specifications in and
across arbitrary pi-institutions.Comment: In Proceedings Refine 2011, arXiv:1106.348
Correct and Efficient Antichain Algorithms for Refinement Checking
The notion of refinement plays an important role in software engineering. It
is the basis of a stepwise development methodology in which the correctness of
a system can be established by proving, or computing, that a system refines its
specification. Wang et al. describe algorithms based on antichains for
efficiently deciding trace refinement, stable failures refinement and
failures-divergences refinement. We identify several issues pertaining to the
soundness and performance in these algorithms and propose new, correct,
antichain-based algorithms. Using a number of experiments we show that our
algorithms outperform the original ones in terms of running time and memory
usage. Furthermore, we show that additional run time improvements can be
obtained by applying divergence-preserving branching bisimulation minimisation
Atomic Action Refinement in Model Based Testing
In model based testing (MBT) test cases are derived from a specification of the system that we want to test. In general the specification is more abstract than the implementation. This may result in 1) test cases that are not executable, because their actions are too abstract (the implementation does not understand them); or 2) test cases that are incorrect, because the specification abstracts from relevant behavior. The standard approach to remedy this problem is to rewrite the specification by hand to the required level of detail and regenerate the test cases. This is error-prone and time consuming. Another approach is to do some translation during test execution. This solution has no basis in the theory of MBT. We propose a framework to add the required level of detail automatically to the abstract specification and/or abstract test cases.\ud
\ud
This paper focuses on general atomic action refinement. This means that an abstract action is replaced by more complex behavior (expressed as a labeled transition system). With general we mean that we impose as few restrictions as possible. Atomic means that the actions that are being refined behave as if they were atomic, i.e., no other actions are allowed to interfere
Redevelopment of an industrial case study using Event-B and Rodin
CDIS is a commercial air traffic information system that was developed using formal methods 15 years ago by Praxis, and it is still in operation today. This system is an example of an industrial scale system that has been developed using formal methods. In particular, the functional requirements of the system were specified using VVSL -- a variant of VDM. A subset of the original specification has been chosen to be reconstructed on the Rodin platform based on the new Event-B formalism. The goal of our reconstruction was to overcome three key difficulties of the original formalisation, namely the difficulty of comprehending the original specification, the lack of any mechanical proof of the consistency of the specification and the difficulty of dealing with distribution and atomicity refinement. In this paper we elucidate how a new formal notation and tool can help to overcome these difficulties
Event Systems and Access Control
We consider the interpretations of notions of access control (permissions,
interdictions, obligations, and user rights) as run-time properties of
information systems specified as event systems with fairness. We give proof
rules for verifying that an access control policy is enforced in a system, and
consider preservation of access control by refinement of event systems. In
particular, refinement of user rights is non-trivial; we propose to combine
low-level user rights and system obligations to implement high-level user
rights
Modal logics for reasoning about object-based component composition
Component-oriented development of software supports the adaptability and maintainability of large systems, in particular if requirements change over time and parts of a system have to be modified or replaced. The software architecture in such systems can be described by components
and their composition. In order to describe larger architectures, the composition concept becomes crucial. We will present a formal framework for component composition for object-based software development. The deployment of modal logics for defining components and component composition will allow us to reason about and prove properties of components and compositions
Weighted Modal Transition Systems
Specification theories as a tool in model-driven development processes of
component-based software systems have recently attracted a considerable
attention. Current specification theories are however qualitative in nature,
and therefore fragile in the sense that the inevitable approximation of systems
by models, combined with the fundamental unpredictability of hardware
platforms, makes it difficult to transfer conclusions about the behavior, based
on models, to the actual system. Hence this approach is arguably unsuited for
modern software systems. We propose here the first specification theory which
allows to capture quantitative aspects during the refinement and implementation
process, thus leveraging the problems of the qualitative setting.
Our proposed quantitative specification framework uses weighted modal
transition systems as a formal model of specifications. These are labeled
transition systems with the additional feature that they can model optional
behavior which may or may not be implemented by the system. Satisfaction and
refinement is lifted from the well-known qualitative to our quantitative
setting, by introducing a notion of distances between weighted modal transition
systems. We show that quantitative versions of parallel composition as well as
quotient (the dual to parallel composition) inherit the properties from the
Boolean setting.Comment: Submitted to Formal Methods in System Desig
- âŠ