Object orientation without extending Z

The good news of this paper is that without extending Z, we can elegantly specify object-oriented systems, including encapsulation, inheritance and subtype polymorphism (dynamic dispatch). The bad news is that this specification style is rather different to normal Z specifications, more abstract and axiomatic, which means that it is not so well supported by current Z tools such as animators. It also enforces behavioural subtyping, unlike most object-oriented programming languages. This paper explains the proposed style, with examples, and discusses its advantages and disadvantages

The pros and cons of using SDL for creation of distributed services

In a competitive market for the creation of complex distributed services, time to market, development cost, maintenance and flexibility are key issues. Optimizing the development process is very much a matter of optimizing the technologies used during service creation. This paper reports on the experience gained in the Service Creation projects SCREEN and TOSCA on use of the language SDL for efficient service creation

Generic Ada code in the NASA space station command, control and communications environment

The results of efforts to apply powerful Ada constructs to the formatted message handling process are described. The goal of these efforts was to extend the state-of-technology in message handling while at the same time producing production-quality, reusable code. The first effort was initiated in September, 1984 and delivered in April, 1985. That product, the Generic Message Handling Facility, met initial goals, was reused, and is available in the Ada Repository on ARPANET. However, it became apparent during its development that the initial approach to building a message handler template was not optimal. As a result of this initial effort, several alternate approaches were identified, and research is now on-going to identify an improved product. The ultimate goal is to be able to instantly build a message handling system for any message format given a specification of that message format. The problem lies in how to specify the message format, and one that is done, how to use that information to build the message handler. Message handling systems and message types are described. The initial efforts, its results and its shortcomings are detailed. The approach now being taken to build a system which will be significantly easier to implement, and once implemented, easier to use, is described. Finally, conclusions are offered

A Dual-Engine for Early Analysis of Critical Systems

This paper presents a framework for modeling, simulating, and checking properties of critical systems based on the Alloy language -- a declarative, first-order, relational logic with a built-in transitive closure operator. The paper introduces a new dual-analysis engine that is capable of providing both counterexamples and proofs. Counterexamples are found fully automatically using an SMT solver, which provides a better support for numerical expressions than the existing Alloy Analyzer. Proofs, however, cannot always be found automatically since the Alloy language is undecidable. Our engine offers an economical approach by first trying to prove properties using a fully-automatic, SMT-based analysis, and switches to an interactive theorem prover only if the first attempt fails. This paper also reports on applying our framework to Microsoft's COM standard and the mark-and-sweep garbage collection algorithm.Comment: Workshop on Dependable Software for Critical Infrastructures (DSCI), Berlin 201

A Type Language for Calendars

Time and calendars play an important role in databases, on the Semantic Web, as well as in mobile computing. Temporal data and calendars require (specific) modeling and processing tools. CaTTS is a type language for calendar definitions using which one can model and process temporal and calendric data. CaTTS is based on a "theory reasoning" approach for efficiency reasons. This article addresses type checking temporal and calendric data and constraints. A thesis underlying CaTTS is that types and type checking are as useful and desirable with calendric data types as with other data types. Types enable (meaningful) annotation of data. Type checking enhances efficiency and consistency of programming and modeling languages like database and Web query languages

Redevelopment of an industrial case study using Event-B and Rodin

CDIS is a commercial air traffic information system that was developed using formal methods 15 years ago by Praxis, and it is still in operation today. This system is an example of an industrial scale system that has been developed using formal methods. In particular, the functional requirements of the system were specified using VVSL -- a variant of VDM. A subset of the original specification has been chosen to be reconstructed on the Rodin platform based on the new Event-B formalism. The goal of our reconstruction was to overcome three key difficulties of the original formalisation, namely the difficulty of comprehending the original specification, the lack of any mechanical proof of the consistency of the specification and the difficulty of dealing with distribution and atomicity refinement. In this paper we elucidate how a new formal notation and tool can help to overcome these difficulties

The Space Object Ontology

Achieving space domain awareness requires the identification, characterization, and tracking of space objects. Storing and leveraging associated space object data for purposes such as hostile threat assessment, object identification, and collision prediction and avoidance present further challenges. Space objects are characterized according to a variety of parameters including their identifiers, design specifications, components, subsystems, capabilities, vulnerabilities, origins, missions, orbital elements, patterns of life, processes, operational statuses, and associated persons, organizations, or nations. The Space Object Ontology provides a consensus-based realist framework for formulating such characterizations in a computable fashion. Space object data are aligned with classes and relations in the Space Object Ontology and stored in a dynamically updated Resource Description Framework triple store, which can be queried to support space domain awareness and the needs of spacecraft operators. This paper presents the core of the Space Object Ontology, discusses its advantages over other approaches to space object classification, and demonstrates its ability to combine diverse sets of data from multiple sources within an expandable framework. Finally, we show how the ontology provides benefits for enhancing and maintaining longterm space domain awareness

Conceptual fit: A criterion for COTS selection

COTS systems selection consists in evaluating the user requirements with respect to characteristics of candidate systems, using a set of criteria. One criterion that has received little attention is what we call conceptual fit. The criterion assesses the fit between the conceptual structure of the user requirements and that of a system. We evaluate the fit in terms of the existing misfits. We formally define the notion of conceptual misfit and we present a method that determines the conceptual misfits between the user requirements and a set of candidate systems. The method consists in defining a superschema, the mapping of the conceptual schemas of the candidate systems and of the user requirements to that superschema, and the automatic computation of the existing conceptual misfits. The method has been formalized in UML/OCL. We have conducted an exploratory experiment with the aim of evaluating the feasibility, difficulty and usefulness of the method, with positive results. We believe that the conceptual fit criterion could be taken into account by almost all existing COTS selection methods.Preprin