A Unary Semigroup Trace Algebra

The Unifying Theories of Programming (UTP) of Hoare and He promote the unification of semantics catering for different concerns, such as, termination, data modelling, concurrency and time. Process calculi like Circus and CSP can be given semantics in the UTP using reactive designs whose traces can be abstractly specified using a monoid trace algebra. The prefix order over traces is defined in terms of the monoid operator. This order, however, is inadequate to characterise a broader family of timed process algebras whose traces are preordered instead. To accommodate these, we propose a unary semigroup trace algebra that is weaker than the monoid algebra. This structure satisfies some of the axioms of restriction semigroups and is a right P-Ehresmann semigroup. Reactive designs specified using it satisfy core laws that have been mechanised so far in Isabelle/UTP. More importantly, our results improve the support for unifying trace models in the UTP

Angelic Processes

In the formal modelling of systems, demonic and angelic nondeterminism play fundamental roles as abstraction mechanisms. The angelic nature of a choice pertains to the property of avoiding failure whenever possible. As a concept, angelic choice first appeared in automata theory and Turing machines, where it can be implemented via backtracking. It has traditionally been studied in the refinement calculus, and has proved to be useful in a variety of applications and refinement techniques. Recently it has been studied within relational, multirelational and higher-order models. It has been employed for modelling user interactions, game-like scenarios, theorem proving tactics, constraint satisfaction problems and control systems. When the formal modelling of state-rich reactive systems is considered, it only seems natural that both types of nondeterministic choice should be considered. However, despite several treatments of angelic nondeterminism in the context of process algebras, namely Communicating Sequential Processes, the counterpart to the angelic choice of the refinement calculus has been elusive. In this thesis, we develop a semantics in the relational setting of Hoare and He's Unifying Theories of Programming that enables the characterisation of angelic nondeterminism in CSP. Since CSP processes are given semantics in the UTP via designs, that is, pre and postcondition pairs, we first introduce a theory of angelic designs, and an isomorphic multirelational model, that is suitable for characterising processes. We then develop a theory of reactive angelic designs by enforcing the healthiness conditions of CSP. Finally, by introducing a notion of divergence that can undo the history of events, we obtain a model where angelic choice avoids divergence. This lays the foundation for a process algebra with both nondeterministic constructs, where existing and novel abstract modelling approaches can be considered. The UTP basis of our work makes it applicable in the wider context of reactive systems

Angelic Processes for CSP via the UTP

Demonic and angelic nondeterminism play fundamental roles as abstraction mechanisms for formal modelling. In contrast with its demonic counterpart, in an angelic choice failure is avoided whenever possible. Although it has been extensively studied in refinement calculi, in the context of process algebras, and of the Communicating Sequential Processes (CSP) algebra for refinement, in particular, it has been elusive. We show here that a semantics for an extended version of CSP that includes both demonic and angelic choice can be provided using Hoare and He's Unifying Theories of Programming (UTP). Since CSP is given semantics in the UTP via reactive designs (pre and postcondition pairs) we have developed a theory of angelic designs and a conservative extension of the CSP theory using reactive angelic designs. To characterise angelic nondeterminism appropriately in an algebra of processes, however, a notion of divergence that can undo the history of events needs to be considered. Taking this view, we present a model for CSP where angelic choice completely avoids divergence just like in the refinement calculi for sequential programs

Isabelle/UTP: Mechanised Theory Engineering for the UTP

Isabelle/UTP is a mechanised theory engineering toolkit based on Hoare and He’s Unifying Theories of Programming (UTP). UTP enables the creation of denotational, algebraic, and operational semantics for different programming languages using an alphabetised relational calculus. We provide a semantic embedding of the alphabetised relational calculus in Isabelle/HOL, including new type definitions, relational constructors, automated proof tactics, and accompanying algebraic laws. Isabelle/UTP can be used to both capture laws of programming for different languages, and put these fundamental theorems to work in the creation of associated verification tools, using calculi like Hoare logics. This document describes the relational core of the UTP in Isabelle/HOL

Laws of Timed State Machines

State machines are widely used in industry and academia to capture behavioural models of control. They are included in popular notations, such as UML and its variants, and used (sometimes informally) to describe computational artefacts. In this paper, we present laws for state machines that we prove sound with respect to a process algebraic semantics for refinement, and complete, in that they are sufficient to reduce an arbitrary model to a normal form that isolates basic (action and control) elements. We consider two variants of UML-like state machines, both enriched with facilities to deal with time budgets, timeouts and deadlines over triggers and actions. In the first variant, machines are self-contained components, declaring all the variables, events and operations that they require or define. In contrast, in the second variant, machines are open, like in UML for instance. Laws for open state machines do not depend on a specific context of variables, events and operations, and normalization uses a novel operator for open-machine (de)composition. Our laws can be used in behaviour-preservation transformation techniques. Their applications are automated by a model-transformation engine

Isabelle/UTP : Mechanised Theory Engineering for Unifying Theories of Programming

Isabelle/UTP is a mechanised theory engineering toolkit based on Hoare and He’s Unifying Theories of Programming (UTP). UTP enables the creation of denotational, algebraic, and operational semantics for different programming languages using an alphabetised relational calculus. We provide a semantic embedding of the alphabetised relational calculus in Isabelle/HOL, including new type definitions, relational constructors, automated proof tactics, and accompanying algebraic laws. Isabelle/UTP can be used to both capture laws of programming for different languages, and put these fundamental theorems to work in the creation of associated verification tools, using calculi like Hoare logics. This document describes the relational core of the UTP in Isabelle/HOL

RoboChart: modelling and verification of the functional behaviour of robotic applications

Robots are becoming ubiquitous: from vacuum cleaners to driverless cars, there is a wide variety of applications, many with potential safety hazards. The work presented in this paper proposes a set of constructs suitable for both modelling robotic applications and supporting verification via model checking and theorem proving. Our goal is to support roboticists in writing models and applying modern verification techniques using a language familiar to them. To that end, we present RoboChart, a domain-specific modelling language based on UML, but with a restricted set of constructs to enable a simplified semantics and automated reasoning. We present the RoboChart metamodel, its well-formedness rules, and its process-algebraic semantics. We discuss verification based on these foundations using an implementation of RoboChart and its semantics as a set of Eclipse plug-ins called RoboTool