Formal Methods and Social Context in Software Development

Formal methods have not been accepted to the extent for which many computing scientists hoped. This paper explores some reasons for that fact, and proposes some ways to make progress. One major problem has been that formal methods have not taken sufficient account of the social context of computer systems. For example, social context causes a continuous evolution of requirements for large complex systems. This implies that designs, specifications and code must also evolve with requirements, and that traceability is important. We discuss a traceability technique called hyper-requirements. To better understand social context, we discuss ethnomethodology, a branch of sociology, and situated abstract data types, which help bridge the gap between the technical and the social. These attempt to provide a scientific basis for requirements capture. Some case studies are briefly described. We distinguish between small, large and huge grain formal methods, arguing that small grain methods do not scale up. This motivates our discussions of software composition and a new paradigm of "Domain Specific Formal Methods.

Order-sorted algebra I: equational deduction for multiple inheritance, overloading, exceptions and partial operations

AbstractThis paper generalizes many-sorted algebra (MSA) to order-sorted algebra (OSA) by allowing a partial ordering relation on the set of sorts. This supports abstract data types with multiple inheritance (in roughly the sense of object-oriented programming), several forms of polymorphism and overloading, partial operations (as total on equationally defined subsorts), exception handling, and an operational semantics based on term rewriting. We give the basic algebraic constructions for OSA, including quotient, image, product and term algebra, and we prove their basic properties, including quotient, homomorphism, and initiality theorems. The paper's major mathematical results include a notion of OSA deduction, a completeness theorem for it, and an OSA Birkhoff variety theorem. We also develop conditional OSA, including initiality, completeness, and McKinsey-Malcev quasivariety theorems, and we reduce OSA to (conditional) MSA, which allows lifting many known MSA results to OSA. Retracts, which intuitively are left inverses to subsort inclusions, provide relatively inexpensive run-time error handling. We show that it is safe to add retracts to any OSA signature, in the sense that it gives rise to a conservative extension. A final section compares and contrasts many different approaches to OSA. This paper also includes several examples demonstrating the flexibility and applicability of OSA, including some standard benchmarks like stack and list, as well as a much more substantial example, the number hierarchy from the naturals up to the quaternions

On Coordinating Collaborative Objects

A collaborative object represents a data type (such as a text document) designed to be shared by a group of dispersed users. The Operational Transformation (OT) is a coordination approach used for supporting optimistic replication for these objects. It allows the users to concurrently update the shared data and exchange their updates in any order since the convergence of all replicas, i.e. the fact that all users view the same data, is ensured in all cases. However, designing algorithms for achieving convergence with the OT approach is a critical and challenging issue. In this paper, we propose a formal compositional method for specifying complex collaborative objects. The most important feature of our method is that designing an OT algorithm for the composed collaborative object can be done by reusing the OT algorithms of component collaborative objects. By using our method, we can start from correct small collaborative objects which are relatively easy to handle and incrementally combine them to build more complex collaborative objects.Comment: In Proceedings FOCLASA 2010, arXiv:1007.499

Order-Sorted Equational Computation

The expressive power of many-sorted equational logic can be greatly enhanced by allowing for subsorts and multiple function declarations. In this paper we study some computational aspects of such a logic. We start with a self-contained introduction to order-sorted equational logic including initial algebra semantics and deduction rules. We then present a theory of order-sorted term rewriting and show that the key results for unsorted rewriting extend to sort decreasing rewriting. We continue with a review of order-sorted unification and prove the basic results. In the second part of the paper we study hierarchical order-sorted specifications with strict partial functions. We define the appropriate homomorphisms for strict algebras and show that every strict algebra is base isomorphic to a strict algebra with at most one error element. For strict specifications, we show that their categories of strict algebras have initial objects. We validate our approach to partial functions by proving that completely defined total functions can be defined as partial without changing the initial algebra semantics. Finally, we provide decidable sufficient criteria for the consistency and strictness of ground confluent rewriting systems

Some fundamental algebraic tools for the semantics of computation: Part 3. indexed categories

AbstractThis paper presents indexed categories which model uniformly defined families of categories, and suggests that they are a useful tool for the working computer scientist. An indexed category gives rise to a single flattened category as a disjoint union of its component categories plus some additional morphisms. Similarly, an indexed functor (which is a uniform family of functors between the components categories) induces a flattened functor between the corresponding flattened categories. Under certain assumptions, flattened categories are (co)complete if all their components are, and flattened functors have left adjoints if all their components do. Several examples are given. Although this paper is Part 3 of the series “Some fundamental algebraic tools for the semantics of computation”, it is entirely independent of Parts 1 and 2

Probability Theory Compatible with the New Conception of Modern Thermodynamics. Economics and Crisis of Debts

We show that G\"odel's negative results concerning arithmetic, which date back to the 1930s, and the ancient "sand pile" paradox (known also as "sorites paradox") pose the questions of the use of fuzzy sets and of the effect of a measuring device on the experiment. The consideration of these facts led, in thermodynamics, to a new one-parameter family of ideal gases. In turn, this leads to a new approach to probability theory (including the new notion of independent events). As applied to economics, this gives the correction, based on Friedman's rule, to Irving Fisher's "Main Law of Economics" and enables us to consider the theory of debt crisis.Comment: 48p., 14 figs., 82 refs.; more precise mathematical explanations are added. arXiv admin note: significant text overlap with arXiv:1111.610

Bisimilarity and refinement for hybrid(ised) logics

The complexity of modern software systems entails the need for reconfiguration mechanisms governing the dynamic evolution of their execution configurations in response to both external stimulus or internal performance measures. Formally, such systems may be represented by transition systems whose nodes correspond to the different configurations they may assume. Therefore, each node is endowed with, for example, an algebra, or a first-order structure, to precisely characterise the semantics of the services provided in the corresponding configuration. Hybrid logics, which add to the modal description of transition structures the ability to refer to specific states, offer a generic framework to approach the specification and design of this sort of systems. Therefore, the quest for suitable notions of equivalence and refinement between models of hybrid logic specifications becomes fundamental to any design discipline adopting this perspective. This paper contributes to this effort from a distinctive point of view: instead of focussing on a specific hybrid logic, the paper introduces notions of bisimilarity and refinement for hybridised logics, i.e. standard specification logics (e.g. propositional, equational, fuzzy, etc) to which modal and hybrid features were added in a systematic way.FC

Formal Methods: Promises and Problems

IEEE Software, Vol. 14, No. 1, pp. 73-85.Successfully applying formal methods to software development promises to move us closer to a true engineering discipline. The authors offer suggestions for overcoming the problems that have hindered the use of formal methods thus far