Component and Interface Refinement in Closed-System Specifications

A closed-system specification models a system in the context of its assumed environment. A component is then a view on the total system, where unnecessary details of other components and the external environment have been abstracted away. Starting from a crude initial model, details of components can be introduced in separate component refinements, and the resulting views can be synthesized by composition into a detailed model of the total system. In contrast to open systems, the closed-system view makes it possible to refine also component interfaces in this process. The original model may therefore have abstract interfaces, whose implementability is one of the concerns in component refinements. However, since component refinements may interfere, conditions are needed for their composability. Such conditions are derived in this paper, and the application of component refinements to interface refinement is investigated

On character set reduction

Computer Science Departmen

Real Time in a TLA-Based Theory of Reactive Systems

A practical theory for operational specification of reactive systems is described. Reasoning on temporal properties is made possible at high levels of abstraction, and rigorous refinement towards implementation is supported. The paper discusses how the underlying logic, execution model, and refinement methods fit together, and how object-orientation, distribution, and real time are supported. A closer look is taken on the specification of real-time properties. The approach is illustrated by a logically layered specification of simple mobile robot control software. 1 Introduction Since conventional thinking of software engineering is dominated by languages, tools, and informal design methods, their inherent complexities burden most attempts to provide theoretical understanding of the fundamentals. In particular, an appropriate theory should allow to ignore unnecessary detail at the level of specification. Ideally, specification languages and tools should also reflect an underlying theo..

On the Horizontal Dimension of Software Architecture in Formal Specifications of Reactive Systems

In order to provide better alignment between conceptual requirements and aspect-oriented implementations, formal specification methods should enable the encapsulation of logical abstractions of systems. In this paper we argue that horizontal architectures, consisting of such logical abstractions, can provide better separation of concerns over conventional ones while supporting incremental development for more common units of modularity such as classes. We base our arguments on our experiences with the DisCo method, where logical abstractions are composed using the superposition principle

Harnessing the Power of Interaction

Inspired by Peter Wegner's analysis of the paradigm shift from algorithms to interaction and of his conclusion that "proving correctness of interactive systems is not merely difficult but impossible," we outline some consequences that we see inevitable for the specification and design of interactive systems. The technical feasibility of the proposed solutions has been justified by theoretical results and practical experimentation. Although many of the claims have been widely accepted in academic research, and none of them is new, their practical significance has not yet been generally recognized in software engineering. In particular, most proponents of object-oriented specification and design seem to be unaware of them

DisCo Specification Language: Marriage of Actions and Objects

The potential of the action-oriented paradigm has been explored in the development of a new specification language DisCo, which can be characterized as both action-oriented and object-oriented. Its possibilities are introduced by contrasting them to the more familiar process-oriented approaches. Its execution model is state-based and leads to direct application of temporal logic in formal reasoning. Action-orientation allows a natural support for such forms of modularity that cut across process boundaries. At the same time, process-oriented abstractions are retained by object-orientation and the use of hierarchical statechart structures. The novel aspects of modularity are illustrated by a protocol example. The language is semi-executable, with properties that prevent automatic code generation in the general case. An experimental environment is available for simulation and animation of specifications. Keywords: executable specifications, inheritance, joint action systems, modularity, ..

Scheduling in Real-Time Models

Interleaving semantics is shown to provide an appropriate basis also for the modeling of real-time properties. Real-time scheduling of interleaved actions is explored, and the crucial properties of such schedulings are analyzed. The motivation of the work is twofold: to make real-time modeling practical already at early stages of specification and design, and to increase the reliability and predictability of reactive real-time systems by improved insensitivity to changes in the underlying realtime assumptions. Keywords: executable specifications, fairness, formal methods, interleaving model, joint actions, reactive systems 1. Introduction When real-time aspects are ignored, there is wide agreement that interleaving models provide an appropriate basis for the modeling of reactive systems and for formal reasoning on their properties [18]. When attention is focused on real-time, this basis is often discarded as unrealistic, and models are adopted where state information is ignored [17]...