The imperative implementation of algebraic data types

The synthesis of imperative programs for hierarchical, algebraically specified abstract data types is investigated. Two aspects of the synthesis are considered: the choice of data structures for efficient implementation, and the synthesis of linked implementations for the class of ADTs which insert and access data without explicit key. The methodology is based on an analysis of the algebraic semantics of the ADT. Operators are partitioned according to the behaviour of their corresponding operations in the initial algebra. A family of relations, the storage relations of an ADT, Is defined. They depend only on the operator partition and reflect an observational view of the ADT. The storage relations are extended to storage graphs: directed graphs with a subset of nodes designated for efficient access. The data structures in our imperative language are chosen according to properties of the storage relations and storage graphs. Linked implementations are synthesised in a stepwise manner by implementing the given ADT first by its storage graphs, and then by linked data structures in the imperative language. Some circumstances under which the resulting programs have constant time complexity are discussed

On lions, impala, and bigraphs: modelling interactions in physical/virtual spaces

While HCI has a long tradition of formally modelling task-based interactions with graphical user interfaces, there has been less progress in modelling emerging ubiquitous computing systems due in large part to their highly contextual nature and dependence on unreliable sensing systems. We present an exploration of modelling an example ubiquitous system, the Savannah game, using the mathematical formalism of bigraphs, which are based on a universal process algebra that encapsulates both dynamic and spatial behaviour of autonomous agents that interact and move among each other, or within each other. We establish a modelling approach based on four perspectives on ubiquitous systems—Computational, Physical, Human, and Technology—and explore how these interact with one another. We show how our model explains observed inconsistencies in user trials of Savannah, and then, how formal analysis reveals an incompleteness in design and guides extensions of the model and/or possible system re-design to resolve this

Solving divergence in Knuth-Bendix completion by enriching signatures

AbstractThe Knuth-Bendix completion algorithm is a procedure which generates confluent and terminating sets of rewrite rules. The algorithm has many applications: the resulting rules can be used as a decision procedure for equality or, in the case of program synthesis, as a program. We present an effective algorithm to solve some cases of divergence in the Knuth-Bendix completion algorithm, starting from a grammar characterising the infinite rule set. We replace an infinite set of rewrite rules by a finite complete set by enriching the original (order-sorted) signature with new sorts and new operator arities, while remaining within a conservative extension of the original system and within the original term set. The complexity of the new rewriting system is no worse than that of the original system. We characterise the class of examples for which this approach is applicable and give some sufficient conditions for the algorithm to succeed

On the Design of Side-Stick Controllers in Fly-by-Wire Aircraft

Abstract This paper presents the problem of designing the functional behaviour of the interaction between two side-stick controllers, an autopilot, and a flight control computer in a fly-by-wire aircraft. Two models are developed using the ISO formal description technique LOTOS, and analysed using rigorous abstract testing techniques

Towards a Symbolic Modal Logic for LOTOS

We present a version of HML [7], adapted to allow description of properties of Full LOTOS [8] specifications using symbolic values and conditions in modal formulae as well as concrete data values. In modifying HML we especially consider the features of LOTOS which distinguish it from other process algebras and discuss how these alter the requirements of the logic, and how this in turn is reflected in the semantics of the logic. Our logic is given in relation to a late symbolic semantics for Full LOTOS, clearly separating the process reasoning from the data reasoning. This work is motivated by our experiences of using LOTOS in several different applications [10, 15], in which we have identified a clear need for temporal reasoning about symbolic, and possibly partial, LOTOS specifications. 1 Introduction The use of modal and/or temporal logics to describe abstract properties of systems is well established, as is their use in conjuction with more concrete process algebra descriptions of ..

Inductive Inference for Solving Divergence in KnuthBendix Completion

This paper presents an.approach to solving divergence in the Knuth-Bendix completion algorithm [Knuth/Bendix]. The Knuth-Bendix completion procedure generates a confluent set of rewrite rules by repeatedly superposing left hand sides of rewrite rules and adding any generated critical pairs as ne

Experiences with Specification and Verification in LOTOS: A Report on Two Case Studies

We consider the problems of verifying properties of LOTOS specifications with specific reference to two case studies, one of which was proposed by an industrial collaborator. The case studies present quite different verification requirements and we study a range of verification and validation techniques, based on various behavioural congruences and preorders, which may be applied, also using some mechanised tool support. We consider the implications of the (formal) proofs which succeed or fail with respect to our desired properties, and draw some conclusions about the verification process. 1 Introduction Over the last few years we have been studying some of the problems of verifying properties of formal specifications written in LOTOS 1 , the ISO standardised language ([ISO:8807]) for concurrent, distributed, and nondeterministic systems. Some of the issues tackled include: ffl which kinds of verification are needed, particularly for real case studies, ffl how verification can be..