Showing papers in "Science of Computer Programming in 1997"

TL;DR: The results gained with generation of test suites based on advanced verification techniques applied to a real industrial protocol, the DREX protocol, prove the relevance of the used techniques.

TL;DR: It is argued that, in general, the first model is preferable to the second, which provides two different semantics for an extension of Dijkstra's language of guarded commands.

TL;DR: The resulting categorical formalisation unifies the different notions of superposition that have been proposed in the literature and clarifies their algebraic properties with respect to modularisation, and suggests ways of extending or revising existing languages in order to provide higher levels of reusability, modularity and incrementality in system design.

TL;DR: This work verified three cache coherence protocols used in distributed file systems by using McMillan's SMV model checker and found that on the most complicated protocol, SMV took less than 1 s to check over 43600 reachable states.

TL;DR: This paper studies the robustness of distributed leader election algorithms in the presence of unreliable communication medium and unreliable machines, and proposes various improvements of these algorithms in order to obtain a fully fault-tolerant protocol.

TL;DR: The experience of an industrial pilot project which undertook a formal development using VDM and B and employed a number of techniques for the analysis of the formal texts by animation, test case generation and proof is described.

TL;DR: A case study involving the use of a formal graphical notation, Modechart, and an automatic verification tool, the Concurrency Workbench, in the analysis of the design of a fault-tolerant active structural control system shows the importance of compositionality for reasoning about large and complex systems.

TL;DR: Timed Maude is a timed variant of Meseguer's language Maude which is based on rewriting logic and can be seen as a generalization of timed automata combined with algebraic specifications for real-time concurrent systems.

TL;DR: Using discrete time process algebra with relative timing, a model for the I2C-bus is designed and it turns out that themodel for the slave interfaces can be based on the model forThe master interfaces.

TL;DR: The aim of this paper is to introduce a technique, called program window inference, to handle contextual information during derivations in the refinement calculus, borrowed from a technique for handling context in theorem proving.

TL;DR: The failed attempt to prove safety in a corrected version of the protocol reveals a second logical flaw, and a formal model is developed so that a rigorous assessment can be made as to whether the perceived violation of safety presents a significant hazard to railway traffic.

TL;DR: This paper presents and proves the correctness of a compiler that handles the general case of an adaptive program, which first computes a finite-state automaton and then uses it to generate efficient code.

TL;DR: A theory of timewise refinement allows the translation of specifications and proofs of correctness between semantic models, permitting each stage in the verification of a system to take place at the appropriate level of abstraction.

TL;DR: Modal process logic is an extension of CCS that allows for more expressive specifications that was successfully applied in the development of a failure recovery protocol for an air-traffic information system now in service at Heathrow airport.

TL;DR: The emphasis in this paper is on clarity of the overall derivation and on expressing concepts at a level of abstraction that permits significant reuse of concepts, laws, inference patterns, etc.

TL;DR: A set of program transformations which are applied automatically to convert abstract functional specifications of numerical algorithms into efficient implementations tailored to the AMT DAP array processor are presented.

TL;DR: A specification language, Spill, which has been designed with the express purpose of providing both inspection and testing support, and can be thought of as both an extended and a restricted version of pure Prolog.

TL;DR: This work single out a specification language, a variation of first order temporal logic, called Oikos-tl, that includes three new temporal operators that enhance the expressive power of the logic, permitting to directly link state transitions and state configurations.

TL;DR: For a certain class of connected networks, the short notation format synchronous networks or grid protocols can be specified in a straightforward way and a correctness theorem is proved that characterizes I/O behavior.

TL;DR: Algorithms that determine the exact bounds on the delay between two specified events and the number of occurrences of another event in all such intervals are presented, showing the usefulness of symbolic model checking in analyzing modern industrial designs.

TL;DR: This work claims that the algorithm designer is forced to omit some of the details by the relative expressive poverty of the Pascal-like languages typically used to present the solution; the greater expressiveness provided by a functional language allows the whole story to be told in a reasonable amount of space.

TL;DR: This last technical chapter is not really about Peterson’s algorithm, although it may reinforce the beauty of that design, but is a serious and fundamental criticism that one may have of the method of multiprogramming proposed in this book.

TL;DR: This article releases an industrial experiment of using formal methods to conceive, design, develop and test an embedded software in a massproduced device.

TL;DR: The main purpose of the research was to formulate rules and clarify issues relating to the internal design of modules specified using the trace assertion method for specification of module interfaces, and LD-relations to specify behavior of individual programs within a module.

TL;DR: Modular specification and compositional verification of the context management closing procedure of Xpress Transfer Protocol (XTP Protocol Definition, Revision 3.6) in style of Lamport's Temporal Logic of Actions is considered, where both contexts are active and synchronized initially.