Showing papers on "Specification language published in 1994"

Requirements specification for process-control systems

Abstract: The paper describes an approach to writing requirements specifications for process-control systems, a specification language that supports this approach, and an example application of the approach and the language on an industrial aircraft collision avoidance system (TCAS II). The example specification demonstrates: the practicality of writing a formal requirements specification for a complex, process-control system; and the feasibility of building a formal model of a system using a specification language that is readable and reviewable by application experts who are not computer scientists or mathematicians. Some lessons learned in the process of this work, which are applicable both to forward and reverse engineering, are also presented. >

Composite Events for Active Databases: Semantics, Contexts and Detection

Abstract: Making a database system active entails developing an expressive event specification language with well-defined semantics, algorithms for the detection of composite events, and an architecture for an event detector along with its implementation. Thii paper presents the semantics of composite events using the notion of a global event history (or a global event-log). Parameter contexts are introduced and precisely defined to facilitate efficient management and detection of composite events. Finally, an architecture and the implementation of a composite event, detector is analyzed in the context of an object-oriented active DBMS.

Snoop: an expressive event specification language for active databases

Abstract: Making a database system active to meet the requirements of a wide range of applications entails developing an expressive event specification language and its implementation. Extant systems support mostly database events and in some cases a few predefined events. This paper discusses an event specification language (termed Snoop) for active databases. We define an event, distinguish between events and conditions, classify events into a class hierarchy, identify primitive events, and introduce a small number of event operators for constructing composite (or complex) events. Snoop supports temporal, explicit, and composite events in addition to the traditional database events. The novel aspect of our work lies not only in supporting a rich set of events and event expressions, but also in the notion of parameter contexts. Essentially, parameter contexts augment the semantics of composite events for computing their parameters. For concreteness, we present parameter computation for the relational model. Finally, we show how a contingency plan that includes time constraints can be supported without stepping outside of the framework proposed in this paper.

Information modeling: the EXPRESS way

Abstract: This book discusses information modelling combined with a description of the express information model specification language. EXPRESS is a new language that when used with information modelling abstracts away the implementation bias prevalent in current data modelling technology. One of the main tenets of EXPRESS is that a clear separation exists between the information model and the information system environment - a piece of information is not tied to a single application that uses it. The book will be of interest to data and information modellers in both universities and businesses, especially those concerned with object-oriented systems as it illustrates the development and use of information models using EXPRESS.

Modechart: a specification language for real-time systems

Abstract: Present a specification language for real-time systems called Modechart. The semantics of Modechart is given in terms of real-time logic (RTL), which is especially amenable to reasoning about the absolute (real-time clock) timing of events. The semantics of Modechart has an important property that the translation of a Modechart specification into RTL formulas results in a hierarchical organization of the resulting RTL assertions. This gives us significant leverage in reasoning about properties of a system by allowing us to filter out assertions that concern lower levels of abstraction. Some results about desirable properties of Modechart specifications are given. A graphical implementation of Modechart has been completed. >

Specification and design of complex digital systems

Abstract: A methodology for generating structural descriptions of complex digital devices from high-level descriptions and specifications is disclosed. The methodology uses a systematic technique to map and enforce consistency of the semantics imbedded in the intent of the original, high-level descriptions. The design activity is essentially a series of transformations operating upon various levels of design representations. At each level, the intended meaning (semantics) and formal software manipulations are captured to derive a more detailed level describing hardware meeting the design goals. Important features of the methodology are: capturing the users concepts, intent, specification, descriptions, constraints and trade-offs; architectural partitioning; what-if analysis at a high level; sizing estimation; timing estimation; architectural trade-off; conceptual design with implementation estimation; and timing closure. The methodology includes using estimators, based on data gathered over a number of realized designs, for partitioning and evaluating a design prior to logic synthesis. From the structural description, a physical implementation of the device is readily realized. The methodology further includes an automated interactive, iterative technique for creating a system-level specification in a directly-executable formal specification language. This technique makes use of formal verification and feasibility analysis techniques to iteratively refine the specification prior to implementation. This iterative refinement eliminates many ambiguities and inconsistencies from the specification, and ensures that there is at least one realizable implementation of the specification. The formal verification techniques are further employed to ensure that as the design progresses, compliance with the specification is maintained, and that any specification change is reflected and accounted for, both system-wide and implementation-wide.

TSQL2 language specification

Abstract: This docuinent specifies a temporal extension to the SQL-92 language standard. The language is designated TSQLZ. The document is organized as follows. The next section indicates the starting point of the design, the SQL92 language. Section 4 lists the desired features on which the TSQL2 Language Design Committee reached consensus. Section 5 presents the major concepts underlying TSQL2. Compatibility with SQL-92 is the topic of Section 6. Section 7 briefly discusses how the language can be implemented. Subsequent sections specify the syntax of the language extensions.

Information Systems Engineering: A Formal Approach

Abstract: Engineers and scientists need powerful formalisms to make conceptual models of systems in order to analyze and design them. These models can be used to verify the behavior of the systems, or as an executable specification of them. In this book, Professor van Hee concentrates on discrete dynamic systems, e.g. computer hardware, and information and logistical systems. He develops an integrated formalism that can be used as a prototyping language. It has three components: Petri nets, extended with time, token values and hierarchy; a specification language that is a subset of Z; and a binary data model, extended with complex objects. Much attention is paid to methods for constructing models of systems and analyzing their behavior, i.e., putting the theory into practice. The book is aimed at graduate students and researchers in computer science, electrical engineering, and applied mathematics.

The Conical Methodology and the evolution of simulation model development

Abstract: Originating with ideas generated in the mid-1970s, the Conical Methodology (CM) is the oldest procedural approach to simulation model development. This evolutionary overview describes the principles underlying the CM, the environment structured according to these principles, and the capabilities for large complex simulation modeling tasks not provided in textbook descriptions. The CM is an object-oriented, hierarchical specification language that iteratively prescribes object attributes in a definitional phase that is topdown, followed by a specification phase that is bottom-up. The intent is to develop successive model representations at various levels of abstraction that can be diagnosed for correctness, completeness, consistency, and other characteristics prior to implementation as an executable program. Related or competitive approaches, throughout the evolutionary period are categorized as emanating from: artificial intelligence, mathematical programming, software engineering, conceptual modeling, systems theory, logic-based theory, or graph theory. Work in each category is briefly described.

Temporal Proof Methodologies for Timed Transition-Systems

Abstract: We extend the specification language of temporal logic, the corresponding verification framework, and the underlying computational model to deal with real-;time properties of reactive systems. The abstract notion of timed transition systems generalizes traditional transition systems conservatively: qualitative fairness requirements are replaced (and superseded) by quantitative lower-bound and upper-bound timing constraints on transitions. This framework can model real-time systems that communicate either through shared variables or by message passing and real-time issues such as timeouts, process priorities (interrupts), and process scheduling. We exhibit two styles for the specification of real-time systems. While the first approach uses time-bounded versions of the temporal operators, the second approach allows explicit references to time through a special clock variable. Corresponding to the two styles of specification, we present and compare two different proof methodologies for the verification of timing requirements that are expressed in these styles. For the bounded-operator style, we provide a set of proof rules for establishing bounded-invariance and bounded-responce properties of timed transition systems. This approach generalizes the standard temporal proof rules for verifying invariance and response properties conservatively. For the explicit-clock style, we exploit the observation that every time-bounded property is a safety property and use the standard temporal proof rules for establishing safety properties.

Facilitating "fuzzy to formal" requirements modelling

Abstract: Requirements specification methods and techniques have hitherto mainly been concerned with promoting various representation formalisms for formally describing information systems and discussing their expressive power. However, this approach concentrates only partially on the problem. A major issue is how to bridge the gap between ill-defined problem and application situations, and specification of the formal, precise definition of functional requirements of the information system. We outline an extended requirements and information modelling paradigm, based on a number of interrelated meta-models. These models reflect the enterprise and its objectives, its non-functional requirements on the system, re-use of existing specification components, and a model for managing and tracking the specification development process. >

The Mathematical Vernacular, A Language for Mathematics with Typed Sets

Abstract: Publisher Summary This chapter discusses a language–Mathematical Vernacular (MV) for mathematics with typed sets. The new terminology developed, will be incorporated in the primary part of the language MV, while the others will be incorporated in the meta-MV. The MV obeys rules of grammar which are different from those of the “natural” languages and by no means contained in current formal systems. MV has an impact on computing science and is used as an intermediate language in expert systems. It might be used as a formal or informal specification language for computer programs. To have an intermediate stage between ordinary mathematical presentation and fully coded presentation in Automath–like systems is the basic idea to develop MV. They help to disclose the rules of the game of axioms, definitions, theorems, and proofs. A proof written in MV may be restricted to showing a sequence of resting points only. The language definition of MV is presented in two rounds: the general framework of organization of mathematical texts is expressed, and in the second round the rules about validity are expressed. The chapter also provides some terminology, ingredients, structure of MV books, and remarks on rules of MV.

Object-oriented specification case studies

Abstract: Specification and Analysis Techniques in Object-Oriented Methods. A Comparative Description of Object-Oriented Specification Languages. Object-Oriented Specification Languages in the Software Life Cycle. The UNIX File System: A MooZ Specification. An Object-Z Specification of a Mobile Phone System. Object-Oriented Specification in VDM+ +. Specifying a Concept Recognition System in Z + OOZE with Examples. Refinement in Fresco. SmallVDM: An Environment for Formal Specification and Prototyping in Smalltalk.

A system-design methodology: executable-specification refinement

Abstract: As methodologies and tools for chip-level design mature, design effort becomes focused on increasingly higher levels of abstraction. We present a methodology and tool for system-level specification, design and refinement that result in an executable specification for each system component. The specification for each component can then be synthesized into hardware or compiled to software. We highlight advantages of the proposed methodology compared to current practice. >

Design of Sentinel: an object-oriented DMBS with event-based rules

Abstract: This paper describes the design of event-condition-action (ECA) rules for supporting active capability in an object-oriented DBMS and sketches its incorporation in a C++ environment. We summarize Snoop—an expressive event specification language which supports temporal, explicit, and composite events in addition to the traditional database events. A small set of event operators is introduced for building composite events. We also introduce an event interface to extend the conventional object semantics to include the specification of primitive events. This interface is used as a basis for the specification of events spanning objects, possibly from different classes, and detection of primitive and composite events. New rules can be introduced on existing objects, enabling objects to react to their own changes as well as to the changes of other objects. We introduce a runtime subscription mechanism between rules and objects to monitor objects selectively. This mechanism elegantly supports class level as well as instance level rules. Finally, using an illustrative example, we compare the functionality of our approach with related work.

Supervision of Infinite Behavior of Discrete-Event Systems

Abstract: Some basic results of supervisory control theory are extended to the setting of $\omega$-languages, formal languages consisting of infinite strings. The extension permits the investigation of both liveness and safety issues in the control of discrete-event systems. A new controllability property appropriate to the infinitary setting ($\omega$-controllability) is defined; this language property captures in a natural way the limitations of available control actions. It is shown that every specification language contains a unique maximal $\omega$-controllable sublanguage, representing the least upper bound of the set of achievable closed-loop sublanguages. This supremal $\omega$-controllable sublanguage allows a simple formulation of necessary and sufficient conditions for the solvability of an infinitary supervisory control problem. The problems of effectively deciding solvability of the control problem and of effectively synthesizing appropriate supervisors are solved for the case where the plant is represented by a deterministic Buchi automaton and the specification of legal behavior by a deterministic Rabin automaton.

Object-oriented logical specification of time-critical systems

Abstract: We define TRIO+, an object-oriented logical language for modular system specification. TRIO+ is based on TRIO, a first-order temporal language that is well suited to the specification of embedded and real-time systems, and that provides an effective support to a variety of validation activities, like specification testing, simulation, and property proof. Unfortunately, TRIO lacks the ability to construct specifications of complex systems in a systematic and modular way. TRIO+ combines the use of constructs for hierarchical system decomposition and object-oriented concepts like inheritance and genericity with an expressive and intuitive graphic notation, yielding a specification language that is formal and rigorous, yet still flexible, readable, general, and easily adaptable to the user's needs. After introducing and motivating the main features of the language, we illustrate its application to a nontrivial case study extracted from a real-life industrial application.

A typed logic of partial functions reconstructed classically

Abstract: This paper gives a comprehensive description of a typed version of the logic known as LPF. This logic is basic to formal specification and verified design in the software development method VDM. If appropriately extended to deal with recursively defined functions, the data types used in VDM, etc., it gives the VDM notation and its associated rules of reasoning. The paper provides an overview of the needed extensions and examines some of them in detail. It is shown how this nonclassical logic-and the extensions-can be reconstructed classically by embeddings into classical infinitary logic.

From English to formal specifications

Abstract: Specifications provide the foundation upon which a system can be formally developed. If a specification is wrong, then no matter what method of design is used, or what quality assurance procedures are in place, they will not result in a system that meets the requirements. The specification of a system involves people of different profiles who favour different representations. At the beginning natural language is used because the specification document acts as a contract between the user and the developers. Most of the time, the only representation that users understand and agree on is natural language. At the other end, developers find natural language specifications ambiguous and incomplete and may therefore prefer formal specifications. The transition from informal specifications to formal ones is an error prone and time consuming process. This transition must be supported to ensure that the formal specifications are consistent with the informal ones. In this research we propose an interactive approach for producing formal specifications from English specifications. The approach uses research in the area of natural language understanding to analyse English specifications in order to detect ambiguities. The method used for analysing natural language text is based on McCord’s approach. This method consists of translating natural language sentences into a logical form language representation. This helps to identify ambiguities present in natural language specifications and to identify the entities and relationships. These entities and relationships are used as a basis for producing VDM data types. We also investigate the production of data type invariants for restricted sentences and the production of some common specifications. We test our approach by implementing it in Prolog-2 and apply it to an independent case study.

Restricting the weak‐generative capacity of synchronous tree‐adjoining grammars

Abstract: The formalism of synchronous tree-adjoining grammars, a variant of standard tree-adjoining grammars (TAG), was intended to allow the use of TAGs for language transduction in addition to language specification. In previous work, the definition of the transduction relation defined by a synchronous TAG was given by appeal to an iterative rewriting process. The rewriting definition of derivation is problematic in that it greatly extends the expressivity of the formalism and makes the design of parsing algorithms difficult if not impossible. We introduce a simple, natural definition of synchronous tree-adjoining derivation, based on isomorphisms between standard tree-adjoining derivations, that avoids the expressivity and implementability problems of the original rewriting definition. The decrease in expressivity, which would otherwise make the method unusable, is offset by the incorporation of an alternative definition of standard tree-adjoining derivation, previously proposed for completely separate reasons, thereby making it practical to entertain using the natural definition of synchronous derivation. Nonetheless, some remaining problematic cases call for yel more flexibility in the definition; the isomorphism requirement may have to be relaxed. It remains for future research to rune the exact requirements on the allowable mappings.

A formal approach to domain-oriented software design environments

Abstract: This paper describes a formal approach to domain-oriented software design environments, based on declarative domain theories, formal specifications, and deductive program synthesis. A declarative domain theory defines the semantics of a domain-oriented specification language and its relationship to implementation-level subroutines. Formal specification development and reuse is made accessible to users through an intuitive graphical interface that guides them in creating diagrams denoting formal specifications. Deductive program synthesis ensures that specifications are correctly implemented. This approach has been implemented in AMPHION, a generic KBSE system that targets scientific subroutine libraries. AMPHION has been applied to the domain of solar system kinematics. AMPHION enables space scientists to develop, modify, and reuse specifications an order of magnitude more rapidly than manual program development. Program synthesis is efficient and completely automatic. >

Validating real-time systems by history-checking TRIO specifications

Abstract: We emphasize the importance of formal executable specifications in the development of real-time systems, as a means to assess the adequacy of the requirements before a costly development process takes place. TRIO is a first-order temporal logic language for executable specification of real-time systems that deals with time in a quantitative way by providing a metric to indicate distance in time between events and length of time intervals. We summarize the language and its model-parametric semantics. Then we present an algorithm to perform history checking, i.e., to check that a history of the system satisfies the specification. This algorithm can be used as a basis for an effective specification testing tool. The algorithm is described; an estimation of its complexity is provided; and the main functionalities of the tool are presented, together with sample test cases. Finally, we draw conclusions and indicate directions of future research.

OPAL: design and implementation of an algebraic programming language

Abstract: The algebraic programming language OPAL has been designed as a testbed for experiments with the specification and development of functional programs. The language shall in particular foster the (formal) development, of productionquality software that is written in a purely flmctional style. As a consequence, OPAL molds concepts from Algebraic Specification and Functional Programming into a unified framework. The amalgamation of these two concepts which are both based on a sound theoretical foundation constitutes an ideal setting for the construction of formally verified "safe" software. Moreover, the high level of abstraction and the conceptual clarity of the functional style can increase the productivity of software development significantly. Unfortunately, the acceptance of the functional style suffers from the widespread prejudice that its advantages are paid for by a high penalty in runtime and storage consumption. Yet, this is not, true. Due to their semantic elegance and clarity, functional programs are amenable to a wide variety of powerful optimizations, such that the programmer need not be concerned with low-level considerations about machine pecularities. This way, she can concentrate on finding good algorithmic solutions instead. The potential for automatic optimizations is highly increased, when functional programs are combined with algebraic specifications. Then, algebraic properties of the flmctional programs can be used to guide optimizations which go far beyond traditional optimization techniques. In this paper we illustrate some principles of algebraic programming. Moreover, we introduce the language OPAL, sketch its compilation strategies, and point out some challenges for further research in the area of algebraic programming languages.

Codesign from cospecification

Abstract: Describes an object-oriented codesign specification approach designed to eliminate the bias introduced from using more commonplace software or hardware specification languages. The goal is to investigate automated partitioning of behavior into hardware and software. The design methodology allows gradual, continuous repartitioning of codesign operations during design. For instance, designers might start with an all-software implementation and check the implementation's functionality: they might then refine the implementation over time to a mixed hardware-software implementation. At the system level, the authors use an object-oriented approach to identify the basic objects and associated functions of a system. They divide them into three groups: hardware, software, and codesign . They represent the codesign group's objects and functions using a prototype codesign specification language, Object-Oriented Functional Specifications (OOFS), which lets one describe system state in objects and write object methods as pure functions. Thus, the authors can describe complex systems without biasing the implementation toward hardware or software. >

The Theory and Practice of A Formal Method: NewCoRe.

Abstract: A new discipline of Formal Methods promises to provide a solid theoretical foundation for software design. Most professionals involved in software design will agree that there is a need for such a foundation. The complexity of the software that controls even the most mundane aspects of our world can be overwhelming. A modern telephone switch, for instance, is controlled by several million lines of control software, that are developed and maintained by hundreds of skilled programmers. Any single change to the code could potentially cause havoc in large fragments of a nationwide telephone network. To prevent this, extremely high requirements must be placed on the quality of the software that goes into a system like this.

A formal model for module interconnection languages

Abstract: A model is proposed that formalizes the design of hierarchical module structures. The model is specified by a collection of Z schema type definitions that is invariant across all applications. A particular application is described by specifying the values of generic parameters and adding application-specific declarations and constraints to the schema definitions. As applications, the definitions in the model are used to describe the Conic configuration language and the STILE graphical design and development environment. >

Specifying and Testing Software Components using ADL

Abstract: This paper presents a novel approach to unit testing of software components. This approach uses the specification language ADL, that is particularly well-suited for testing, to formally document the intended behavior of software components. Another related language, TDD, is used to systematically describe the test-data on which the software components will be tested. This paper gives a detailed overview of the ADL language, and a brief presentation of the TDD language. Some details of the actual test system are also presented, along with some significant results.

Understanding the differences between VDM and Z

Abstract: This paper attempts to provide an understanding of the interesting differences between two well-known specification languages.

VHDL system-level specification and partitioning in a hardware/software co-synthesis environment

Abstract: This paper deals with the problems of system-level specification and partitioning in hardware/software co-design. It first discusses the implication of using VHDL as an implementation-independent specification language. A message passing communication mechanism is proposed to relax the strict synchronization imposed by the simulation-based semantics of VHDL. A partitioning technique is then described which is used to partition the VHDL specification into a hardware part and a software part. The partitioning is carried out during the compilation process of VHDL into a design representation which identifies the hardware/software boundary, while capturing hardware and software in a uniform way to allow efficient co-synthesis of both parts. The VHDL compiler and the partitioning algorithm function as the front end of a hardware/software co-synthesis environment which is built on the design representation. >