By Willem-Paul de Roever, Kai Engelhardt

ISBN-10: 0511663072

ISBN-13: 9780511663079

ISBN-10: 0521103509

ISBN-13: 9780521103503

ISBN-10: 0521641705

ISBN-13: 9780521641708

The target of this publication is to supply a entire and systematic creation to the $64000 and hugely appropriate approach to facts refinement and the simulation equipment used for proving its correctness. The authors focus within the first half at the common ideas had to turn out info refinement right. they start with a proof of the basic notions, displaying that information refinement proofs lessen to proving simulation. the themes of Hoare common sense and the Refinement Calculus are brought and a common idea of simulations is built and relating to them. Accessibility and comprehension are emphasised so as to advisor rookies to the world. The book's moment half incorporates a particular survey of vital equipment during this box, comparable to VDM, and the tools because of Abadi & Lamport, Hehner, Lynch and Reynolds, Back's refinement calculus and Z. a majority of these equipment are conscientiously analysed, and proven to be both imcomplete, with counterexamples to their software, or to be continually appropriate at any time when information refinement holds. this can be proven by way of proving, for the 1st time, that every one those tools may be defined and analyzed when it comes to basic notions: ahead and backward simulation. The ebook is self-contained, going from complicated undergraduate point and taking the reader to the cutting-edge in equipment for proving simulation.

**Extra info for Data Refinement: Model-Oriented Proof Methods and their Comparison**

One difference is that Reynolds deals with partial correctness in the first place and establishes termination in a separate argument, whereas Jones is always concerned with total correctness. 3 Syntax vs. Semantics: No Value Judgment Implied The distinction between syntax-based methods and semantically oriented ones refers here to the following. In a syntax-based method terms and formulae are generated using fixed machine checkable patterns, laid down by their syntax, and subsequently given semantic justification using particular universes and operations upon these universes through interpretation functions, as illustrated in Chapters 5 and 8.

Find such an example. 1). Given an abstraction relation a : ZN x Z c —> £ N x EA> define OC|ZN XSN by (v,c)ea| Z N x I N = 3p,T(((v,p),(o,x))€a) . 3 we define a restriction on a which implies that normal operations simulate themselves under a without requiring extra verification conditions. Abstraction relations a satisfying this restriction satisfy the property OC|£NX2;N = W/SN. Prove that this property on its own is not strong enough to imply that normal operations simulate themselves. Hint: It suffices to consider X N , I A and Ec having only two elements.

Induction step: Next, assuming that we already constructed a o , . . , o f GS A such that (o,OA) G A/; A ;i ;... ; A^ and (cp,OA) G a for some 0 < k < n, we can derive from condition (op^ ) that there exists o A +1 G I A such that (of ,o£ +1 ) G A A+1 and (ap +1 ,of +1 ) G a. This provides us with o A +1 G 2 A such that (o, GA+1) G A/; A y i ;... ; Finally, the sequence O Q , . . ,op at the concrete level corresponds under a to the computation sequence o A ,... ,o£ at the abstract level which we deter- 24 2 Simulation as a Proof Method for Data Refinement Fig.

