Marcel Vinicius Medeiros Oliveira

A UTP semantics for Circus

Circus specifications define both data and behavioural aspects of systems using a combination of Z and CSP constructs. Previously, a denotational semantics has been given to Circus; however, a shallow embedding of Circus in Z, in which the mapping from Circus constructs to their semantic representation as a Z specification, with yet another language being used as a meta-language, was not useful for proving properties like the refinement laws that justify the distinguishing development technique associated with Circus. This work presents a final reference for the Circus denotational semantics based on Hoare and He’s Unifying Theories of Programming (UTP); as such, it allows the proof of meta-theorems about Circus including the refinement laws in which we are interested. Its correspondence with the CSP semantics is illustrated with some examples. We also discuss the library of lemmas and theorems used in the proofs of the refinement laws. Finally, we give an account of the mechanisation of the Circus semantics and of the mechanical proofs of the refinement laws.

Formal Methods: Foundations and Applications

Speeding Up Simulation of SystemC Using Model Checking.- Partial Behaviour Modelling: Foundations for Incremental and Iterative Model-Based Software Engineering.- Satisfiability Modulo Theories: An Appetizer.- Interruption Testing of Reactive Systems.- Test Case Generation of Embedded Real-Time Systems with Interruptions for FreeRTOS.- Concurrent Models of Flash Memory Device Behaviour.- Corecursive Algebras: A Study of General Structured Corecursion.- Formalizing FreeRTOS: First Steps.- A Mechanized Strategy for Safe Abstraction of CSP Specifications.- Applying Event and Machine Decomposition to a Flash-Based Filestore in Event-B.- An Integrated Formal Methods Tool-Chain and Its Application to Verifying a File System Model.- Towards Safe Design of Synchronous Bus Protocols in Event-B.- Mechanising Data-Types for Kernel Design in Z.- A Complete Set of Object Modeling Laws for Alloy.- Undecidability Results for Distributed Probabilistic Systems.- Formalisation and Analysis of Objects as CSP Processes.- Concolic Testing of the Multi-sector Read Operation for Flash Memory File System.- Low-Level Code Verification Based on CSP Models.- Formal Modelling of a Microcontroller Instruction Set in B.- Defining Behaviours by Quasi-finality.- Verifying Compiled File System Code.- Reasoning about General Quantum Programs over Mixed States.- A Simple and General Theoretical Account for Abstract Types.

Formal Specification of a Cardiac Pacing System

The International Grand Challenge project on Verified Software is a long-term research program involving people from all over the world and is aimed to stimulate the creation of new theories and tools to be applied on industrial-scale problems. One of the challenges proposed is to make a formal development of a cardiac pacemaker. In this paper, we present a formal specification of this system using the Z notation and also discuss our experience in building this formal model and the decisions made during the process.

A Denotational Semantics for Circus

Circus specifications define both data and behavioural aspects of systems using a combination of Z and CSP. Previously, a denotational semantics has been given to Circus; however, as a shallow embedding of Circus in Z, it was not possible to use it to prove properties like the refinement laws that justify the distinguishing development technique associated with Circus. This work presents a final reference for the Circus denotational semantics based on Hoare and Hes Unifying Theories of Programming (UTP). Finally, it discusses the library of theorems on the UTP that was created and used in the proofs of the refinement laws.

ArcAngel: a Tactic Language for Refinement

Abstract.Morgans refinement calculus is a successful technique for developing software in a precise and consistent way. This technique, however, can be hard to use, as developments may be long and repetitive. Many authors have pointed out that a lot can be gained by identifying commonly used development strategies, documenting them as tactics, and using them as single transformation rules. Also, it is useful to have a notation for describing derivations, so that they can be analysed and modified. In this paper, we present ArcAngel, a language for defining such refinement tactics; we present the language, its semantics, and some of its algebraic laws. Apart from Angel, a general-purpose tactic language that we are extending, no other tactic language has a denotational semantics and proof theory of its own.

Unifying theories in ProofPower-Z

The increasing interest in the combination of different computational paradigms is well represented by Hoare and He in the Unifying Theories of Programming (UTP). In this paper, we present a mechanisation of part of that work in a theorem prover, ProofPower-Z; the theories of alphabetised relations, designs, reactive and CSP processes are in the scope of this paper. Furthermore, the mechanisation of Circus, a language that combines Z, CSP, specification statements and Dijkstra’s guarded command language, is also presented here. We also present an account of how this mechanisation is achieved, and more interestingly, of what issues were raised, and of our decisions. We aim at providing tool support not only for CSP and Circus, but also for further explorations of Hoare and He’s unification, and for the mechanisation of languages whose semantics is based on the UTP.

ArcAngelC: a Refinement Tactic Language for Circus

Circus is a refinement language, in which specifications define both data and behavioural aspects of concurrent systems using a combination of Z and CSP. Its refinement theory and calculus are distinctive, but refinements may be long and repetitive, and using this technique can be hard. Some useful strategies have already been identified, described, and used. By documenting and using them as tactics, a lot can be gained since they can be repeatedly used as single transformation rules. Here, we present ArcAngelC, a language for defining such refinement tactics; we present the language and its application in the formalisation of an existing informal strategy for verification of Ada implementations of control systems.

Refine and gabriel: support for refinement and tactics

Using Morgans refinement calculus, we can write software in a precise and consistent way. Nevertheless, this may involve long and repetitive developments. Several refinement strategies are useful in different developments, and even in different points of a single development. A lot is gained by identifying these strategies, documenting them as tactics, and using them as single transformation rules. With this motivation, we have designed ArcAngel, a tactic language especially tailored for refinement; we have formalised its semantics and studied its algebraic laws. Even with the use of tactics, however refinement can be a hard task and the use of tools is essential in practice. In this paper we present Refine and Gabriel, interactive, user-friendly tools that allow us to use the refinement calculus with the support of ArcAngel tactics.

CRefine: Support for the Circus Refinement Calculus

Circus specifications combine both data and behavioral aspects of concurrent systems using a combination of CSP, Z, and Dijkstrapsilas command language. Its associated refinement theory and calculus distinguishes itself from other such combinations. Recently, tools for Circus like a parser, a type-checker, a model-checker, and a translator to Java have been developed. Nevertheless, tool support for the circus refinement calculus has only been prototyped. In this paper, we present CRefine, a tool that can be used throughout the refinement of concurrent systems in a calculational approach. Its functionalities are described using a simple case study. Furthermore, we also describe CRefinepsilas architecture and its integration to the CZT framework.

Composing architectural aspects based on style semantics

The lack of architecturally-significant mechanisms for aspectual composition might artificially hinder the specification of stable and reusable design aspects. Current aspect-oriented approaches at the architecture-level tend to mimic programming language join point models while overlooking mainstream architectural concepts such as styles and their semantics. Syntax-based pointcuts are typically used to select join points based on the names of architectural elements, exposing architecture descriptions to pointcut fragility and reusability problems. This paper presents style-based composition, a new flavor of aspect composition at the architectural level based on architectural styles. We propose style-based join point models and provide a pointcut language that supports the selection of join points based on style-constrained architectural models. Stability and reusability assessments of the proposed style-based composition model were carried out through three case studies involving different styles. The interplay of style-based pointcuts and some style composition techniques is also discussed.