The B-book: assigning programs to meanings
The B-book: assigning programs to meanings
FME '02 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods - Getting IT Right
Refinement, Decomposition, and Instantiation of Discrete Models: Application to Event-B
Fundamenta Informaticae - This is a SPECIAL ISSUE ON ASM'05
On the Purpose of Event-B Proof Obligations
ABZ '08 Proceedings of the 1st international conference on Abstract State Machines, B and Z
Verification of Sequential and Concurrent Programs
Verification of Sequential and Concurrent Programs
Modeling in Event-B: System and Software Engineering
Modeling in Event-B: System and Software Engineering
An open extensible tool environment for event-b
ICFEM'06 Proceedings of the 8th international conference on Formal Methods and Software Engineering
Refinement and reachability in event_b
ZB'05 Proceedings of the 4th international conference on Formal Specification and Development in Z and B
Justifications for the event-b modelling notation
B'07 Proceedings of the 7th international conference on Formal Specification and Development in B
Validation of formal models by refinement animation
Science of Computer Programming
| Hi-index | 0.00 |
The Event-B method can be used to model all sorts of discrete event systems, among them sequential programs. We have made the experience that the minimalist nature of Event-B is of advantage when it comes to tool support and to using proof as a means to analyse a model. The downside of the minimalism is that when models get more complex the lack of structure in the models can make them cluttered with auxiliary variables. System decomposition will not solve this problem. This can not be reasonably applied to a sequential program. In this article we describe our experiences with using Event-B by way of an example. We show how we verified iterative Quicksort in Event-B and intersperse our observations and criticisms. We use them to formulate some suggestions of how we believe Event-B should evolve in future. Some of the minimalism may have to be abandoned in favour of more clarity of the produced formal models.