Programming from specifications (2nd ed.)
Programming from specifications (2nd ed.)
The B-book: assigning programs to meanings
The B-book: assigning programs to meanings
ProB: an automated analysis toolset for the B method
International Journal on Software Tools for Technology Transfer (STTT)
Refinement, Decomposition, and Instantiation of Discrete Models: Application to Event-B
Fundamenta Informaticae - This is a SPECIAL ISSUE ON ASM'05
ProB gets Nauty: Effective Symmetry Reduction for B and Z Models
TASE '08 Proceedings of the 2008 2nd IFIP/IEEE International Symposium on Theoretical Aspects of Software Engineering
Automatic refinement checking for b
ICFEM'05 Proceedings of the 7th international conference on Formal Methods and Software Engineering
An open extensible tool environment for event-b
ICFEM'06 Proceedings of the 8th international conference on Formal Methods and Software Engineering
Visualising larger state spaces in ProB
ZB'05 Proceedings of the 4th international conference on Formal Specification and Development in Z and B
BRAMA: a new graphic animation tool for b models
B'07 Proceedings of the 7th international conference on Formal Specification and Development in B
An approach of requirements tracing in formal refinement
VSTTE'10 Proceedings of the Third international conference on Verified software: theories, tools, experiments
Refinement-animation for event-b: towards a method of validation
ABZ'10 Proceedings of the Second international conference on Abstract State Machines, Alloy, B and Z
Validation of formal models by refinement animation
Science of Computer Programming
| Hi-index | 0.00 |
Usually we teach formal methods relying for a large part on one kind of reasoning technique about a formal model. For instance, we either use formal proof or we use model-checking. It would appear that it is already hard enough to learn one technique and having to cope with two puts just another burden on the students. This is not our experience. Especially model-checking is easily used to complement formal proof. It only relies on an intuitive operational understanding of a formal model. In this article we show how using model-checking, animation, and formal proof together can be used to improve understanding of formal models. We demonstrate how animation can help finding an explanation for a failing proof. We also demonstrate where animation or model-checking may not help and where proving may not help. For most part use of another tool pays off. Proof obligations present intentionally a static view of a system so that we focus on abstract properties of a model and not on its behaviour. By contrast model-checking provides a more dynamic view based on an operational interpretation. Both views are valuable aids to reasoning about a model.