Communicating sequential processes
Communicating sequential processes
Proc. of the European symposium on programming on ESOP 86
Process simulation and refinement
Formal Aspects of Computing
Forward and backward simulations I.: untimed systems
Information and Computation
Using Z: specification, refinement, and proof
Using Z: specification, refinement, and proof
Refinement in Z and object-Z: foundations and advanced applications
Refinement in Z and object-Z: foundations and advanced applications
How Firing Conditions Help Inheritance
ZUM '95 Proceedings of the 9th International Conference of Z Usres on The Z Formal Specification Notation
Refinement of State-Based Concurrent Systems
VDM '90 Proceedings of the Third International Symposium of VDM Europe on VDM and Z - Formal Methods in Software Development
On the Refinement and Simulation of Data Types and Processes
IFM '99 Proceedings of the 1st International Conference on Integrated Formal Methods
Refinement in Object-Z and CSP
IFM '02 Proceedings of the Third International Conference on Integrated Formal Methods
Refinement and Verification of Concurrent Systems Specified in Object-Z and CSP
ICFEM '97 Proceedings of the 1st International Conference on Formal Engineering Methods
An analysis of refinement in an abortive paradigm
Formal Aspects of Computing
Data refinement and singleton failures refinement are not equivalent
Formal Aspects of Computing
Relational concurrent refinement part II: Internal operations and outputs
Formal Aspects of Computing
Data Refinement: Model-Oriented Proof Methods and their Comparison
Data Refinement: Model-Oriented Proof Methods and their Comparison
Hi-index | 0.00 |
Refinement is the notion of development between formal specifications. For specifications given in a relational formalism, downward and upward simulations are the standard method to verify that a refinement holds, their usefulness based upon their soundness and joint completeness. This is known to be true for total relational specifications and has been claimed to hold for partial relational specifications in both the non-blocking and blocking interpretations. In this paper we show that downward and upward simulations in the blocking interpretation, where domains are ''guards'', are not jointly complete. This contradicts earlier claims in the literature. We illustrate this with an example (based on one recently constructed by Reeves and Streader) and then construct a proof to show why joint completeness fails in general.