Specification and refinement in general correctness

Authors:
Steve Dunne;Andy Galloway;Bill Stoddart
Affiliations:
School of Computing and Mathematics, University of Teesside;High Integrity Systems Engineering Group, University of York;School of Computing and Mathematics, University of Teesside
Venue:
3FACS'98 Proceedings of the 3rd BCS-FACS conference on Northern Formal Methods
Year:
1998

Citing 9
Cited 5

General correctness: a unification of partial and total correctness

Acta Informatica
A generalization of Dijkstra's calculus

ACM Transactions on Programming Languages and Systems (TOPLAS)
Predicate calculus and program semantics

Predicate calculus and program semantics
Systematic software development using VDM (2nd ed.)

Systematic software development using VDM (2nd ed.)
The Z notation: a reference manual

The Z notation: a reference manual
Programming from specifications (2nd ed.)

Programming from specifications (2nd ed.)
The B-book: assigning programs to meanings

The B-book: assigning programs to meanings
Unifying wp and wlp

Information Processing Letters
A Discipline of Programming

A Discipline of Programming

An Execution Architecture for GSL

ZB '00 Proceedings of the First International Conference of B and Z Users on Formal Specification and Development in Z and B
Engineering and theoretical underpinnings of retrenchment

Science of Computer Programming
Lifting general correctness into partial correctness is ok

IFM'07 Proceedings of the 6th international conference on Integrated formal methods
Unifying theories of programming that distinguish nontermination and abort

MPC'10 Proceedings of the 10th international conference on Mathematics of program construction
Reasoning about loops in total and general correctness

UTP'08 Proceedings of the 2nd international conference on Unifying theories of programming

Quantified Score

Hi-index	0.00

Visualization

Abstract

We augment B's existing total-correctness semantics of weakest precondition (wp) with a partial-correctness semantics of weakest liberal precondition (wlp). By so doing we achieve a general-correctness semantics for B operations which not only accords more fully with our natural computational intuition, but also extends the essential expressive capability of B's Generalised Substitution Language (GSL) to embrace a whole new class of operations called semi-decidable, whose behaviour cannot be characterised in terms of total correctness alone. The ability to specify semi-decidable operations is important because a desired conventional operation may lend itself to implementation as a concurrent federation of semi-decidable operations co-operating under a mutual "termination pact". Indeed, computational constraints may render this the only viable implementation strategy. We call a generalised substitution invested with our general-correctness semantics an abstract command. Our Abstract Command Language (ACL) is thus syntactically indistinguishable from the GSL, save for the introduction of one new composition operator, concert, expressing a "termination pact" between two concurrent abstract commands.