Systematic software development using VDM
Systematic software development using VDM
Understanding Z: a specification language and its formal semantics
Understanding Z: a specification language and its formal semantics
ACM Transactions on Programming Languages and Systems (TOPLAS)
Refinement principles supporting the transition from asynchronous to synchronous communication
Science of Computer Programming - Special issue on mathematics of program construction
The B-book: assigning programs to meanings
The B-book: assigning programs to meanings
An axiomatic basis for computer programming
Communications of the ACM
Assumption/Commitment Rules for Dataflow Networks - With an Emphasis on Completeness
ESOP '96 Proceedings of the 6th European Symposium on Programming Languages and Systems
A Model for Mobile Point-to-Point Data-flow Networks without Channel Sharing
AMAST '96 Proceedings of the 5th International Conference on Algebraic Methodology and Software Technology
Proceedings of the 3rd international workshop on Hardware/software co-design
3CODES94 Third International Workshop on Hardware/Software Codesign
Proceedings of the ESPRIT Working Group 8533 on Prospects for Hardware Foundations: NADA - New Hardware Design Methods, Survey Chapters
| Hi-index | 0.00 |
This paper is an attempt to demonstrate the potential of conditional refinement in step-wise system development. In particular, we emphasise the ease with which conditional retinement. allows boundedness constraints to be introduced in a specification based on unbounded resources. For example, a specification based on purely asynehronous communication can be conditionally refined into a specification using time-synchronous communication.The presentation is built around a small case-study: A step-wise design of a timed FIFO queue that is partly to be implemented in hardware and partly to be implemented in software. We first specify the external behaviour of the queue ignoring timing and synchronisation. This overall specification is then restated in a time-synchronous setting and thereafter refined into a composite specification consisting of three sub-specifications: A specification of a time-synchronous hardware queue, a specification of an asynchronous software queue, and a specification of an interface component managing the communication between the first two. We argue that the three overall specifications can be related by conditional refinement. By further steps of conditional refinement additional boundedness constraints are introduced. We explain how each step of conditional refinement can be formally verified in a compositional manner.