A theoretical basis for stepwise refinement and the programming calculus
Science of Computer Programming
A calculus of refinements for program derivations
Acta Informatica
Programming from specifications
Programming from specifications
A practical theory of programming
A practical theory of programming
Introduction to HOL: a theorem proving environment for higher order logic
Introduction to HOL: a theorem proving environment for higher order logic
A Discipline of Programming
Engineering Software Under Statistical Quality Control
IEEE Software
Making Changes to Formal Specifications: Requirements and an Example
ESEC '93 Proceedings of the 4th European Software Engineering Conference on Software Engineering
Incremental processing of Z specifications
FORTE '92 Proceedings of the IFIP TC6/WG6.1 Fifth International Conference on Formal Description Techniques for Distributed Systems and Communication Protocols: Formal Description Techniques, V
| Hi-index | 0.00 |
A refinement calculus is a mathematical technique that provides a mechanism for rigorously transforming specifications into executable programs in a step-wise manner. A by-product of this technique is a formal proof of correctness of both the implementation and the design. These step-wise and rigorous aspects make this an attractive method for reducing software development costs and mitigating risk.The cleanroom technique has been quite successful as a development method [4]. However, it does not directly address the issue of assessing costs due to changes in the specification. This paper proposes a mechanized refinement calculus extension to the traditional cleanroom technique and a method for assessing the impact of specification changes.Within the cleanroom methodology, a refinement calculus approach replaces the "design, build and verify" process by transforming the specification itself into provably correct code through successive refinements. Additional tool support can link terms in the specification to the pertinent inferences in the proofs of various refinement steps. This information can then be directly used to determine the impact of specification changes at any point in the product life-cycle. Affected parts of the program and its design can be flagged automatically. The same technique also provides the means for evaluating certain elements of the design.Some tools are beginning to emerge to support refinement calculi. The current level of support is weak and certain shortcomings make refinement calculi presently too expensive for industry. However, recent advances in theorem prover technology suggest that these shortcomings are surmountable.