Connectors for CORBA Components
OOIS '02 Proceedings of the 8th International Conference on Object-Oriented. Information Systems
Forward Simulation for Data Refinement of Classes
FME '02 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods - Getting IT Right
Runtime verification of .NET contracts
Journal of Systems and Software - Special issue on: Component-based software engineering
Proceedings of the 2006 ACM symposium on Applied computing
Modular verification of higher-order methods with mandatory calls specified by model programs
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Verified Software: Theories, Tools, Experiments
Tisa: A Language Design and Modular Verification Technique for Temporal Policies in Web Services
ESOP '09 Proceedings of the 18th European Symposium on Programming Languages and Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Enabling expressive aspect oriented modular reasoning by translucid contracts
Proceedings of the ACM international conference companion on Object oriented programming systems languages and applications companion
Proceedings of the tenth international conference on Aspect-oriented software development
Towards client-aware interface specifications
Proceedings of the ACM international conference companion on Object oriented programming systems languages and applications companion
JML’s rich, inherited specifications for behavioral subtypes
ICFEM'06 Proceedings of the 8th international conference on Formal Methods and Software Engineering
On exceptions, events and observer chains
Proceedings of the 12th annual international conference on Aspect-oriented software development
Hi-index | 0.00 |
Development of different parts of large software systems by separate teams, replacement of individual software parts during maintenance without changing other parts, and marketing of independently developed software components require interface descriptions. Interoperation is impossible without sufficient description; only abstraction leaves room for alternate implementations. Specifications that only relate the state prior to service invocation (precondition) to that after service termination (postcondition) do not sufficiently capture external calls made during operation execution. If other methods called in the specification cannot be fully specified, it is not sufficient that the implementation only performs the specified state transformation. The implementation must also make the prescribed external calls in the respective states. We show how to specify both state change and external call sequences using simple extensions of programming languages. Furthermore, we give a formal definition of the correctness of implementations with respect to such specifications and show how to prove correctness in practice with data refinement in context.