Proceedings Second International Conference on Formal Engineering Methods (Cat.No.98EX241)

9-11 Dec. 1998

Filter Results

Displaying Results 1 - 25 of 25
  • Proceedings Second International Conference on Formal Engineering Methods (Cat.No.98EX241)

    Publication Year: 1998
    Request permission for commercial reuse | |PDF file iconPDF (1727 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 1998, Page(s):v - vii
    Request permission for commercial reuse | |PDF file iconPDF (253 KB)
    Freely Available from IEEE
  • Author index

    Publication Year: 1998, Page(s): 235
    Request permission for commercial reuse | |PDF file iconPDF (95 KB)
    Freely Available from IEEE
  • Automatic synthesis of controllers from formal specifications

    Publication Year: 1998, Page(s):134 - 143
    Cited by:  Papers (12)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (320 KB)

    Many safety critical reactive systems are indeed embedded control systems. Usually a control system can be partitioned into two main subsystems: a controller and a plant. Roughly speaking: the controller observes the state of the plant and sends commands (stimulus) to the plant to achieve predefined goals. We show that when the plant can be modeled as a deterministic finite state system (FSS) it i... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards industrially applicable formal methods: three small steps, and one giant leap

    Publication Year: 1998, Page(s):76 - 88
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (128 KB)

    We discuss issues in the development of formal methods for use in aerospace applications, reflecting our experience in working with both Rolls-Royce and British Aerospace. We discuss some of the key factors which we believe govern the application of discrete mathematics to aerospace applications, drawing comparisons with applied engineering mathematics in other domains. We give an overview of thre... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • From monolithic to modular formal specification

    Publication Year: 1998, Page(s):122 - 131
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (128 KB)

    Formal specification using mathematical text provides a sound basis for developing complex systems, especially safety-critical systems. The paper discusses three formal specification styles for state-based systems from monolithic, through Z to modular each illustrated by the same simple example. In each case, formal text which is left implicit in practice is identified and discussed. The paper inc... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The B Bank: a complete case study

    Publication Year: 1998, Page(s):190 - 199
    Cited by:  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (168 KB)

    We develop a Web based banking application with cashier and automated teller machine functionality using the B formal method. The complete development, including the front end, is specified and refined to an executable application in Atelier B. Refinement between specifications and their implementations is proved mechanically. At 2'324 lines of code and 1'397 proof obligations the B Bank is not a ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using model checking to generate tests from specifications

    Publication Year: 1998, Page(s):46 - 54
    Cited by:  Papers (123)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (208 KB)

    We apply a model checker to the problem of test generation using a new application of mutation analysis. We define syntactic operators, each of which produces a slight variation on a given model. The operators define a form of mutation analysis at the level of the model checker specification. A model checker generates countersamples which distinguish the variations from the original specification.... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Proving inductive theorems using witnessed test sets

    Publication Year: 1998, Page(s):158 - 164
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (128 KB)

    Based on a new approach to deciding ground reducibility by introducing witnesses, we design an algorithm for proving inductive theorems using witnessed test sets for left-linear rewrite systems. Experimental results show that compared with the standard test set approach presented by Kapur, Narendran and Zhang (1991), our method generates test sets of smaller size and is more efficient to prove ind... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Defining differentiation and integration in Z

    Publication Year: 1998, Page(s):64 - 73
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (240 KB)

    We show how familiar mathematical concepts from differential and integral calculus can be represented in the Z specification language. Digital computer systems involve hardware devices and software variables that can adopt a limited range of values only, and may be temporarily inaccessible or ill-defined. Emphasis is therefore given to supporting discrete range types and partial functions View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Interacting frameworks in Catalysis

    Publication Year: 1998, Page(s):110 - 119
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (152 KB)

    In current OO design, most of the existing (semi-formal) methods use classes or objects as the basic unit of design. However it is increasingly recognised that classes are not the best focus for design. Typical design artefacts are about groups of objects and the way they interact In the Catalysis project, we use the term frameworks for descriptions of groups of objects, their relationships, divis... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Formal specification of CORBA services using Object-Z

    Publication Year: 1998, Page(s):180 - 189
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (120 KB)

    Open component architectures, such as CORBA, allow software systems to be composed of independent components. The behavior of components is described with a mixture of an interface definition language (IDL) and informal prose. This may lead to ambiguous descriptions. The paper proposes an abstract specification of components using the formal specification language Object-Z. The usage of Object-Z e... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • B model animation for external verification

    Publication Year: 1998, Page(s):36 - 45
    Cited by:  Papers (10)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (152 KB)

    The B method is a model-based approach covering all the software development process, from the specification to the code. External verification of B models aims to determine whether they correctly capture the informal requirements. It is argued that verification techniques like B model animation or code testing should accompany the formal development process and give a feedback of the system that ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Selective integration of formal methods in the development of electronic control units

    Publication Year: 1998, Page(s):144 - 155
    Cited by:  Papers (8)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (2200 KB)

    This paper introduces a dual approach for describing the software of embedded systems in motor vehicles. The approach divides the description into two parts, an operational model and a number of associated model properties. Starting from a tool-based software design with established structured methods that are basically suitable for the integration of mathematically precise techniques, proposals a... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A process algebra based verification of a production system

    Publication Year: 1998, Page(s):90 - 99
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (188 KB)

    Studying industrial systems by simulation enables the designer to study the dynamic behaviour and to determine some characteristics of the system. Unfortunately simulation also has some disadvantages. These can be overcome by using formal methods. Formal methods allow a thorough analysis of the possible behaviours of a system, parameterised system analysis and a modular approach to the analysis of... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The formal specification of the fieldbus foundation link scheduler in E-LOTOS

    Publication Year: 1998, Page(s):200 - 209
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (156 KB)

    The paper examines the applicability of the new specification language E-LOTOS in the description of real time applications. E-LOTOS is the new extended version of LOTOS, currently under consideration by the ISO/IEC committee. The paper presents the complete process of producing the formal specification of a real time scheduler from its informal description. During this process, a semi formal mode... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A calculus based on the agent-place model

    Publication Year: 1998, Page(s):56 - 63
    Cited by:  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (268 KB)

    We introduce a new CCS-like process calculus for mobile agents called the AP (Agent and Place)-calculus. The calculus is based on the agent-place model which is a basis for mobility of an agent language Telescript by White (1996). A number of mobile calculi such as π-calculus, Mobile Ambients have been proposed as foundational calculi which are intended to describe the canonical model of comput... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Translating Object-Z specifications to passive test oracles

    Publication Year: 1998, Page(s):165 - 174
    Cited by:  Papers (18)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (104 KB)

    A test oracle provides a means for determining whether an implementation functions according to its specification. A passive test oracle checks the behaviour of the implementation, but does not attempt to reproduce this behaviour. The paper describes the translation of formal specifications of container classes to passive test oracles. Specifically, we use Object-Z for specifications and C++ for o... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Interaction interfaces-towards a scientific foundation of a methodological usage of message sequence charts

    Publication Year: 1998, Page(s):2 - 13
    Cited by:  Papers (8)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (176 KB)

    We introduce the formal notion of an interaction interface. Its purpose is to specify formally the interaction between two or more components that co-operate as subsystems of a distributed system. We suggest the use of interaction interfaces for the description not of the behaviour of a single component in isolation but of the interface, the co-operation, between two or more components that are in... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Market-driven symbolic execution of models of manufacturing enterprises

    Publication Year: 1998, Page(s):100 - 109
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (120 KB)

    We apply formal description techniques (FDT) to model, compose and give operational meaning to the class of reactive systems representing manufacturing enterprises. The enterprise pursues its activities by means of resources and processes that execute concurrently on the resources, subject to internal (resource) and external (market) constraints. Some modelling techniques are familiar for reactive... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Application of embedded testing methods to service validation

    Publication Year: 1998, Page(s):212 - 221
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (64 KB)

    Conformance testing is a critical phase in the life cycle of communicating systems. However, classical testing methods are not appropriate for use in all tasks concerning the test of telecommunications services (especially regression and integration tests). This is so because Intelligent Networks, into which these services are installed are modular architectures (composed of building blocks) evolv... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Ubiquitous abstraction: a new approach for mechanized formal verification

    Publication Year: 1998, Page(s):176 - 178
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (32 KB)

    Ubiquitous abstraction involves the construction of many different abstracted system descriptions at many different points in an analysis, and for several different purposes. This method has great promise as a way to ease difficulties and increase productivity and automation in the formal analysis of concurrent systems. The approach also provides a new way to combine different tools, such as theor... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Active objects in TCOZ

    Publication Year: 1998, Page(s):16 - 25
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (136 KB)

    Active objects have their own thread of control and passive objects are controlled by others. In Object-Z, all objects are modelled as passive objects. Timed Communicating Object Z (TCOZ) extends the Object-Z notation with Timed CSP's process and timing constructs. The blending of the concepts of object and non-terminating process leads to the notion of active object in TCOZ. This paper considers ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Specification-based class testing: a case study

    Publication Year: 1998, Page(s):222 - 231
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (140 KB)

    The paper contains a case study demonstrating a complete process for specification based class testing. The process starts with an abstract specification written in Object-Z and concludes by exercising an implementation with test cases and evaluating the results. The test cases are derived using the Test Template Framework for each individual operation. They are analysed to generate a finite state... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Incremental architectural modeling and verification of real-time concurrent systems

    Publication Year: 1998, Page(s):26 - 34
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract |PDF file iconPDF (140 KB)

    An incremental approach for architectural modeling and analysis of real-time concurrent systems is presented. The approach integrates existing formal methods, more specifically time Petri nets and real-time computational tree logic, and leverages their complementary strengths in a way that allows us to systematically enforce that architectural design meets the system's timing requirements, and to ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.