This paper describes a method to verify safety properties of parameterized linear networks of processes. The method is based on the construction of a network invariant, defined as a fixpoint. Such invariants can often...
详细信息
ISBN:
(纸本)9780897918534
This paper describes a method to verify safety properties of parameterized linear networks of processes. The method is based on the construction of a network invariant, defined as a fixpoint. Such invariants can often be automatically computed using heuristics based on Cousot's widening techniques. These techniques have been implemented and some non-trivial examples are presented.
Many consider the bugs expected to rise at the change of the century to be a normal maintenance issue. In this paper we show, that there are some significant differences. Taking advantage of this differences may help ...
详细信息
Many consider the bugs expected to rise at the change of the century to be a normal maintenance issue. In this paper we show, that there are some significant differences. Taking advantage of this differences may help to lower migration costs. We look at how organizations adapt their maintenance capabilities to the demand. Under normal conditions this strategy helps simultaneously to cope with the occurring bug load and to keep costs down. Century change related bugs, however, occur in large quantity also in programs with very low error rates in the past, bringing organization in a situation they are not prepared to. We deduce, that more mechanical approaches may be more appropriate and cost effective. A list of criteria is deduced to find the best approach in a given situation.
Defining the collecting semantics is usually the first crucial step in adapting the general methodology of abstract interpretation to the semantic framework or programming language at hand. In this paper we show how t...
详细信息
Defining the collecting semantics is usually the first crucial step in adapting the general methodology of abstract interpretation to the semantic framework or programming language at hand. In this paper we show how to define a collecting semantics for control flow analysis;due to the generality of the formulation we need to appeal to coinduction (or greatest fixed points) in order to define the analysis. We then prove the semantic soundness of the collecting semantics and that all totally deterministic instantiations have a least solution;this incorporates k-CFA, polymorphic splitting and a new class of uniform-k-CFA analyses.
In unrestricted branching programs all variables may be tested arbitrarily often on each path. But exponential lower bounds are only known if on each path the number of tests of each variable is bounded. We examine br...
详细信息
In unrestricted branching programs all variables may be tested arbitrarily often on each path. But exponential lower bounds are only known if on each path the number of tests of each variable is bounded. We examine branching programs in which for each path the number of variables that are tested more than once is bounded by k but we do not bound the number of tests of those variables. Using a new lower bound method we can prove that such branching programs become more powerful by increasing k only by 1: For k less than or equal to (1 - epsilon)(n/3)((1/3))/1og(2/3) n, where epsilon > 0, we exhibit Boolean functions that can be represented in polynomial size if k variables may be tested more than once on each path, but only in exponential size if k - 1 variables may be tested more than once on each path. Therefore, we obtain a tight hierarchy. (C) 1996 Academic Press, Inc.
Given a specification that includes a number of user requirements, we wish to focus on the requirements in turn, and derive a partly defined program for each;then combine all the partly defined programs into a single ...
详细信息
Given a specification that includes a number of user requirements, we wish to focus on the requirements in turn, and derive a partly defined program for each;then combine all the partly defined programs into a single program that satisfies all the requirements simultaneously. In this paper we introduce a mathematical basis for solving this problem, and we illustrate it by means of a simple example.
A program difference integration algorithm, which integrates two different versions of programs derived from an original program into a common one, is given. The algorithm uses two kinds of program slices: backward sl...
详细信息
A program difference integration algorithm, which integrates two different versions of programs derived from an original program into a common one, is given. The algorithm uses two kinds of program slices: backward slice and forward slice, which enables the algorithm to integrate a class of programs that cannot be integrated by the existing algorithms. The class includes such significant programs that one version is obtained by modifying then clause of an if statement in the original program and the other is obtained by modifying else clause of the if statement. It is also shown that the algorithm satisfies associativity by regarding a program as a Boolean algebra in which the algorithm is expressed by an integration operation whose associativity is easily proved. The algorithm's associativity is shown by the correspondence between the algorithm and the algebra.
The notion of reductivity of a relation with respect to a datatype is introduced and related to inductivity and initiality. The use of reductivity in constructing terminating programs is discussed. A calculus of reduc...
详细信息
The notion of reductivity of a relation with respect to a datatype is introduced and related to inductivity and initiality. The use of reductivity in constructing terminating programs is discussed. A calculus of reductivity, discussed in more detail in a companion paper, is introduced.
A system of hierarchical, fully recursive types in a truly imperative language allows program fragments written for small types to be reused for all larger types. To exploit this property to enable type-safe hierarchi...
详细信息
A system of hierarchical, fully recursive types in a truly imperative language allows program fragments written for small types to be reused for all larger types. To exploit this property to enable type-safe hierarchical procedures, it is necessary to impose a static requirement on procedure calls. We introduce an example language and prove the existence of a sound requirement which preserves static correctness while allowing hierarchical procedures. This requirement is further shown to be optimal, in the sense that it imposes as few restrictions as possible. This establishes the theoretical basis for a general type hierarchy with static type checking, which enables first-order polymorphism combined with multiple inheritance and specialization in a language with assignments. We extend the results to include opaque types. An opaque version of a type is different from the original but has the same values and the same order relations to other types. The opaque types allow a more flexible polymorphism and provide the usual pragmatic advantages of distinguishing between intended and unintended type equalities. Opaque types can be viewed as a compromise between synonym types and abstract types.
We present a graphical calculus, which allows mathematical formulae to be represented and reasoned about using a visual representation. We define how a formula may be represented by a graph, and present a number of la...
详细信息
We present a graphical calculus, which allows mathematical formulae to be represented and reasoned about using a visual representation. We define how a formula may be represented by a graph, and present a number of laws for transforming graphs, and describe the effects these transformations have on the corresponding formulae. We then use these transformation laws to perform proofs. We illustrate the graphical calculus by applying it to the relational and sequential calculi. The graphical calculus makes formulae easier to understand, and so often makes the next step in a proof more obvious. Furthermore, it is more expressive, and so allows a number of proofs that cannot otherwise be undertaken in a point-free way.
We present three refinement principles supporting the transition from system specifications based on (unbounded) asynchronous communication to system specifications based on (bounded) synchronous communication. We ref...
详细信息
We present three refinement principles supporting the transition from system specifications based on (unbounded) asynchronous communication to system specifications based on (bounded) synchronous communication. We refer to these principles as partial, total and conditional refinement, respectively. We distinguish between two synchronization techniques, namely synchronization by hand-shake and synchronization by real-time constraints. Partial refinement supports synchronization by hand-shake with respect to safety properties. Total refinement supports synchronization by hand-shake with respect to both safety and liveness properties. Finally, conditional refinement supports both synchronization by hand-shake and by real-time constraints. We discuss, relate and show the use of these principles in a number of small examples.
暂无评论