Learn More
We present algebraic laws for a language similar to a subset of sequential Java that includes inheritance, recursive classes, dynamic binding, access control, type tests and casts, assignment, but no sharing. These laws are proved sound with respect to a weakest precondition semantics. We also show that they are complete in the sense that they are(More)
Circus specifications define both data and behavioural aspects of systems using a combination of Z and CSP. Previously, a denotational semantics has been given to Circus; however, as a shallow embedding of Circus in Z, it was not possible to use it to prove properties like the refinement laws that justify the distinguishing development technique associated(More)
Using Morgan's refinement calculus, we can write software in a precise and consistent way. Nevertheless, this may involve long and repetitive developments. Several refinement strategies are useful in different developments, and even in different points of a single development. A lot is gained by identifying these strategies, documenting them as tactics, and(More)
The cardiac pacemaker has emerged as a case study for evaluating the effectiveness of techniques for the verification and design of embedded systems with complex control requirements. This paper reports on the experiences of using this case study to evaluate the concurrency model of two programming language subsets that target safety-critical systems(More)
We present a refinement strategy for Circus, which is the combination of Z, CSP, and the refinement calculus in the setting of Hoare and He’s unifying theories of programming. The strategy unifies the theories of refinement for processes and their constituent actions, and provides a coherent technique for the stepwise refinement of concurrent and(More)