Bernard Sufrin

Learn More
A complete set of algebraic laws is given for Dijkstra's nondeterministic sequential programming language. Iteration and recursion are explained in terms of Scott's domain theory as fixed points of continuous functionals. A calculus analogous to weakest preconditions is suggested as an aid to deriving programs from their specifications.
A specification of the UNIX filing system is given using a notation based on elementary mathematical set theory. The notation used involves very few special constructs of its own. The specification is detailed enough to capture the filing system's behavior at the system call level, yet abstracts from issues of data representation, whether in programs or on(More)
The specification of a simple telephone system is used to illustrate two general features of specifications in Z: • how the use of schemas can drastically reduce the amount of rewriting required when developing specifications; and • how the direct use of mathematics makes it possible to describe desired properties of an implementation without constraining(More)
Jape is a program which supports the step-by-step interactive development of proofs in formal logics, in the style of proofs-on-paper. It is uncommitted to any particular logic and is customized by a description of a collection of inference rules and the syntax of judgements. It works purely at the surface syntactic level, as a person working on paper(More)
GUI design isn't simply a matter of putting a nice front-end on a capable program. It requires thought about the way in which people might be expected to use a system, and investigation of the ways that they actually use it. Jape's GUI has been designed to be as simple as possible, so that it will not get in the way of the business of proof. It is designed(More)