Juan Carlos Bicarregui

• BSc MSc PhD
• Head of Department at Science and Technology Facilities Council

The systemic challenges of the COVID-19 pandemic require cross-disciplinary collaboration in a global and timely fashion. Such collaboration needs open research practices and the sharing of research outputs, such as data and code, thereby facilitating research and research reproducibility and timely collaboration beyond borders. The Research Data A...

The systemic challenges of the COVID-19 pandemic require cross-disciplinary collaboration in a global and timely fashion. Such collaboration needs open research practices and the sharing of research outputs, such as data and code, thereby facilitating research and research reproducibility and timely collaboration beyond borders. The Research Data A...

The European Open Science Cloud (EOSC) has the objective to provide a virtual environment offering open and seamless services for the re-use of research data across borders and scientific disciplines. This ambitious vision sets significant challenges that the research community must meet if the benefits of EOSC are to be realised. One of those chal...

This document summarises the output of the RDA Europe Task Force on Sustainability, assessing the status of RDA Global sustainability from the RDA Europe perspective in terms of funding-financing and governance, analysing the overall landscape in which RDA & RDA Europe are operating, and proposing a set of recommendations for the future.

Review commissioned by the Wellcome Trust focusing on building and sustaining data infrastructures.

Today's scientific research is conducted not just by single experiments, but rather by sequences of related experiments or projects linked by a common theme that lead to a greater understanding of the physical world. This is particularly true of research at large-scale facilities such as synchrotrons, neutron sources, and free-electron lasers. Thes...

The DEPLOY project has provided a rare opportunity to explore and document the potential benefits of and challenges to creating and exploiting usable formal methods. Using the results of an updated review of 98 industrial applications, we identify trends relating to analytic power, robustness, stability and usability of tools, as well as to the qua...

‘Big Science’ - that is, science which involves large collaborations with dedicated facilities, and involving large data volumes and multinational investments – is often seen as different when it comes to data management and preservation planning. Big Science handles its data differently from other disciplines and has data management problems that...

The MaRDI-Gross project aims to provide high-level guidance for the strategic and engineering development of Data Management and Preservation plans for Big Science data. The main outcome will be a document, the nominal audience for which is therefore rather narrow. However, the intention is that the document be of use to other planners and data arc...

This report exists to provide high-level guidance for the strategic and engineering development of Data Management and Preservation plans for 'Big Science' data. Although the report's nominal audience is therefore rather narrow, we intend the document to be of use to other planners and data architects who wish to implement good practice in this are...

A Data Sharing Agreement (DSA) is a contract among two or more principals regulating how they share data. Agreements are usually represented as a set of clauses expressed using the deontic notions of obligation, prohibition and permission. In this paper, we present how to model DSAs using the Event-B specification language. Agreement clauses are mo...

Software preservation has not had detailed consideration as a research topic or in practical application. In this paper, we present a conceptual framework to capture and organise the main notions of software preservation, which are required for a coherent and comprehensive approach. This framework has three main aspects. Firstly a discussion of wha...

Scientific facilities, in particular large-scale photon and neutron sources, have demanding requirements to manage the increasing quantities of experimental data they generate in a systematic and secure way. In this paper, we describe the ICAT infrastructure for cataloguing facilitygenerated experimental data which has been in development within ST...

We examine the the industrial application of formal methods using data gathered in a review of 62 projects taking place over the last 25 years. The review suggests that formal methods are being applied in a wide range of application domains, with increasingly strong tool support. Significant challenges remain in providing usable tools that can be i...

The concept of Significant Properties is one which has been much discussed within the preservation community as a way of characterising the essential features of a digital object which must be maintained over time. However, the term Significant Properties has been given a variety of definitions and used in various ways over the past several years....

Formal methods use mathematical models for analysis and verification at any part of the program life-cycle. We describe the state of the art in the industrial use of formal methods, concentrating on their increasing use at the earlier stages of specification and design. We do this by reporting on a new survey of industrial use, comparing the situat...

In goal-oriented requirements engineering methodologies, goals are structured into refinement trees from high-level system-wide goals down to fine-grained requirements assigned to specific software/hardware/human agents that can realise them. Functional goals assigned to software agents need to be operationalised into specification of services that...

Preservation of software components is a key aspect of preservation of data, as processing and analysis software frequently needs to be preserved to maintain the usability of data. However, only a small part of the research which has been carried out to date on the preservation of digital objects has looked specifically at the preservation of softw...

We propose a syntactic extension of Event-B incorporating a limited notion of obligation described by triggers. The trigger of an event is the dual of the guard: when a guard is not true, an event must not occur, whereas when a trigger is true, the event must occur. The obligation imposed by a trigger is interpreted as a constraint on when the othe...

In this paper, we discuss the use of formal requirements-engineering techniques in capturing security requirements for a Grid-based operating system. We use KAOS goal model to represent two security goals for Grid systems, namely authorisation and single-sign on authentication. We apply goal-refinement to derive security requirements for these two...

In this paper, we present a formal model of virtual organisations that incorporates the concept of conflicts of interest. The model, which follows an incremental development approach using Event-B, focuses on goals and organisations at the abstract level and introduces resources at the concrete level. The model is motivated by the type of virtual o...

In this paper, we discuss the use of formal requirements engineering techniques in capturing security requirements for a Grid-based operating system. Our approach is based on the KAOS methodology in which system goals can be refined to sets of requirements that can be satisfied by agents performing specific operations on system objects. We focus on...

In this paper we present HySAT, a bounded model checker for linear hybrid systems, incorporating a tight integration of a DPLL---based pseudo---Boolean SAT solver and a linear programming routine as core engine. In contrast to related tools like MathSAT, ...

An important step in meeting the Verifying Compiler Grand Challenge is the Verified Software Repository. In the FMICS view, the repository should include proven correct software and tools to help establishing the correctness of the software in question. We propose to set up a collaborative demonstrator, based on the jETI technology, to provide tool...

We describe a compositional approach to the formal interpretation of type view diagrams and statecharts. We define theories for object instances and classes, and theories for associations between them. These theories are combined with categorical constructions to yield a formalisation of the entire system. We observe that some notations require th...

The slides and other material from the second workshop of the Mondex Case Study for the Verified Software Repository

The Verified Software Repository is dedicated to a long-term vision of a future in which all computer systems justify the trust that Society increasingly places in them. This will be accompanied by a substantial reduction in the current high costs of programming error, incurred during the design, development, testing, installation, maintenance, evo...

This paper introduces an approach to verify the correctness of the implementation of real-time languages. We apply the techniques presented in Hoare and He's Unifying Theories of Programming to reason about the correctness of compilers and schedulers for real-time languages, using high-level abstractions such as algebraic laws. In the compilation p...

We cover 5 aspects of data creation: 1. The nature of the data itself 2. The creation of data by physical research 3. The creation of data by e-research 4. The creation of data by digitization or repurposing from other sources 5. The integration and certification of data Throughout the document by data we mean information and data. For each topic w...

We cover 5 aspects of data creation: 1. The nature of the data itself 2. The creation of data by physical research 3. The creation of data by e-research 4. The creation of data by digitization or repurposing from other sources 5. The integration and certification of data Throughout the document by data we mean information and data. For each topic w...

In this paper we present an attempt to represent dynamic communication links between abstract machines in the B method. The approach complements a previously proposed extension to B, that supports dynamic creation and deletion of machine instances, providing a mechanism for dynamically connecting or disconnecting machine instances for communication...

We previously defined an extension to the B method to be able to dynamically aggregate components. The proposed extension allowed one to build specifications which can create and delete instances of machines at run time, a feature often associated with object oriented languages and not directly supported in the B method. In this paper, we study the...

This paper presents a semantic framework for a large part of UML, and gives a set of transformations on UML models based on This paper presents a semantic framework for a large part of UML, and gives a set of transformations on UML models based on this semantics. These transformations can be used to enhance, rationalise, refine or abstract UML mode...

We previously defined an extension to the B method to be able to dynamically aggregate components. The proposed extension allowed one to build specifications which can create and delete instances of machines at run time, a feature often associated with object oriented languages and not directly supported in the B method. In this paper, we study the...

The formal methods in information systems development at CCLRC, are discussed. It is stated that at CCLRC high quality scientific and engineering research is promoted by providing facilities and technical expertise in support of the basic, strategic and applied research programmes. CCLRC research and development is focussed on three kind of activit...

We study some restrictions associated with the mechanisms for structuring and modularising specifications in the B abstract machine notation. We propose an extension of the language that allows one to specify machines whose constituent modules (other abstract machines) may change dynamically, i.e., at run time. In this way, we increase the expressi...

We study some restrictions associated with the mechanisms for structuring and modularising specifications in the B abstract machine notation. We propose an extension of the language that allows one to specify machines whose constituent modules (other abstract machines) may change dynamically, i.e., at run time. In this way, we increase the expressi...

We discuss the interpretation of read and write frames in model-oriented specification taking the B’s generalised substitutions as the vehicle for the presentation. In particular, we focus on the interpretation of read frames, the semantics of which have not been considered by previous authors. We gives several examples of the relevance of read fra...

In this paper we describe a possible semantics for a large part of the Unified Modelling Notation (UML), using structured theories in a simple temporal logic.

Transformations of object-oriented models based on a rigorous underlying semantics represent a means of obtaining the benefits of formal methods without the need for users to reason directly in mathematical formalisms. In this paper we present a set of diagrammatic transformations on UML models which represent refinement or abstraction steps. We sh...

Motivated by a scientific application, where virtual organisations are dynamically created to achieve specific goals by sharing resources and information, we propose the synthesis of two lines of research: policy-based access control and distributed firewalls. Through this fusion we expect to deliver a scalable method of setting up security infrast...

Interpolation (together with completeness and decidability) has become one of the standard properties that logicians investigate when designing a logic. In this paper, we provide strong evidence that the presence of interpolants is not only cogent for scienti c reasoning but has also important practical implications in computer science. We illustra...

The VDM+B project is developing the formal underpinnings for an integration of VDM and B enabling their co-use within one development.

We describe a web-based multidisciplinary data portal, currently under construction and based on a new metadata model of scientific data, for exploring and accessing the content of initially the data resources held within CLRC's main laboratories. This system comprises a web-based user interface incorporating access control and a metadata catalogue...

FAPR'2000. International Conference on Pure and Applied Practical Reasoning.

Proceedings of the Fourth International Conference on Electronic Commerce Research, ATSMA, IFIP, INFORMS 2 360-381

GRID computing has emerged as an important new field, distinguished from conventional distributed computing by its focus on large-scale resource sharing including distributed very large data-stores and high-performance networking, and innovative applications such as remote control of experiments and distributed group working in virtual organisation...

The World Wide Web can be considered as the universe of network-accessible information (available through your computer, phone, television, or other networked device.). Today, this universe benefits society by enabling new forms of human communication and offering new opportunities to share knowledge. However, the need to provide e-services over in...

VDM and B are two mature formal methods currently in use by industry and supported by commercial tools. Though the methods are foundationally similar, the coverage of their supporting tools differs significantly. The integration and co-use of the two methods has been considered in a number of previous papers, and it has been demonstrated that both...

The B-Method provides a collection of structuring mechanisms which support information hiding, modularisation and compositionality of module operations, although, in order to achieve compositionality and independent (parallel) refinement, sharing is restricted in B. In this paper we elaborate some non-interference and compositionality assumptions t...

The B-Method provides a collection of structuring mechanisms which support information hiding, modularisation and compositionality of module operations, although, in order to achieve compositionality and independent (parallel) refinement, sharing is restricted in B. In this paper we elaborate some non-interference and compositionality assumptions t...

. In this paper we provide a systematic formal interpretation for most elements of the UML notation. This interpretation, in a structured temporal logic, enables precise analysis of the properties of these models, and the verification of one model against another. We extend previous work by providing a structured logical interpretation for sequence...

. There is undoubtedly a huge gap between the level of formality currently in use in mainstream software engineering and the "best practise" advocated by academics and practised by a small sector of industry involved in critical applications. This paper presents some results of recent research which are building bridges between these two approaches...

In this paper we describe investigations into the use of automatic theorem proving technology in the refutation of proof obligations. Specifically, we discuss the use of resolution based theorem proving and model checking to find false obligations and counterexamples. These techniques can be used as basis of an automatic method for finding faults i...

Control Engineering Practice 8 71-79

. This paper describes techniques for the automatic synthesis of veried controllers for discrete event systems, based on the invariants of behaviour required for such systems. We dene alternative structuring approaches for controllers, and the correspondences between this decomposition and structuring in the B formal method, which is used to provid...

In this paper we study the problem of integrating heterogeneous formal notations, emphasising the integration of the axiomatic (logical) semantics. We present a general method for integrating the consequence systems of interrelated heterogeneous formal notations and explain why and when the resulting compound muiltilogical consequence system may ne...

The Unified Modelling Language (UML) is becoming the de facto industry standard notation for object-oriented analysis and design. In this paper we outline a semantic framework for UML which would support formal analysis and verification as part of a rigorous development process for critical systems. 1 Introduction The UML [8] combines and extends e...

There is undoubtedly a huge gap between the level of formality currently in use in mainstream software engineering and the "best practise" advocated by academics and practised by a small sector of industry involved in critical applications. This paper presents some results of recent research which are building bridges between these two approaches:...

This paper discusses the benefits of adding fonnal specification in B to existing controller synthesis techniques, and some of the limitations of B for this area of application. Examples from case studies carried out in the “Object-oriented specification of Real-time and Reactive Systems” (ROOS) project are given

. VDM and B are two mature formal methods currently in use by industry and supported by commercial tools. Though the methods are foundationally similar, the coverage of their supporting tools differ significantly. The SPECTRUM project has investigated the feasibility of integrating support for the two methodologies. In this paper, we describe the p...

Within the design process, a high-level specification is subject to two conflicting tensions. It is used as a vehicle for validating the requirements, and also as a first step of the refinement process. Whilst the structuring mechanisms available in the B method are well-suited for the latter purpose, the rich type constructions of VDM are useful f...

This chapter describes using the PVS system as a tool to support VDMSL. It is possible to translate from VDM-SL into the PVS specification language in a very easy and direct manner, thus enabling the use of PVS for typechecking and verifying properties of VDM-SL specifications and refinements. The translation is described in detail and illustrated...

Although the formal method VDM has been in existence since the 1970's, there are still no satisfactory tools to support verification in VDM. This paper deals with one possible means of approaching this problem by using the PVS theorem-prover. It describes a translation of a VDM-SL specification into the PVS specification language using, essentially...

. Bespoke development of large business systems can be couched in terms of the composition of components, which are, put simply, chunks of development work. Design, mapping a specification to an implementation, can also be expressed in terms of components: a refinement comprising an abstract component, a concrete component and a mapping between the...

This paper will present the case for using a formal component-based specification technique for reactive systems, such as the Object Calculus of Fiadeiro and Maibaum. The Object Calculus provides a modular, highly declarative and abstract specification language, suitable for refinement using model-based design notations such as B or VDM. In the Obj...

UML'98 International Workshop: Beyond the Notation

EXPRESS and SQL are two ISO standard languages for modelling data. However, EXPRESS is abstract in the sense that it is intended to be used to define application-oriented data types, whereas SQL is concrete in that all data must be modelled using relation tables. In this chapter, we specify and prove some properties of an EXPRESS to SQL “compiler”...

Proc. Second ECOOP Workshop on Precise Behavioral Semantics

Not so many years ago, it would have been difficult to find more than a handful of examples of the use of formal methods in industry. Today however, the industrial application of formal methods is becoming increasingly common in a variety of application areas, particularly those with a safety, security or financially critical aspects. Furthermore,...

Although the formal method VDM has been in existence since the 1970s, there are still no satisfactory tools to support verification in VDM. The paper deals with one possible means of approaching this problem by using the PVS theorem-prover. It describes a translation of a VDM-SL specification into the PVS specification language using, essentially,...

We present an approach to the specification of required external non-determinism: the willingness of a component to respond to a number of external action requests, using a language, COMMUNITY, which provides both permission and willingness guards on actions. This enables a program-like declaration of required non-determinism, in contrast to the us...

The use of formality in software development enables formal manipulation at the symbolic level and hence can yield new perspectives on the design which can be submitted to inspection and interactive or automatic analysis. We describe the experience of an industrial pilot project which undertook a formal development using VDM and B and employed a nu...

This paper identifies how object models, statecharts and interaction diagrams can be given a semantics in the Object Calculus of Fiadeiro and Maibaum. A compositional interpretation of object model and statechart diagrams is developed, with separate theories constructed for object instances, class managers and associations which are then combined u...

The paper reports on an investigation into the application of the B method of formal software development. Six case studies are described, each exploring a different aspect of the use of the B methodology and toolkit. The case studies are drawn from a diverse range of applications and address different aspects of the software development lifecycle....

. We describe a compositional approach to the formal interpretation of type view diagrams and statecharts. We define theories for object instances and classes, and theories for associations between them. These theories are combined with categorical constructions to yield a formalisation of the entire system. We observe that some notations require t...

. This paper is concerned with bridging the gap between approaches for the synthesis of controllers in the process industries and formal methods of specifying, designing and verifying reactive and realtime systems. We present a method which integrates techniques for the synthesis of procedural controllers [24] with specification and verification te...

This paper describes an investigation into the proof facilities within the BToolkit based on a study of the specification and refinement of low level code in the control systems domain. We describe the problems we encountered and some means by which these problems can be tackled within the existing framework. We conclude with some more general guid...

This paper presents work performed in the EPSRC “Object-oriented Specification of Reactive and Real-time Systems” project. It aims to provide formal design methods for real-time systems, using a combination of the VDM++ formal method and the HRT-HOOD method. We identify refinement steps for hard real-time systems in VDM++, together with a case stud...

We develop a compositional interpretation of object model and statechart diagrams as used in the “Syntropy” method of Object-Oriented Analysis and Design. Separate theories are constructed for object instances, class managers and associations which are then combined with categorical constructions to yield a formal interpretation of the complete sys...

ASE'97, 12th IEEE International Conference on Automated Software Engineering, Hyatt Regency Lake Tahoe

OOPSLA 97 workshop on Specification of Behavioral Semantics

Object-Based languages, methods and designs have become increasingly important in the software engineering community. However, although there has been much theoretical work, there is no commonly accepted method for describing their formal foundations. This paper describes work in progress to formalise an objectbased language, the EXPRESS ISO standa...

BCS-FACS Northern Formal Methods Workshop, 1996

This paper considers the integration of documents written using the Standard Generalized Markup Language (SGML) into an information modelling context using EXPRESS. An architecture is presented which allows storage and retrieval of SGML Document Type Definitions (DTDs), and documents which conform to those DTDs. Also considered is the extraction of...

Process modelling is the formal description of the activities undertaken by an organisation. By modelling such processes we can support and improve these activities. Taking a control system development project as an example, we describe how process modelling can be integrated into an EXPRESS based environment using the EXPRESS-P extension to EXPRES...

VDM and B are two “model-oriented” formal methods. Each gives a notation for the specification of systems as state machines in terms of a set of states with operations defined as relations on that set. Each has a notion of refinement of data and operations based on the principles of reduction of non-determinism and increase in definedness. This pap...

The read and write frames of reference variables used in the VDM style of operation decomposition serve two purposes. Syntactically, they bind the variables that occur in the predicates of the operation specification; and semantically, they record what access to the state an implementation can be allowed to make. This paper examines the use of fram...

This paper reports on the experience gained in the MaFMeth project, which undertook a formal development with tool support for several parts of the life cycle from requirements capture through to C code generation. We explore the hypotheses that formal methods enable the early detection of faults in design by examining the development process in th...