No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Software Component Design with the B Method — A Formalization in Isabelle/HOL
Abstract
This paper presents a formal development of an Isabelle/HOL theory for the behavioral aspects of artifacts produced in the design of software components with the B method. We first provide a formalization of semantic objects such as labelled transition systems and notions of behavior and simulation. We define an interpretation of the B method using such concepts. We also address the issue of component composition in the B method.
... An interesting example is the work of Dunne in [10], which includes additional information concerning the variables in scope at a substitution to solve some delicate issues that restrict what can be stated in B due to limitations of the pure WP semantics. On the other hand, some related work proposing the embedding of B into other formalisms with strong tool support, such as Isabelle/HOL, can be found in the literature [6,9]. As in the current research, the purpose of those works is combining strengths of both worlds, to achieve further proof or animation goals. ...
We propose B Maude, a prototype executable environment for the Abstract Machine Notation implemented in the Maude language. B Maude is formally defined and results from the implementation of the semantics of AMN as denotations in the Framework, a realization of Mosses' Component-based Semantics and Plotkin's Interpreting Automata. B Maude endows the B method with execution by rewriting, symbolic search with narrowing and Linear Temporal Logic model checking of AMN descriptions.
This research article proposes a novel approach called Distributed Reconfigurable B to specify and verify distributed reconfigurable control systems using B method. Reconfiguration signifies the dynamic adaptation of the system behavior to the evolution of its environment by applying a reconfiguration scenario. A multi-agent architecture is defined to affect a reconfiguration agent to ensure local reconfiguration for each subsystem and a coordination agent to manage the different subsystems to guarantee the coherence of the whole system. A reconfigurable system is a set of B operations where only a subset is executed by adding or removing operations after a well-defined reconfiguration scenario. Distributed Reconfigurable B defines two complementary steps to be applied in abstract model of B method: specification and verification. The first step models the agents according to Distributed Reconfigurable B formalism. The second verifies distributed reconfigurable control systems using Atelier B tool and avoids the redundant checking of different B machines by applying the implemented Check Reconfigurable B tool. We apply the contributions on the two benchmark production systems: FESTO and EnAS.
We propose a formal and mechanized framework which consists in verifying proof rules of the B method, which cannot be automatically proved by the elementary prover of Atelier B and using an external automated theorem prover called Zenon. This framework contains in particular a set of tools, named BCARe and developed by Siemens IC-MOL, which relies on a deep embedding of the B theory within the logic of the Coq proof assistant. This toolkit allows us to automatically generate the required properties to be checked for a given proof rule. Currently, this tool chain is able to automatically verify a part of the derived rules of the B-Book, as well as some added rules coming from Atelier B and the rule database maintained by Siemens IC-MOL.
In this article we introduce a comprehensive set of algebraic laws for ROOL, a language similar to sequential Java but with a copy semantics. We present a few laws of commands, but focus on the object-oriented features of the language. We show that this set of laws is complete in the sense that it is sufficient to reduce an arbitrary ROOL program to a normal form expressed in a restricted subset of the ROOL operators. We also propose a law for data refinement that generalises the technique from traditional modules to class hierarchies. Together, these laws are expressive enough to derive more elaborate rules that can be useful, for example, to formalize object-oriented design practices; this is illustrated through the systematic derivation of a refactoring from the proposed laws.
In this paper, we present recent developments in the Alt-Ergo SMT-solver to efficiently discharge proof obligations (POs) generated by Atelier B. This includes a new plugin architecture to facilitate experiments with different SAT engines, new heuristics to handle quantified formulas, and important modifications in its internal data structures to boost performances of core decision procedures. Experiments realized on more than 10,000 POs generated from industrial B projects show significant improvements.
We present a method to discharge proof obligations from Atelier B using multiple SMT solvers. It is based on a faithful modeling of B's set theory into polymorphic first-order logic. We report on two case studies demonstrating a significant improvement in the ratio of obligations that are automatically discharged.
Refining a B specification into an implementation can be a complex and time consuming process. This process can usually be
separated in two distinct parts: the specification part, where the refinement is used to introduce new properties and specification
details, and the implementation, where refinement is used to convert a detailed B specification into a B0 implementation.
The first part requires human interaction, since it corresponds to writing the specification. However, the implementation
part is more mechanical, and usually corresponds to apply known refinement schemes.
Statement
sqrt (real (2::nat)) Ï \mathbbQsqrt~ (real (2::nat))\not\in \mathbb{Q}
We use the theorem prover Isabelle to formalise and machine- check results of the theory of generalised substitutions given by Dunne and used in the B method. We describe the model of computation implicit in this theory and show how this is based on a compound monad, and we contrast this model of computation and monad with those implicit in Dunne's theory of abstract commands. Subject to a qualification con- cerning frames, we prove, using the Isabelle/HOL theorem prover, that Dunne's results about generalised substitutions follow from the model of computation which we describe.
We augment the usual wp semantics of substitutions with an explicit notion of frame, which allows us to develop a simple selfcontained
theory of generalised substitutions outside their usual context of the B Method. We formulate three fundamental healthiness
conditions which semantically characterise all substitutions, and from which we are able to derive directly, without need
of any explicit further appeal to syntax, a number of familiar properties of substitutions, as well as several new ones specifically
concerning frames. In doing so we gain some useful insights about the nature of substitutions, which enables us to resolve
some hitherto problematic issues concerning substitutions within the B Method.
We describe a semantic embedding of the basic concepts of the B language in the higher-order logic instance of the generic theorem prover Isabelle (Isabelle/HOL). This work aims at a foundation
to formalise the full abstract machine notation, in order to produce a formally checked proof obligation generator. The formalisation
is based on the B-Book. First we present an encoding of the mathematical basis. Then we formalise generalised substitutions
by the before-after model and we prove the equivalence with the weakest precondition axiomatic model. Finally we define operations
and abstract machines.
The B method is a means for specifying, designing and coding software systems. The long-awaited B Book is the standard reference for everything concerning this method. It contains the mathematical basis on which it is founded, the precise definitions of the notations used, and a large number of examples illustrating its use in practice. J.-R. Abrial, the inventor of B, has written the book in such a way that it can be used for self-study or for reference. It is in four parts, the first dealing with the mathematical foundations, including a systematic construction of predicate logic and set theory, and the definition of the various mathematical structures that are needed to formalize software systems; the author places special emphasis on the notion of proof. The second part contains a presentation of the Generalized Substitution Language and of the Abstract Machine Notation, which are both used to specify software systems; the author gives examples to show how large specifications can be constructed systematically. The next part introduces the two basic programming features of sequencing and loop, with examples showing how to construct small algorithms. The last part covers the very important notion of refinement. It shows how to construct large software systems by means of layered architectures of modules. It culminates with the presentation of several examples of complete development with a special emphasis on the methodological approach. Finally, appendices give summaries of all the logical and mathematical definitions, and of all the rules and proof obligations. With the appearance of The B Book, formal methods practitioners, computer scientists, and systems developers at last will have access to the definitive account of what will become one of the standard approaches to the construction of software systems.
Refactoring consists in restructuring an object-oriented program without changing its behaviour. In this paper, we present refactorings as transformation rules for programs written in a refinement language inspired on Java that allows reasoning about object-oriented programs and specifications. A set of programming laws is available for the imperative constructs of this language as well as for its object-oriented features; soundness of the laws is proved against a weakest precondition semantics. The proof that the refactoring rules preserve behaviour (semantics) is accomplished by the application of these programming laws and data simulation. As illustration of our approach to refactoring, we use our rules to restructure a program to be in accordance with a design pattern.
We formalize the generalized substitution mechanism of the B-method in the higher-order logic of Coq and PVS. Thanks to the dependent type feature of Coq and PVS, our encoding is compact and highly integrated with the logic supported by the theorem provers. In addition, we describe a tool that mechanizes, at the user level, most of the effort of the encoding. 1
. We formalize the generalized substitution mechanism of the B-method in the higher-order logic of Coq and PVS. Thanks to the dependent type feature of Coq and PVS, our encoding is compact and highly integrated with the logic supported by the theorem provers. In addition, we describe a tool that mechanizes, at the user level, most of the effort of the encoding. 1 Introduction In recent years, important work has been done in the design and implementation of general specification languages and theorem provers. The concretization of these efforts is illustrated in systems like HOL [Gor93], Coq [BBC + 97], and PVS [ORS92]. These systems provide several automation tools, but they lack methodologies to handle the global process of software construction. The B-method [Abr96a] is a formal method for software development. It originated in Abrial's work [Abr91] in the 1980s and continues to be developed by industrial and academic working groups. B provides a uniform notation to specify, desig...
Extending sledgehammer with SMT solvers
- J C Blanchette
- S Böhme
- L C Paulson
- JC Blanchette