K. Stlen. A method for the development of totally correct sharedstate parallel programs. In Proc. 2nd International Conference on Concurrency Theory (CONCUR'91), pages 510--525, 1991.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....The method was further developed by several other researchers, e.g. Pandya and Joseph [23] Jones [12] proposed a similar method for shared variable concurrency, where the assumption commitment pair can be interpreted in the same way. Jones method is further developed by Stirling [27] Stlen [28] and ourselves [31] Underlying these methods is a Non First Strike principle, where the assumption commitment pair (A; C) is defined by a spiral interpretation: If the environment satisfies assumption A until the current moment, then the component satisfies commitment C after the current ....

....component P if oe i 1 (u) P and from its environment if oe i 1 (u) 6= P . In the specification, predicates A and C are binary state predicates, with the convention that unprimed variables refer to the state before and primed variables to the state after the transition. In the literature, e.g. [28, 31], the interpretation that a process P satisfies specification (p; A; C; q) was defined as: for any behaviour oe of P I ) for any k, if oe 0 j= p, and any transition (oe i ; oe i 1 ) such that i k i k such oe i 1 (u) P , II ) if oe 0 j= p and any (oe i ; oe i 1 ) j= A where oe i 1 (u) ....

K. Stlen. A method for the development of totally correct shared-state parallel programs. In J.C.M. Baeten and J.F. Groote, editors, Proc. 2nd International Conference on Concurrency Theory (CONCUR'91), LNCS 527, Armsterdam, The Netherlands, 1991. Springer--Verlag.

....otherwise be wasted. In shared variable based concurrency, component processes collaborate and at the same time interfere with each other by updating the shared state. To obtain tractable rules for concurrency, the rely guarantee technique was proposed in [Jon83] and further developed e.g. in [St91, XH91, Col94] in verification. A rely condition is a predicate over two states, describing the state changes within which that the environment is assumed to stay; a guarantee condition is also a binary state predicate, describing the state changes that the component ensures to satisfy under the given ....

K. Stlen. A method for the development of totally correct shared-state parallel programs. In J.C.M. Baeten and J.F. Groote, editors, Proc. 2nd International Conference on Concurrency Theory (CONCUR'91), LNCS 527, Armsterdam, The Netherlands, 1991. Springer--Verlag.

....result. In particular, we do not see how to arrive at Hoare fx = 0g x : x 1 k x : x 1 fx = 2g without the elimination rule (21) OG76b] We suspect that modifications need to be made to the rule of parallel composition (OGPar) itself to reflect the rle of auxiliary variables. Stlen [St91] has already demonstrated that one can design a complete verification calculus for concurrent programs and shared variables without having to modify the program text. We return to Stlen s contribution in the following section. 7.3 Compositionality Owicki and Gries rule for parallel composition ....

....rule would simplify presentations of compositional verification calculi for concurrency. Stirling writes A major disadvantage of both the original Owicki Gries system and its reformulation here is the need for the auxiliary variable rule. Finally, we would like to remark on Stlen s approach [St91] This differs from Stirling s calculus in two respects: 1. The elimination rule for auxiliary variables is more sophisticated. Like our new rule of consequence, one only needs to deal with auxiliary variables at the level of assertions. 2. Specifications are written in VDM format. ....

Ketil Stlen. A method for the development of totally correct shared-state parallel programs. In Jos C. M. Baeten and Jan Friso Groote, editors, Proceedings of CONCUR '91, volume 527 of Lecture Notes in Computer Science, pages 510--525. Springer-Verlag, 1991.

....Project 6021 (REACT) ## Supported by National Fund for Scientific Research (Belgium) 1 for parallel composition. In the state based approach, a typical premise of the rule for deducing a specification of P 1 #P 2 from the specifications of P 1 and P 2 is of the form A # C 1 # A 2 [17, 27, 29, 30], where A is the assumption of P 1 #P 2 , C 1 the commitment of P 1 , and A 2 the assumption of P 2 , i.e. the most prominent operator is disjunction. In the message based approach, the corresponding premise is of the form A # C 1 # A 2 [18, 21, 31, 32] where A, C 1 and A 2 are as before, ....

....SC) # (#k 0 : # k 1 #SA # # k #SC) ##(SA #C) def = ##(SA # C) # ##(SA SC) This paper aims at the unification of specific rules for assumption commitment specifications of message based and state based processes. The former [18, 21, 31] are interpreted by SA #C whereas the latter [17, 27, 30] are interpreted by SA # C. Fortunately, as proved in Sect. 4, the latter can be equivalently interpreted by SA #C which is thus the appropriate candidate for formulating the semantic rule. Then, we denote by M(P ) # SA #C that a process P is correct w.r.t. specification SA #C; M(P ) the ....

[Article contains additional citation context not shown here]

Stlen, K.: A method for the development of totally correct shared-state parallel programs. In: Baeten, J.C.M., Groote, J.F., (eds.), Proc. Concur '91. (Lect. Notes Comput. Sci., vol 527, pp 510525. ) Springer-Verlag 1991

.... In the state based approach, a typical premise of the rule for deducing a specification of P 1 kP 2 from the specifications of P 1 and P 2 is of the form A C 1 ) A 2 Partially Supported by ESPRIT Project 6021 (REACT) Supported by National Fund for Scientific Research (Belgium) 1 [17, 27, 29, 30], where A is the assumption of P 1 kP 2 , C 1 the commitment of P 1 , and A 2 the assumption of P 2 , i.e. the most prominent operator is disjunction. In the message based approach, the corresponding premise is of the form A C 1 ) A 2 [18, 21, 31, 32] where A, C 1 and A 2 are as before, i.e. ....

....k Gamma1 2SA ) oej k 2SC) oe 2(SA Theta C) def = oe 2(SA C) oe 2(SA ThetaSC) This paper aims at the unification of specific rules for assumption commitment specifications of message based and state based processes. The former [18, 21, 31] are interpreted by SA Theta C whereas the latter [17, 27, 30] are interpreted by SA C. Fortunately, as proved in Sect. 4, the latter can be equivalently interpreted by SA Theta C which is thus the appropriate candidate for formulating the semantic rule. Then, we denote by M(P ) SA Theta C that a process P is correct w.r.t. specification SA Theta C; ....

[Article contains additional citation context not shown here]

Stlen, K.: A method for the development of totally correct shared-state parallel programs. In: Baeten, J.C.M., Groote, J.F., (eds.), Proc. Concur '91. (Lect. Notes Comput. Sci., vol 527, pp 510525. ) Springer-Verlag 1991

....This paper addresses the lack of specification and verification formalisms for such systems. A formal computational model for implicit invocation is presented. Wedevelop a verification framework for implicit invocation that is based on Jones rely guarantee reasoning for concurrent systems [Jon83,Jon90,St91]. The application of the framework is illustrated with several examples. The merits and limitations of the rely guarantee paradigm in the context of implicit invocation systems are also discussed. 1 Introduction A critical issue for large scale systems design and evolution is the choice of an ....

....for underlying theory, since the main issue is howtoaddand remove replicated servers correctly to a running system. The second closely related area of research is the area is formal models of concurrency.Aswehave said, this paper draws heavily on that work, and especially that of Jones and Stlen [Jon90,St91]. In our work we attempt where possible to apply existing research to this new domain, and to understand the strengths and limitations of established techniques. In the remainder of this paper we describe a formalization of implicit invocation systems that is a first step towards this goal. The ....

[Article contains additional citation context not shown here]

K. Stlen. A method for the development of totally correct shared-state parallel programs. In CONCUR '91, pages 510--525. Springer Verlag, 1991. 20

....be extended if additional input is received along the feedback channel x. It makes sure that no new least fix point has been introduced as a result of the synchronization. In some sense the proof obligation corresponds to the freedom from deadlock tests in more traditional proof systems [OG76] St91] and [PJ91] In Ex. 1 this proof obligation is not fulfilled. However, if S 2 s input output relation is replaced by k = y #x = #y then ( holds. Thus in the case of Ex. 1, seems to be a reasonable proof obligation. The next step is to figure out how this obligation should look in the ....

K. Stlen. A method for the development of totally correct shared-state parallel programs. In Proc. CONCUR'91, Lecture Notes in Computer Science 527, pages 510--525, 1991. This article was processed using the L a T E X macro package with LLNCS style

No context found.

K. Stlen. A method for the development of totally correct sharedstate parallel programs. In Proc. 2nd International Conference on Concurrency Theory (CONCUR'91), pages 510--525, 1991.

No context found.

K. Stlen. A method for the development of totally correct shared-state parallel programs. In J. Baeten and J. Groote, editors, Proceedings of Concur'91, volume 527 of Lecture Notes in Computer Science. Springer Verlag, 1991.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC