B. Liskov and J. M. Wing. A New Definition of the Subtype Relation. In ECOOP 93, pages 118--141, 1993.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....specification. Liskov and Wing gave two di#erent formulations of this idea. One formulation requires that each extra instance method of the subtype be supplied with a model program that shows how its e#ect on the abstract value can be achieved using only the instance methods of the supertype [LW93a, LW94] Their second formulation [LW93b, LW94] requires the specification of the supertype to provide a history constraint, which is a monotonic relation between states that says how the abstract values of that type may be changed by its instance methods; the extra instance methods of ....

....can do in terms of mutation of the objects of the subtype, but does not place any limits on what events they may signal. Thus Liskov and Wing s other approach, of requiring a program that explains the e#ect of each additional instance method of the subtype in terms of the supertype s methods [LW93a, LW94] has more promise. Indeed, the refinement calculus paradigm makes it clear what must be verified to prove strong behavioral subtyping; that is, that for each additional instance method, m, of the subtype, there must be some model program, pm , such that pm is expressed only using the ....

Liskov, B. and Wing, J. M. A new definition of the subtype relation. In Nierstrasz, O. M., editor, ECOOP '93 --- Object-Oriented Programming, 7th European Conference, Kaiserslautern, Germany, volume 707 of Lecture Notes in Computer Science, pages 118--141. Springer-Verlag, New York, N.Y., July 1993.

....Wing s methods rule is not imposed. When the methods rule is imposed as well, we call their definition strong behavioral subtyping . Liskov and Wing s other definition of strong behavioral subtyping, based on explaining 12 how additional methods could be programmed using the supertype s methods [32, 31], also uses reasoning choice 1, except that the history constraints available for use with this definition are not specified directly. The problem with reasoning choice 1 and with strong behavioral subtyping is that clients cannot use method specifications without considering all possible ....

B. Liskov and J. M. Wing. A new definition of the subtype relation. In O. M. Nierstrasz, editor, ECOOP '93 --- Object-Oriented Programming, 7th European Conference, Kaiserslautern, Germany, volume 707 of Lecture Notes in Computer Science, pages 118--141. Springer-Verlag, New York, NY, July 1993.

....that do not match are very close to matching. Neither do they have a mechanism to check for a behavioral (or semantic) mismatch nor component interoperability. 3 3. 2 Behavioral Subtyping Signature matching is not sufficient to ensure a subtyping relationship as shown by Liskov and Wing [8]. They cover a semantics of the subtype relation in object oriented languages and propose a behavioral notion of subtyping. A subtype object can be used anywhere its supertype object can be. Type checking using specification matching captures only a small part of what it means for a program to be ....

....have put and get methods. According to the signature matching technique and contra variance rules, either can be a valid subtype of the other. However, a program written with the expectation that x is a stack, may not work correctly if x actually denotes a queue, and vice versa. Liskov and Wing [8] propose a stronger requirement that constrains the behavior of subtypes: Subtype Requirement: Let OE(x) be a property provable about objects x of type T. Then OE(y) should be true for objects y of type S where S is a subtype of T. By applying the requirement to the above examples, we can ....

[Article contains additional citation context not shown here]

B.H. Liskov and J.M. Wing "A New Definition of the Subtype Relation," Lecture Notes in Computer Science 707 Springer-Verlag, 1993.

....works in OO specification and programming methods. ffl OO Specification Techniques. A relatively large number of OO specification notions now exist, for example, OO versions of Z, such as Object Z [Ros92] and ZEST [CR92] OO versions of VDM, such as VDM [Lan95] and Liskov and Wing s notation [LW93]. Subtyping is not handled in a uniform way throughout these techniques, so, let us focus on the Liskov and Wing approach which has considered the topic in some depth. In [LW93] a number of conditions are highlighted which must all hold in order to ensure subtyping between a pair of ....

....of Z, such as Object Z [Ros92] and ZEST [CR92] OO versions of VDM, such as VDM [Lan95] and Liskov and Wing s notation [LW93] Subtyping is not handled in a uniform way throughout these techniques, so, let us focus on the Liskov and Wing approach which has considered the topic in some depth. In [LW93] a number of conditions are highlighted which must all hold in order to ensure subtyping between a pair of specifications. However, the part of the definition that concerns us here is the pre and post condition relationship between operations. The definition requires that for every operation in ....

B. Liskov and J. M. Wing. A new definition of the subtype relation. In O. M. Nierstrasz, editor, ECOOP '93 - Object-Oriented Programming, LNCS 707, pages 118--141. Springer-Verlag, 1993.

....may add properties. Our framework is based on signature matching [ZW95a] only, because current approaches for describing the dynamic behaviour of services are insufficient: ffl Using pre and post conditions A is a subtype of B if A has weaker preconditions and stronger post conditions than B [Ame91, LW93]. As this cannot be verified automatically [AL90] relationships have to be asserted by administrative measures. ffl Subtype relations between FSMs are not concerned with full behaviour compatibility, but only with safe usage [Nie93] We feel that this can be done by service properties in a ....

B. Liskov and J.M. Wing. A new definition of the subtype relation. In O. Nierstrasz, editor, Proceedings of the European Conference on Object Oriented Programming, ECOOP '93, Berlin, Germany, Lecture Notes in Computer Science 707, pages 118--141. Springer-- Verlag, 1993.

....with the same name, ii) the pre conditions of methods m super imply the pre conditions of the methods m sub , and (iii) the post conditions of m super may be followed from the post conditions of the methods m sub . Liskov and Wing relaxed this definition while preserving the substitutability [18]. They prove that (iii) must only be satisfied for those post conditions of a subclass that may become true in the context of the superclass. Zaremski and Wing use a proof theoretic approach to check the conformance and the use of objects for correctness in Larch ML [36] programs [37] In ....

B. Liskov and J.M. Wing. A new definition of the subtype relation. In O. Nierstrasz, editor, Proceedings of the ECOOP '93 European Conference on Object-oriented Programming, volume 707 of Lecture Notes in Computer Science, pages 118 -- 141. Springer-Verlag, jul 1993.

.... of legal subtyping must even be stronger than the syntactic guarantee that the new type will not cause type checking (or message not understood ) errors (see, for example, 8] It must instead be a behavioral notion, based on the specification of an abstract data type [1] 42] 40] 30] 15] 2] [44] [45] See Section 8 for a discussion of related work. As an example of the distinction between legal subtyping and subclassing, consider two types IntSet and Interval, where Interval is a type of closed intervals of integers, and IntSet is a type of integer sets. Both types of objects are ....

....programs. Simulation relations are the main technical tool used to define legal subtype relations. Note, however, that we only deal with first order 2 , immutable, abstract data types. Subtyping for mutable types (types whose objects have time varying state) is still a subject of research [17] [44] [45] By ruling out mutation, attention is focused on two other features that make reasoning difficult in object oriented languages: message passing and subtyping. 1.2 An Example of the Reasoning Problem This section motivates the need for supertype abstraction and modularity. See also [38] and ....

[Article contains additional citation context not shown here]

Liskov, B. and Wing, J. M. A new definition of the subtype relation. In Nierstrasz, O. M., editor, ECOOP '93 --- Object-Oriented Programming, 7th European Conference, Kaiserslautern, Germany, volume 707 of Lecture Notes in Computer Science, pages 118--141. Springer-Verlag, New York, N.Y., July 1993.

....class, but treat them uniformly as if they were all instances of the base class. The goal of this paper is to address some questions in reasoning about the behavior of systems that use OO polymorphism. The standard approach to the problem is in terms of behavioral subtyping (see, for instance, [1, 10]) A class D is a behavioral subtype of a class C if the behaviors exhibited by the methods of D are compatible with the specification of C; in other words, the methods of D should not exhibit behaviors not allowed by the specification of C. Requiring a derived class to be a behavioral subtype of ....

....tells us the the only pixels changed by Draw are changed to the color of fig, which we know is not red. To formally derive (6) we need three applications of axiom (4) from Section 2.2, one for each method call. This result can also be established using other approaches such as those of [9, 10] since it involves reasoning only about the base class conceptual state. Further, in our formalism as well as in the others, once it is established, the restrictions imposed on the specifications of derived classes ensure that even if new derived classes are added to the system, the result will ....

[Article contains additional citation context not shown here]

B. Liskov and J. Wing. A new definition of the subtype relation. In ECOOP, 1993.

....the various operations of B in designing the new operations being defined in D; indeed the source code of the operations of B may not even be available if the class B was purchased from a software vendor. Many of the existing formalisms such as those of Leavens and Weihl [LW95] Liskov and Wing [LW93], LW94] that consider the question of relations between classes focus on the issue of behavioral subtyping. In other words, they deal with the question, what relation must hold between the abstract specifications of two classes A and B in order for us to legitimately conclude that A is a ....

....of B, for use by (designers of) derived classes. The abstract specification A will be the usual ADT type specification, in terms of a conceptual, mathematical model of B, with the individual methods of B being specified as preand post conditions in this conceptual model. In formalisms like that of [LW93], A would essentially be the complete specification of B, and indeed we will borrow notation for this part of our specification from [LW93] We could also include an invariant in A although for simplicity we will not do so. The invariant may be incorporated into the pre and post conditions of ....

[Article contains additional citation context not shown here]

B. Liskov and J. Wing. A new definition of the subtype relation. In ECOOP, 1993.

....of the base class. Note that we are not asking the question Given a base class B and a derived class D, under what conditions can a client program use objects that are instances of D in place of instances of B The answer to that question is provided by the work on behavioral subtyping [1, 7, 8]. Informally, a class A is a behavioral subtype of another class B if the behavior exhibited by objects that are instances of A is in some sense consistent with behaviors allowed by the class B. The class A may be a behavioral subtype of B independently of whether it is implemented from scratch or ....

.... will shortly mention another equally simple example which is not a behavioral subtype, strong or weak, of BankAccount for which also we will be able to inherit much of the base class spec 11 BetterAccount is not a behavioral subtype of BankAccount according to the definition of Liskov and Wing [7, 8], but it is a weak behavioral subtype, as per the definition of Dhara and Leavens [2] ification. Next let us consider the verification task. As we saw in the last section, there are three steps in the verification task. Here again we will be able to inherit almost all of the work done in the ....

[Article contains additional citation context not shown here]

B. Liskov and J. Wing. A new definition of the subtype relation. In ECOOP, LNCS 707, pages 118--141. Springer-Verlag, 1993.

....between the (labels of the) automata and the types is not made clear, and similarly the relationship between the automaton of a type and the automata of its subtypes is not made precise. On the other hand several formal approaches to the specification of object systems exist, e.g. JSHS91, DDP93, LW93] Specifications capture behaviour separated from its implementation. They can be used to give an abstract, but complete account of the behaviour formulated as the outcome of the analysis phase. During the analysis process, however, one needs to be able to work with incomplete behaviour ....

....of type specialization (inheritance) We also show that this specialization relation is transitive. Then we discuss refinement steps based on the specialization relation. In the third part we show that our definition of type specialization satisfies the subtype requirement as formulated in [LW93] namely that the subtype s objects must behave the same as the supertype s objects as far as anyone using the supertype s objects can tell . The expectations of the using objects are made explicit in the concept of role which are a special kind of type. The behaviour automaton of a type has ....

[Article contains additional citation context not shown here]

B. Liskov and J.M. Wing. A new definition of the subtype relation. In ECOOP,LNCS 707, pages 118--141. Springer Verlag, 1993.

....Note that the the actual migration mechanism depends on the respective agent system. In the object oriented paradigm, subtypes may be created by adding further signatures. However, it is also possible to alter the type of input and output arguments of already existing signatures. According to [Liskov and Wing, 1993] , the expected processing of messages from any client is guaranteed when the contravariance of input parameter types and covariance of output parameter types is ensured. This notion of subtyping is also available in our syntactic type. Conventional object type definitions employ labels used as ....

B. Liskov and J. Wing. A New Definition of the Subtype Relation. In ECOOP'93: Object--Oriented Programming. Springer, 1993.

....In fact, inheritance of dynamic behavior is an issue that has been neglected in object oriented analysis methods so far. Behavioral inheritance is a well studied notion at the level of formal specifications (subclasses inherit the abstract properties of their superclasses, see for example [19], 23] and at the level of programming languages (subclasses may inherit the code of methods of their superclasses) In contrast, only first attempts have been made to relate state diagrams of superclasses and state diagrams of subclasses. One approach to this problem has been presented in [26] ....

B. Liskov and J.M. Wing. A new definition of the subtype relation. In ECOOP,LNCS 707, pages 118--141. Springer Verlag, 1993. 29

....of a method will be an assertion on the (conceptual) state of the object that must be satisfied when the method is invoked; the post condition is an assertion involving both the state at the time the method is invoked, and the state when the method completes execution. In formalisms like that of [6, 7], A would essentially be the complete specification of B. What about C It will also consist of specifications of the operations of B in terms of pre and postconditions, but these will be in terms of the (protected) data members of the class, not in terms of the conceptual model M. In addition, ....

....once the class is built, and encapsulate the corresponding behavior in a function like g that can be redefined in the derived class to meet the change in the specification. We should also reiterate a point we briefly mentioned earlier. The work on behavioral subtyping, see for example [6, 7], is unrelated to the problem we are addressing and the solution we have proposed. That work tries to answer the question Under what conditions should we consider a class A to be a behavioral subtype of a class B This has to do with the client s view of these two classes. There is no connection ....

B. Liskov and J. Wing. A new definition of the subtype relation. In ECOOP, 1993.

....however, is generally difficult to establish. ffl Distributed failures. Distributed failures have their origin in faulty interactions of several components; examples of such failures are interoperability problems, deadlocks or data forwarding loops (the latter happen in message passing systems [8]) Often, there is no single component that can be diagnosed as being faulty, and it may be very difficult to decide how and where to intervene to correct the problem. This becomes even more difficult if all components are actually behaving correctly on their own but their dynamic or structural ....

....and Challenges , Proceedings of the 19th Australasian Computer Science Conference, Melbourne, Australia, January 1996. 7] W. Weck, Independently Extensible Component Frameworks , in M. Muehlhaeuser (ed. Special Issues in Object Oriented Programming, dpunkt Verlag, Heidelberg, 1997. [8] E. Solana, V. Baggiolini, M. Ramluckun and J. Harms, Automatic and Reliable Elimination of E mail Loops Based on Statistical Analysis , in Proceedings of the 10th Usenix Systems Administration Conference (LISA 96) Chicago, September 1996. 9] D. Garlan, M. Shaw, An Introduction to Software ....

[Article contains additional citation context not shown here]

Liskov, B., Wing, J.M.: A New Definition of the Subtype Relation. In O.M.Nierstrasz (ed.), Proc. ECOOP'93, LNCS 707, Springer-Verlag Berlin, ISBN 3-540-57120-5, pp. 118-141, 1993.

....from, existing classes. Naturally it is important to develop appropriate formalisms that can be used to specify and reason about the behavior of classes defined by inheritance from other classes. Indeed, several such formalisms have been developed, some notable ones being those of Liskov and Wing[8, 7], Leavens[6] Meyer[9] etc. 1 In standard OO languages like C , the mechanism of protected members of a given class plays a critical role in making inheritance work. It is this mechanism that gives access to certain aspects of the internals of the base class B to the designer of a derived ....

....our interest in behavioral questions, we will, in the rest of the paper, use the term subtyping to mean behavioral subtyping . 1 the specification or verifying the correctness of (the implementation of) a derived class D that inherits from a base class B. Indeed, formalisms such as those of [6, 8, 7] can be used to establish the subtype relation between two classes that may have been implemented completely independently of each other, rather than by using inheritance, so these are really orthogonal issues. Our goal in the current paper is to develop ways of specifying classes that will ....

[Article contains additional citation context not shown here]

B. Liskov, J. Wing, A new definition of the subtype relation, ECOOP '93, pp. 118-141.

....and verification reuse. Note that we are not asking the question Given a base class B and a derived class D, under what conditions can a client program use objects that are instances of D in place of instances of B The answer to that question is provided by the work on behavioral subtyping [1, 6, 7]. Informally, a class A is a behavioral subtype of another class B if the behavior exhibited by objects that are instances of A is in some sense consistent with behaviors allowed by the class B. The class A may be a behavioral subtype of B independently of whether it is implemented from scratch or ....

....there is no work to be done as far as the inherted methods are concerned This is the second level of verification reuse that is often possible with inheritance. That only leaves us with the 16 BetterAccount is not a behavioral subtype of BankAccount according to the definition of Liskov and Wing [6, 7], but it is a weak behavioral subtype, as per the definition of Dhara and Leavens [2] 11 task of verifying that RemTransaction preserves the invariant. This is easily done. Suppose Inv holds in a state . This asserts that the sum of sbal and each of the transaction amounts in the array his is ....

[Article contains additional citation context not shown here]

B. Liskov and J. Wing. A new definition of the subtype relation. In ECOOP, 1993.

....written about the power of OO polymorphism; see Meyer [12] for instance. The goal of this paper is to address some questions in the specification and verification of systems that use OO polymorphism. The standard approach to the problem is in terms of behavioral subtyping (see, for instance, [1, 10]) In effect, given two classes C and D, and given a specification of C, the class D is considered a behavioral subtype of C if the behaviors exhibited by the methods of D are compatible with the specification of C; in other words, the methods of D should not exhibit any behaviors that are not ....

....are changed to the color of fig, which we know is not red. Thus (pc) holds at the end of CC. To formally prove this result we would simply need three applications of axiom (4) from Section 2.2, one for each method call. This result can also be established using other approaches such as those of [9, 10] since it involves reasoning only about the base class conceptual state. Further, in our formalism as well as in the others, once this result is established, the restrictions imposed on the specifications of acceptable derived classes ensure that even if new derived classes are added to the ....

[Article contains additional citation context not shown here]

B. Liskov and J. Wing. A new definition of the subtype relation. In ECOOP, 1993.

....to give a clue on the object behavior, which however hinders the automatic processing by computers. Consequently, providing reuse on the basis of a behavioral specification is not a very practical thing to do. For a thorough discussion of behavioral subtyping the reader is referred to [LW93b] LW93a] LW93c] and [Nie93] Implementations Reuse of program code in distributed object systems can be based on delegation, aggregation and inheritance. While the former two are used already in distributed systems, the latter is more difficult to achieve. We will present our solution after a few words ....

B. Liskov and J. Wing. A New Definition of the Subtype Relation. In ECOOP'93: Object--Oriented Programming. Springer, 1993.

....of a particular service IDL must be communicated to all parties. We propose a semantic extension to these purely syntactic based IDL s to allow for a certain fuzziness in type descriptions. Although the idea of introducing semantics to a type definition is not new (see for example [Amer91] [Lisk93] or [Larch93] this paper develops a new method based upon the well known field of declarative semantics. The advantages, as will be seen in the following sections, are that the semantic extension is not based upon pre and post conditions. Therefore it won t be necessary to change the underlying ....

.... [out] char c ) void DepositChar( in] char c ) bool IsEmpty( It is important to note that the behavior description of various members of a type family is at an abstract level, sufficient for describing the difference in behavior and not a complete method by method specification (as done in [Lisk93] and [Larch93] In the above example, the difference between a bag and a stack may be sufficiently described by choosing two arbitrarily distinct data items. Although the container will in general be able to store more than two kinds of elements, abstracting the behavior with only two elements ....

B. Liskov and J. Wing. A new definition of the subtype relation. In O. M. Nierstrasz, editor, ECOOP'93: Object--Oriented Programming. Springer, 1993.

....of different type (polymorphism) at the same time (external parallelism) Therefore the attachment of an engine must not violate the type of the object presented to one or more clients. The type theorist would say that the type of the engine has to be a legal subtype of the type of the object. LIWI93a] define a set of rules that must hold for one type to be a subtype of another under the conditions introduced by object sharing and polymorphism. For the notion of subtyping we adhere to these definitions. Not all of the rules given can be tested automatically by a runtime system, e.g. the ....

B. Liskov and J. Wing. A New Definition of the Subtype Relation. In O. M. Nierstrasz, editor, ECOOP'93: Object--Oriented Programming. Springer, 1993.

....code that results in calling the eq function of the ThreeDPt class with a second argument that is an instance of ColoredPt. One important point has often been ignored in the debate over contra versus covariance. Even contravariance only ensures syntactic or type compatibility. As Liskov and Wing [13] point out, it does not ensure that if D is a derived class and B the base class, that objects of type D are conceptually actually objects of type B. The methods defined in D could behave entirely differently from the methods that they override (while still obeying the contravariance restriction) ....

....ensure that if D is a derived class and B the base class, that objects of type D are conceptually actually objects of type B. The methods defined in D could behave entirely differently from the methods that they override (while still obeying the contravariance restriction) To take care of this [13] proposes extending contravariance to include a semantic requirement. Essentially the pre condition of the function defined in the base class would have to imply the pre condition of the corresponding function in the derived class, and the post condition of the latter would have to imply the ....

[Article contains additional citation context not shown here]

B. Liskov, J. Wing, A new definition of the subtype relation, Proceedings of ECOOP '93.

No context found.

B. Liskov and J. M. Wing. A New Definition of the Subtype Relation. In ECOOP 93, pages 118--141, 1993.

No context found.

B. Liskov and J. M. Wing. A new definition of the subtype relation, Proc. ECOOP '93, LNCS 707, SpringerVerlag, 1993, 118-141.

No context found.

B. Liskov and J.M. Wing. A new definition of the subtype relation. In Proceedings of ECOOP-93, 1993.

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC