Joshua D. Guttman and Dale M. Johnson. Three applications of Formal Methods at MITRE. In M. Naftalin, T. Denvir, and Miguel Bertran, editors, FME '94: Industrial Benets of Formal Methods, volume 873 of Lecture Notes in Computer Science, pages 55-65. Springer Verlag, 1994. Home/Search Document Not in Database Summary Related Articles Check |
This paper is cited in the following contexts:
Automated Formal Analysis of Networks: FDR Models of.. - Reed, Jackson.. (1998) (7 citations) (Correct)
....the seven layer OSI Reference Model developed by the International Standards Organisation. There are numerous examples of formalisations of layered protocols, including Ethernet: CSMA CD (in non automated TCSP [Dav91] in non automated algebraictemporal logic [Jma95] TCP (in non automated CSP [GJ94]) DSS1 ISDN SS7 gateway (in LOTOS [LY93] ISDN Layer 3 (in LOTOS [NM90] ISDN Link Access Protocol (in Estelle [GPB91] ATM signalling (in TLT, a temporal logic UNITY formalism [BC95] An essential feature of these approaches is that system correctness properties are specified in terms of ....
JD Guttman and DM Johnson, Three Applications of Formal Methods at MITRE, Formal Methods Europe, LNCS 873, M Naftolin, T Denfir, eds, Barcelona 1994.
Verifying End-to-End Protocols Using Induction with CSP/FDR - Creese, Reed (1999) (2 citations) (Correct)
....community, such as the seven layer ISO OSI (Open Systems Interconnect) Reference Model. There are numerous examples of formalisations of layered protocols, including Ethernet CSMA CD (in nonautomated TCSP [7] in non automated algebraic temporal logic [16] TCP (in non automated CSP [10]) DSS1 ISDN SS7 gateway (in LOTOS [19] ISDN Layer 3 (in LOTOS [20] ISDN Link Access Protocol (in Estelle [11] ATM signalling (in TLT, a temporal logic UNITY formalism [1] All of these examples deal with link rather than end system properties. By way of contrast, we note that an ....
J Guttman and D Johnson, Three Applications of Formal Methods at MITRE, Formal Methods Europe, LNCS873, Naftolin, Denfir, Barcelona '94.
An Interface Language Between Specifications and Testing - Fink, Helmke, Bishop, Levitt (1995) (1 citation) (Correct)
....7.1 Z Specification for TCP Protocol States This example takes a partial Z specification of TCP and uses it to drive the testing process. Our goal in testing has been finding improper state transitions in the protocol. This goal removed the need for a full specification (such as described in [GJ]) which is a great time savings when only a part of a system need be tested. Since only illegal TCP state translations are being tested for, only the TCP state machine is specified (see Figure 5) A specification of this in Z is straightforward and illustrated in Figure 6. First the different ....
Joshua D. Guttman and Dale M. Johnson. Three applications of formal methods at MITRE. Unpublished Notes.
Requirements, Traceability and Formal Software Development or a.. - Pearson (1996) (Correct)
....process of producing formal specifications should be in two stages. First a prose requirement specification document should be produced and then this document should be formalized. This formalization will produce a separate set of inconsistencies and queries to be resolved with the customer. See [20, 21] for examples. For documented examples of producing FRS documents (in this case Z specifications) see the book [22] One of the largest examples in the book, is the formalization of parts of IBM s CICS transaction processing system. CICS is a system that has been under continuous development since ....
Joshua D. Guttman and Dale M. Johnson. Three applications of formal methods at MITRE. In Maurice Naftalin, Tim Denvir, and Miquel Bertran, editors, FME'94: Industrial Benefit of Formal Methods, volume 873 of Lecutre Notes in Comuter Science, pages 35--45. Springer-Verleg, 1994.
Copy on Write - Fábrega, Guttman (1995) Self-citation (Guttman) (Correct)
....the handling of page faults when a process tries to store into a write protected portion of a copy on write object. We have not postponed it because it raises dicult questions. On the contrary, we set it to one side because it seems completely amenable to the method developed in a previous paper [4]. 8 2 The Abstract State Machine In Mach, memory objects are the natural unit. Memory objects are used both to represent permanent storage objects such as les and also temporary storage such as a process s private address space. Conceptually, a memory object is a sequence of locations, indexed ....
....It returns the given state unaltered. However, to determine the word retrieved, it uses a guessing style. If the third argument is the correct guess for the value to be retrieved, the state is returned unaltered; otherwise, the result is unde ned. This approach is discussed in more detail in [4]. De nition 2.7 Let w : W ; p : P ; P W : a fetch( p; w) conditionally, if w = p) then else [P W ] Theory: places 10 3 Concrete Machine: The State and its Properties We turn next to the structure of the class of implementation states (denoted by 1 An implementation state ....
Joshua D. Guttman and Dale M. Johnson. Three applications of Formal Methods at MITRE. In M. Naftalin, T. Denvir, and Miguel Bertran, editors, FME '94: Industrial Benets of Formal Methods, volume 873 of Lecture Notes in Computer Science, pages 55-65. Springer Verlag, 1994.
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC