J. H. Cheng and C. B. Jones. On the usability of logics which handle partial functions. In C. Morgan and J. C. P. Woodcock, editors, 3rd Refinement Workshop, pages 51--69. Springer-Verlag, 1991.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....R R ; we give it the type R Theta (R Gamma f0g) R : Unfortunately, with this approach, any set can be a type. Therefore, there is no hope of having type be a syntactic property that can be checked mechanically, since the type system is undecidable. This approach is discussed further in [2]. A second approach (which can be used with a typed or an untyped logic) to avoiding the undefined is to view a function f : B C as a relation on B Theta C . Thus, f:b = c is written as (b; c) 2 f . Function application f:b cannot be written, and just about the only way to refer to a value of ....

....application f:b cannot be written, and just about the only way to refer to a value of a function is in an expression (b; c) 2 f . To use this form, one must have an expression c for the value of f:b , which is awkward if not impossible in many situations. This approach is discussed briefly in [2]. A third approach (which can be used with a typed or an untyped logic) to avoiding the undefined was suggested by Scott [9] classify all atomic formulas that contain an undefined term as false . This means that the law of the excluded middle holds. However, with almost any partial function, we ....

[Article contains additional citation context not shown here]

Cheng, J.H., and C.B. Jones. On the usability of logics which handle partial functions. In: C. Morgan and J.C.P. Woodcock (eds.). Third Refinement Workshop, pp. 51--69. Workshops in Computing Series, Heidelberg, 1991.

....write a variety of equivalent expressions, such as while true do skip end . The logic in RSL is called a conditional logic as it is based on conditionals (if expressions) There are other approaches to the problems of non terminating expressions, such as the logic of partial functions (LPF) [8, 9] which is used by the speci cation language VDM [10] Without going into the argument as to which is better, we note two things: and in RSL are only commutative if their arguments terminate. For example: true chaos) true (chaos true) chaos The connectives in RSL are ....

J.H. Cheng and C.B. Jones. On the usability of logics which handle partial functions. In C. Morgan and J. Woodcock, editors, Proceedings of the Third Re nement Workshop. Springer-Verlag, 1990.

....such as x y y are encountered, since the constraint on application of the cancellation law (i.e. y 6= 0) has to be checked (perhaps repeatedly) at proof time. Alternative treatments, which allow true partial functions, require the complications of unde ned terms and three valued logics [9] or, more elegantly, logics of partial terms [12] A quite di erent choice, which is the one we prefer, takes division to be a total function, but on the signature Q Q z Q where Q denotes the rationals and Q z denotes the nonzero rationals. Our speci cation languages allow subtypes to be ....

J. H. Cheng and C. B. Jones. On the usability of logics which handle partial functions. In Carroll Morgan and J. C. P. Woodcock, editors, Proceedings of the Third Renement Workshop, pages 51-69. Springer-Verlag Workshops in Computing, 1990.

....by adding the types of the dummies. 3.1. A standard example from the literature In order to have a direct comparison between calculi for partial functions from the literature and our calculus, we begin with a standard example. It is treated with a variety of logics for partial functions in [8] and resumed in [13, 14] Let Z denote the set of integers (that is, defined values only) Given is the following specification of a function subp (in our notation) subp : Z # # ) Z # # ) # (Z # # ) ##i # Z : subp(i, i ) 0# ##i, j # Z : i j : subp(i, j ) subp(i, j ....

Cheng, J. H. and Jones, C. B. (1991) On the usability of logics which handle partial functions. In Morgan, C. and Woodcock, J. C. P. (eds), Third Refinement Workshop (Workshops in Computing Series), pp. 51--69. Springer, London.

....n is zero, or else n=n = 1. But if the first disjunct is true, so n = 0, then the second must be undefined. Mathematicians usually gloss over this problem, but if we want the ability to manipulate expressions then we can t ignore it. There are many options for dealing with undefined expressions [3, 6]. We decide to introduce a new value for each type, written , and pronounced bottom , to represent the undefined value. So we say, for example, that the result of evaluating the expression 4=0 is . In this case it is the integer , although undefined booleans, characters and sets exist also. ....

J. Cheng and C. Jones. On the Usability of Logics which handle Partial Functions. In C. Morgan and J. Woodcock, editors, 3rd Refinement Workshop, pages 51--69. SpringerVerlag, 1990.

....such as the introduction of functions 1(s) and 7(t) Dependent types increase expressive convenience still further. We nd them particularly convenient for dealing with functions that would be partial in simpler type systems. The standard challenge for treatments of partial functions [64] is the function subp on the integers de ned by subp(i; j) if i = j then 0 else subp(i; j 1) 1 endif: This function is unde ned if i j (when i j; subp(i; j) i j) and it is often argued that if a speci cation language is to admit such a de nition, then it must provide a treatment for ....

J. H. Cheng and C. B. Jones, \On the usability of logics which handle partial functions", in Proceedings of the Third Renement Workshop, Carroll Morgan and J. C. P. Woodcock, Eds. 1990, pp. 51-69, Springer-Verlag Workshops in Computing.

....n is zero, or else n=n = 1. But if the first disjunct is true, so n = 0, then the second must be undefined. Mathematicians usually gloss over this problem, but if we want the ability to manipulate expressions then we can t ignore it. There are many options for dealing with undefined expressions [3, 9]. In [5] we use a new value for each type, written , and pronounced bottom , to represent the undefined value. So we say, for example, that the result of evaluating the expression 4=0 is . In this case it is the integer , although undefined booleans, characters and sets exist also. In ....

J. Cheng and C. Jones. On the Usability of Logics which handle Partial Functions. In C. Morgan and J. Woodcock, editors, 3rd Refinement Workshop, pages 51--69. SpringerVerlag, 1990.

....is described in detail. Extensions of the LPF kernel with recursive types and recursive function definitions are omitted for simplicity and economy of space. For more information on these extensions of LPF, a full list of the proof rules and a (set theoretic) model interpretation see [19] and [5, 6]. 4.1.1 The Grammar of LPF An LPF signature Sigma is a triple Sigma = hS; P; F i where S, P and F are mutually disjoint sets of type, predicate and function symbols respectively. An LPF signature morphism oe is a triple oe = hoe s ; oe p ; oe f i consisting of a mapping oe s of ....

....are defined as in [19] by means of 4 and . The grammar functor is defined as follows. For each LPF signature Sigma = hS; P; F i, 6 The expression complete three valued logic is used here to denote that every function in a three valued truth domain can be defined by a formula. See also [6] 10 1. trm( Sigma) is also defined inductively in the usual way: a) there is an unbounded collection V ar of variable symbols such that V ar ae trm( Sigma) and (b) if f is an n ary function symbol in F and t 1 ; t n 2 trm( Sigma) then f(t 1 ; t n ) 2 trm( Sigma) 2. ....

J.H. Cheng and C.B. Jones. On the usability of logics which handle partial functions. In C. Morgan and J. Woodcock, editors, Proceedings of the Third refinement Workshop. Springer-Verlag, 1990.

....x : X x 2 nodes InsertNode DeltaDAG x : X nodes 0 = nodes [ fx g edges 0 = edges AddNode b = IsNode InsertNode Figure 5: The Z operation for adding a node to the DAG. 4. 1 Motivation LPF was developed to reason about the kinds of undefinedness that may occur in specifications [3]. Analysis of a specification for absence of undefined terms is an important technique for revealing incompleteness in a specification. Typically, it involves checking that functions (and operations) are only ever applied to arguments within their domain (i.e. to values which satisfy their ....

J. H. Cheng and C. B. Jones. On the usability of logics which handle partial functions. In C. Morgan and J. C. P. Woodcock, editors, 3rd Refinement Workshop, pages 51--69. SpringerVerlag, 1991.

....may indicate underlying complexity and difficulty in a specification language: that which is hard to implement may be hard to understand and use reliably. Some of the basic concepts employed in Z are simply difficult to deal with (for example, partial functions can require three valued logics [8], or logics of partial terms [13] or other exotic treatments) In my opinion, those who have not developed full mechanical support for their specification languages underestimate the scale of the challenge, and those that have not done hard verifications underestimate the theorem proving power ....

J. H. Cheng and C. B. Jones. On the usability of logics which handle partial functions. In Carroll Morgan and J. C. P. Woodcock, editors, Proceedings of the Third Refinement Workshop, pages 51--69. Springer-Verlag Workshops in Computing, 1990.

....j x 6= 0g, and the type of division is given as [real; nzreal real] Subtypes thus allow partial functions to be expressed as total functions over a restricted domain speci ed as a subtype. 5 Partial functions do have the advantage of being more expressive. The subp example from Cheng and Jones [CJ90] is given by subp(i; j) if i = j then 0 else subp(i; j 1) 1 endif and is unde ned if i j (when i j; subp(i; j) i j) The formula (subp(i; j) i j) OR (subp(j; i) j i) is perfectly meaningful in most treatments for partial functions, but since it generates unprovable ....

J. H. Cheng and C. B. Jones. On the usability of logics which handle partial functions. In Carroll Morgan and J. C. P. Woodcock, editors, Proceedings of the Third Renement Workshop, pages 51-69. Springer-Verlag Workshops in Computing, 1990.

....test:THEOREM 8(x, y:real) x y) y x) 1 x = y Since most specifications are written to be read from left to right (for the convenience of human readers) this conservatism is seldom a problem in practice. Another example of a partial function is the subp challenge from Cheng and Jones [5]. This function on integers is given by subp(i; j) if i = j then 0 else subp(i; j 1) 1 endif and is undefined if i j (when i j; subp(i; j) i Gamma j) The challenge is easily handled using dependent predicate subtyping to require that the second argument is no greater than the ....

J. H. Cheng and C. B. Jones. On the usability of logics which handle partial functions. In Carroll Morgan and J. C. P. Woodcock, editors, Proceedings of the Third Refinement Workshop, pages 51--69. Springer-Verlag Workshops in Computing, 1990.

....terms are defined, reasoning is similar to that in classical logic with the difference that the law of the excluded middle (i.e. everything is true or false) does not hold. LPF is defined in detail in [BCJ84] and the issue of logics to support software specification in general is discussed in [CJ90] and [DLO86, Owe85] 8 Support This section describes some of the support packages which exist for VDM, but is meant to be an introduction to what is possible, rather than a comprehensive review. Tools exist for VDM specification and development on two levels: clerical support, for instance ....

....forerunner of the standard syntax; this paper essentially uses the same language as [Jon90] 9.2 Ongoing development Numerous papers have been published which discuss VDM related issues and research work in more depth. The logic on which VDM (and other formal methods) is based is discussed in [CJ90, BCJ84] Jon86] addresses the problems of relating specifications to real programs. Numerous projects have undertaken to extend or modify the VDM notation as an attempt to remedy some of its deficiencies (yes, it has some ) and to provide capabilities use in specific application areas. ....

J.H. Cheng and C.B. Jones. On the usability of logics which handle partial functions. In C. Morgan and J.C.P. Woodcock, editors, Procedings of the Third Refinement Workshop. Springer-Verlag, 1990.

....( Such a statement must be given a clear meaning so that we can know its meaning even when s denotes the empty sequence; for example, does ( preserve its meaning when the two sides of the disjunction are commuted. There are many approaches to handling partiality; for a discussion of them see [6]. One approach is to allow formulae with non denoting terms to be neither true nor false, and to extend the logical connectives and quantifiers to cope with this third value. For example, when s denotes the empty sequence in ( we view the term (head s)#(tail s) as non denoting, and the formula ....

....a discussion of this. LPF [4] is a logic developed for reasoning about the specification language VDM [10] A typed version of LPF is developed in [11] formulated as a sequent calculus for proofs in natural deduction style. For arguments in favour of the LPF approach to handling partiality see [6]. With LPF we share the definitions of , and the quantifiers. From E we have taken the central role of (which in E3 becomes so called strong equality ) and its proof techniques. The element that bridges the two theories is an implication connective which is different from that in either E or ....

[Article contains additional citation context not shown here]

J. H. Cheng and C. B. Jones, On the usability of logics which handle partial functions, in: C. Morgan and J. C. P Woodcock, ed., 3rd Refinement Workshop, Workshops in Computing (Springer-Verlag, London, 1991) 51-69.

....such formulas. In this paper we consider what protection means with respect to partiality and underspecification. Our treatment of protection is not meant to be exhaustive, but merely to illustrate concepts that are useful with some logics that are widely used for formal specification. See [CJ90, GS95] for surveys that also cover additional kinds of logics that might be used in formal specification, and hence might need their own concepts of protection. Also PVS [ORSvH95] represents another kind of specification logic that should be considered in extending our concepts. The first ....

J. H. Cheng and C. B. Jones. On the usability of logics which handle partial functions. In C. Morgan and J. C. P. Woodcock, editors, Proceedings of the Third Refinement Workshop, Workshops in Computing Series, pages 51--69, Berlin, 1990. Springer-Verlag.

....undefined when they are out of scope, and if we want to reason about such variables then we need a consistent way of intepreting logical formulae having undefined variables. The problems associated with defining the semantics of logics in the presence of partial functions 1 are well understood [6, 3, 13]. There have been some approaches to defining logics with partial functions where the formulae are interpreted over boolean values, i.e. true and false. However, these approaches work only when the logic has no primitive relations, like and , which have some natural interpretation. ....

J. Cheng and C. Jones. On the usability of logics which handle partial functions. In C. Morgan and J. Woodstock, editors, Proceedings of Third Refinement Workshop. Springer-Verlag, 1991.

....e.g. a BOOLEAN variable, or an expression) can take on value Void. Three valued logics need more extensive rules for reasoning than standard predicate calculus. A full comparison of two and three valued logics is beyond the scope of this paper, but the interested reader can find a discussion in [3]. A case for making the OCL a two valued logic can be found in [8] BON defines the effect of inheritance on constraints: they are all inherited by the child class (where the child class may refine them in a formally defined way) With OCL, this approach is recommended, but not required. It is not ....

J.H. Cheng and C.B. Jones. On the usability of logics which handle partial functions. Proc. 3rd Refinement Workshop, Springer-Verlag, 1991.

....order (which is sound, but conservative) causes PVS to generate the unprovable TCC (y x) 6= 0 for the following, logically equivalent, reformulation. 14 test:THEOREM 8(x, y:real) x y) y x) 1 x = y Another example of a partial function is the subp challenge from Cheng and Jones [23]. This function on integers is given by subp(i; j) if i = j then 0 else subp(i; j 1) 1 endif and is undefined if i j (when i j; subp(i; j) i Gamma j) As described in an earlier paper [6, Section III] this challenge is easily handled in PVS using dependent predicate subtyping to ....

J. H. Cheng and C. B. Jones, "On the usability of logics which handle partial functions," in Proceedings of the Third Refinement Workshop, Carroll Morgan and J. C. P. Woodcock, Eds. 1990, pp. 51--69, Springer-Verlag Workshops in Computing.

No context found.

J. H. Cheng and C. B. Jones. On the usability of logics which handle partial functions. In C. Morgan and J. C. P. Woodcock, editors, 3rd Refinement Workshop, pages 51--69. Springer-Verlag, 1991.

No context found.

J. H. Cheng and C. B. Jones. On the usability of logics which handle partial functions. In C. Morgan and J. C. P. Woodcock, editors, 3rd Refinement Workshop, pages 51--69. Springer-Verlag, 1991.

....on the work on transformational development methods. This is an alternative approach to the formal development of programs. The basic idea is to begin with a very simple program as a speci cation. If this program is 27 See also [ Luk20, Sco67, MM69, Bla80, Che86, Hoo87, Bli88, Avr91, KTB88, CJ91] 28 Normally just David Park. In order to avoid confusion, all references show only one initial. 29 Useful reviews are contained in [Rut64, dB69, Ers71] and, more recently, Ers90, pp267 274] 18 written in a suciently constrained language its correctness should be obvious. The reason one ....

J. H. Cheng and C. B. Jones. On the usability of logics which handle partial functions. In C. Morgan and J. C. P. Woodcock, editors, 3rd Renement Workshop, pages 51-69. Springer-Verlag, 1991.

No context found.

J. H. Cheng and C. B. Jones. On the usability of logics which handle partial functions. In Carroll Morgan and J. C. P. Woodcock, editors, Proceedings of the Third Refinement Workshop, pages 51--69. Springer-Verlag Workshops in Computing, 1990.

No context found.

J.H. Cheng and C.B. Jones. On the usability of logics which handle partial functions. In C. Morgan and J. Woodcock, editors, Proceedings of the Third Renement Workshop, SpringerVerlag, 1990. 20 pages.

No context found.

J. H. Cheng and C. B. Jones. On the usability of logics which handle partial functions. In Carroll Morgan and J. C. P. Woodcock, editors, Proceedings of the Third Refinement Workshop, pages 51--69. Springer-Verlag Workshops in Computing, 1990.

No context found.

Cheng J.H., Jones C.B., On the Usability of Logics Which Handle Partial Functions; Proceedings of the Third Refinement Workshop 51-69 (1990)

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC