Affiliation:
1. Digital Equipment Corp., Palo Alto, CA
Abstract
A rigorous modular specification method requires a proof rule asserting that if each component behaves correctly in isolation, then it behaves correctly in concert with other components. Such a rule is subtle because a component need behave correctly only when its environment does, and each component is part of the others' environments. We examine the precise distinction between a system and its environment, and provide the requisite proof rule when modules are specified with safety and liveness properties.
Publisher
Association for Computing Machinery (ACM)
Cited by
258 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Time, causality, and realizability: Engineering interactive, distributed software systems;Journal of Systems and Software;2024-04
2. State machines for large scale computer software and systems;Formal Aspects of Computing;2023-11-22
3. Constraint-Behavior Contracts: A Formalism for Specifying Physical Systems;Proceedings of the 21st ACM-IEEE International Conference on Formal Methods and Models for System Design;2023-09-21
4. Contract Replaceability for Ensuring Independent Design using Assume-Guarantee Contracts;Proceedings of the 21st ACM-IEEE International Conference on Formal Methods and Models for System Design;2023-09-21
5. Semantics Foundation for Cyber-physical Systems Using Higher-order UTP;ACM Transactions on Software Engineering and Methodology;2023-01-31