Refinement and Projection of Relational Specifications

A relational specification consists of a state transition system and a set of fairness assumptions. The state transition system is specified using two basic constructs: state formulas that respresent sets of states, and event formulas that represent sets of state transitions. We present a theory of refinement of relational specifications. Several refinement relations between specifications are defined. To illustrate our concepts and methods, three specifications of the alternating-bit protocol are given. We also apply the theory to explain “auxiliary variables.” Other applications of the theory to protocol verification, composition, and conversion are discussed. Our approach is compared with the approaches of other authors.

[1]  A. Udaya Shankar,et al.  A Relational Notation for State Transition Systems , 1990, IEEE Trans. Software Eng..

[2]  C. H. West,et al.  General technique for communications protocol validation , 1978 .

[3]  Brent Hailpern,et al.  Modular Verification of Computer Communication Protocols , 1983, IEEE Trans. Commun..

[4]  Leslie Lamport,et al.  Proving Liveness Properties of Concurrent Programs , 1982, TOPL.

[5]  A. Udaya Shankar,et al.  Protocol Verification via Projections , 1984, IEEE Transactions on Software Engineering.

[6]  A. Udaya Shankar,et al.  Verified data transfer protocols with variable flow control , 1989, TOCS.

[7]  Krishan K. Sabnani An algorithmic technique for protocol verification , 1988, IEEE Trans. Commun..

[8]  Nancy A. Lynch,et al.  Hierarchical correctness proofs for distributed algorithms , 1987, PODC '87.

[9]  A. Udaya Shankar,et al.  An HDLC protocol specification and its verification using image protocols , 1983, TOCS.

[10]  Simon S. Lam Protocol Conversion , 1988, IEEE Trans. Software Eng..

[11]  S. L. Murphy,et al.  Service specification and protocol construction for the transport layer , 1988, SIGCOMM 1988.

[12]  A. U. Shankar A verified sliding window protocol with variable flow control , 1986, SIGCOMM '86.

[13]  Sandra L. Murphy,et al.  A verified connection management protocol for the transport layer , 1987, Computer Communication Review.

[14]  Martín Abadi,et al.  The existence of refinement mappings , 1988, [1988] Proceedings. Third Annual Information Symposium on Logic in Computer Science.

[15]  Zohar Manna,et al.  The logical basis for computer programming , 1985 .

[16]  K. Mani Chandy,et al.  Parallel program design - a foundation , 1988 .

[17]  Amir Pnueli,et al.  Applications of Temporal Logic to the Specification and Verification of Reactive Systems: A Survey of Current Trends , 1986, Current Trends in Concurrency.

[18]  Leslie Lamport What it means for a concurrent program to satisfy a specification: why no one has specified priority , 1985, POPL '85.

[19]  Kenneth L. Calvert,et al.  Formal Methods for Protocol Conversion , 1990, IEEE J. Sel. Areas Commun..

[20]  Simon S. Lam,et al.  Time-Dependent Communication Protocols , 1984 .

[21]  Zohar Manna,et al.  Adequate Proof Principles for Invariance and Liveness Properties of Concurrent Programs , 1984, Sci. Comput. Program..

[22]  Leslie Lamport,et al.  Specifying Concurrent Program Modules , 1983, TOPL.

[23]  T. F. Paitkowski The state of the art in protocol engineering , 1986, SIGCOMM '86.

[24]  Eric C. R. Hehner,et al.  Predicative programming Part I , 1984, CACM.

[25]  Leslie Lamport,et al.  What Good is Temporal Logic? , 1983, IFIP Congress.