Applying VDM to large developments

Applying VDM to large developments - Applying VDM to large...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Applying VDM to large developments (Position paper) Yues Ledru112, Pierre- Yues Schobbens’ Unit6 d’lnformatique UnivereitO Catholique de Louvain Place Sainte-Barbe. 2 B-1348 Louvain-La-Neuve (Belgium) Tel: INT+32 10 47 31 50 Fax: INT+32 10 46 03 46 Telex : 59037 ucl b e-mail : ylQinfo.ucl.ac.be 1 Introduction The strict use of formal methods for system develop ment appears as one of the most challenging areas of software engineering for the nineties. The last decade has seen a growing interest for formal techniques and the formal specification of industrial systems has now come into practice [19][10]. Formal methods such as VDM (121, Z (41, Abstract Data Types [7], Abstract Machines (11, and tools like Gypsy [9], Boyer-Moore [5], CIP [6] have already been used to specify or develop non trivial systems. This position paper focuses on the use of VDM. Meta- IV, the specification language of VDM, was proved suc- cessful to specify large systems; e.g: l programming languages such as PL/l, Algol 60, Pascal, CHILL, or Ada; l the PCTE tool interface 1151; l the GKS graphical standard [lS]; l Chinese characters [17]; l an operating system kernel (81. Although many specifications have been written in Met&IV, only a few complete VDM developments have been achieved. Experiments with VDM and the B theo- rem prover [ 13) have provided some insight on this prob- lem. Section 2 will give an overview of VDM ; section 3 will point out several weaknesses of the approach in the ‘Leibniz Project (This research has been funded in part by the Belgian SPPS under grant RFO/AI/15) 2This research was undertaken within the ESPRIT Project 510 Tool’Use Permission to copy without fee all or part of this material is granted provided that the copies are not made or distributed for direct commercial advantage, the ACM copyright notice and the title of the publication and its date appear, and notice is given that copying is by permission of the Association for Computing Machinery. To copy otherwise, or to republish, requires a fee and/or specific permission. @ 1990 ACM 089791-415-5/90/0010-0055. ..$1.50 perspective of large scale developments; section 4 will discuss the benefits of the use of the B tool. 2 VDM developments 2.1 Presentation of VDM A VDM development is made up of state descriptions at successive levels of abstraction and of implementa- tion steps which liik the state descriptions. A state description is constituted by: l state variables; l operations on the variables; l an invariant on the state variables, which must be verified before and after the execution of any oper- ation. The implementation of an abstract state description S, by means of a more concrete one S, describes: l either a data reification, i.e. how the state variables of S, implement the ones of S,; l or an operation decomposition, i.e. how the opera- tions of S, implement the ones of S,.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 4

Applying VDM to large developments - Applying VDM to large...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online