基于Object-Z的XPath形式化语义

本文描述了XPath语言的形式化语义。一个统一的面向对象的语义视角用于建模所有XPath语言构造。语义的表示采用形式化规范语言Object-Z的符号系统。这种高度结构化的语义模型具有简洁、可组合性和可复用性的特点。     

Data refinement of mixed specifications

Using predicate transformers as a basis, we give semantics and refinement rules for mixed specifications that allow UNITY style specifications to be written as a combination of abstract program and temporal properties. From the point of view of the programmer, mixed specifications may be considered a generalization of the UNITY specification notation to allow safety properties to be specified by abstract programs in addition to temporal properties. Alternatively, mixed specifications may be viewed as a generalization of the UNITY programming notation to allow arbitrary safety and progress properties in a generalized ‘always section’. The UNITY substitution axiom is handled in a novel way by replacing it with a refinement rule. The predicate transformers foundation allows known techniques for algorithmic and data-refinement for weakest precondition based programming to be applied to both safety and progress properties. In this paper, we define the predicate transformer based specifications, specialize the refinement techniques to them, demonstrate soundness, and illustrate the approach with a substantial example. Received: 1 April 1996 / 6 March 1997     

A Notation and Logic for Mobile Computing

We define a concurrent mobile system as one where independently executing components may migrate through some space during the course of the computation, and where the pattern of connectivity among the components changes as they move in and out of proximity. The definition is general enough to encompass a system of mobile hosts moving in physical space as well as a system of migrating software agents implemented on a set of possibly non-mobile hosts. In this paper, we present Mobile UNITY, a notation for expressing mobile computations and a logic for reasoning about their temporal properties. Our goal is to find a minimalist model of mobile computation that will allow us to express mobile components in a modular fashion and to reason formally about the possible behaviors of a system composed from mobile components. A simplified serial communication protocol among components which can move in space serves as an illustration for the notation.     

网络实时系统的一种活动性描述语言*

介绍了ADL,它是一种基于网络实时系统的活动性描述语言,一种描述并发处理中时态和功能行为的新的形式规格说明符号.ADL专用于计算机网络,是DORIS的一种形式语言扩充.它组合了状态机活动(ASM)的图形符号和基于模型的活动功能行为(AFB)符号;提供了关于ASM的抽象语法和静态、动态语义.最后通过一个小实例说明该语言是如何解释指定网络实时系统的.     

Compositional programming abstractions for mobile computing

Recent advances in wireless networking technology and the increasing demand for ubiquitous, mobile connectivity demonstrate the importance of providing reliable systems for managing the reconfiguration and disconnection of components. The design of such systems requires tools and techniques appropriate to the task. Many formal models of computation, including UNITY, are not adequate for expressing reconfiguration and disconnection and are, therefore, inappropriate vehicles for investigating the impact of mobility on the construction of modular and composable systems. Algebraic formalisms such as the π-calculus have been proposed for modeling mobility. This paper addresses the question of whether UNITY, a state-based formalism with a foundation in temporal logic, can be extended to address concurrent, mobile systems. In the process, we examine some new abstractions for communication among mobile components that express reconfiguration and disconnection and which can be composed in a modular fashion     

A formal role-based access control model for security policies in multi-domain mobile networks

Mobile users present challenges for security in multi-domain mobile networks. The actions of mobile users moving across security domains need to be specified and checked against domain and inter-domain policies. We propose a new formal security policy model for multi-domain mobile networks, called FPM-RBAC, Formal Policy Model for Mobility with Role Based Access Control. FPM-RBAC supports the specification of mobility and location constraints, role hierarchy mapping, inter-domain services, inter-domain access rights and separation of duty. Associated with FPM-RBAC, we also present a formal security policy constraint specification language for domain and inter-domain security policies. Formal policy constraint specifications are based on ambient logic and predicate logic. We also use ambient calculus to specify the current state of a mobile network and actions within security policies for evaluation of access requests according to security policies. A novel aspect of the proposed policy model is the support for formal and automated analysis of security policies related to mobility within multiple security domains.     

移动组件系统模型的分析与描述

移动计算是新兴的分布式计算范型,其主要特征是计算组件与计算场所能动态改变绑定关系,表现出移动性,从而带来许多新的系统设计需求.从系统模型层次角度对位置、移动组件、移动和资源访问等移动计算核心概念,以及组件与位置之间的各种关系和关系变化刻画的移动范型进行了描述.通过使用集合论和操作语义的规约规则形式地表示这些概念、关系和移动机制,进而抽象出移动系统设计所需的语言结构,为移动系统设计和开发提供了分析基础.     

Reasoning about places, times, and actions in the presence ofmobility

The current trend toward portable computing systems (e.g., cellular phones, laptop computers) brings with it the need for a new paradigm to facilitate thinking about and designing distributed applications. We use the term mobile to refer to distributed systems that include moving, autonomous agents which loosely cooperate to accomplish a task. The fluid nature of the interconnections among components of a mobile system provides new challenges and opportunities for the research community. While we do not claim to have fully grasped all the issues involved in specifying and modeling such systems, we believe that the notions of place, time, and action will play a central role in any model that is developed. We show that these concepts can be expressed and reasoned about in the UNITY logic with a minimal amount of additional notation. The formal derivation of a control system for a radio-dispatched elevator is used to show how considerations involving place, time, and actions impact the design process, be it formal or semiformal     

A UNITY-style programming logic for shared dataspace programs

A proof system for a shared dataspace programming notation called Swarm (a programming logic similar in style to that of UNITY) is specified. Relevant aspects of the Swarm language and model are overviewed. To illustrate the proof system, the Swarm logic is used to verify the correctness of a program for labeling connected equal-intensity regions of a digital image. Like UNITY, the Swarm proof system uses an assertional programming logic which relies upon proof of programwide properties, e.g. global invariants and progress properties. The Swarm logic is defined in terms of the same logical relations as UNITY (unless, ensures, and leads-to), but several of the concepts are reformulated to accommodate Swarm's distinctive features     

XQuery语言的形式化语义

XQuery语言用于查询XML文档。目前，该语言规范还是W3C的工作草稿。语言的形式化语义有助于语言的标准化，本文通过重用XML家族语言通用语义构件的方法，形式化建模XQuery语言的语义，语义的描述采用Object—Z规范语言。这种面向对象的语义描述不仅具有简洁性、可扩展性和可组合性，而且有助于规范之间的一致性和协调性。     

A visual language for explaining probabilistic reasoning

We present an explanation-oriented, domain-specific, visual language for explaining probabilistic reasoning. Explanation-oriented programming is a new paradigm that shifts the focus of programming from the computation of results to explanations of how those results were computed. Programs in this language therefore describe explanations of probabilistic reasoning problems. The language relies on a story-telling metaphor of explanation, where the reader is guided through a series of well-understood steps from some initial state to the final result. Programs can also be manipulated according to a set of laws to automatically generate equivalent explanations from one explanation instance. This increases the explanatory value of the language by allowing readers to cheaply derive alternative explanations if they do not understand the first. The language is composed of two parts: a formal textual notation for specifying explanation-producing programs and the more elaborate visual notation for presenting those explanations. We formally define the abstract syntax of explanations and define the semantics of the textual notation in terms of the explanations that are produced.     

Modeling adaptive behaviors in Context UNITY

Context-aware computing refers to a paradigm in which applications sense aspects of the environment and use this information to adjust their behavior in response to changing circumstances. In this paper, we present a formal model and notation (Context UNITY) for expressing quintessential aspects of context-aware computations; existential quantification, for instance, proves to be highly effective in capturing the notion of discovery in open systems. Furthermore, Context UNITY treats context in a manner that is relative to the specific needs of an individual application and promotes an approach to context maintenance that is transparent to the application. In this paper, we construct the model from first principles, introduce its proof logic, and demonstrate how the model can be used as an effective abstraction tool for context-aware applications and middleware.     

Connectors for mobile programs

Software architecture has put forward the concept of connector to express complex relationships between system components, thus facilitating the separation of coordination from computation. This separation is especially important in mobile computing due to the dynamic nature of the interactions among participating processes. We present connector patterns, inspired in Mobile UNITY, that describe three basic kinds of transient interactions: action inhibition, action synchronization, and message passing. The connectors are given in COMMUNITY, a UNITY-like program design language which has a semantics in category theory. We show how the categorical framework can be used for applying the proposed connectors to specific components and how the resulting architecture can be visualized by a diagram showing the components and the connectors     

Specification and refinement of mobile systems in MTLA and mobile UML

We define the spatio-temporal logic MTLA as an extension of Lamport's Temporal Logic of Actions TLA for the specification, verification, and formal development of systems that rely on mobile code. The formalism is validated by an encoding of models written in the mobile UML notation. We identify refinement principles for mobile systems and justify refinements of mobile UML state machines with the help of the MTLA semantics.     

SLAN-4?A Software Specification and Design Language

SLAN-4 (``Software Language-4') was developed to meet the need for a formal tool for specifying and designing large software systems. It provides language constructs for algebraic and axiomatic specifications and also pseudocode constructs for the design step. A major design goal was to ease subsequent refinements of a (given) specification. The design can start with a very informal specification, which can be implemented later using lower level concepts. This paper gives an overview of the SLAN-4 syntax and semantics. It concentrates on the most important aspects of: ? abstract data types, ? algebraic specification of abstract data types, and ? axiomatic specification of modules. Because the pseudocode part of SLAN-4 consists mainly of control structures similar to those in modern high-level programming languages, this element of the language is not separately described. The paper includes an example of how to use SLAN-4, and also the experiences gained in using the language to formally specify a real-world software product of about 18 000 lines of code written in an IBM internal high-level language.     

An abstract programming language and correctness proofs

The realization of an abstract programming language is a good approach for automating the software production process and facilitating the correctness proof of a software system.

This paper introduces a formal language for programming at the abstract level by combining Pascal with VDM (Vienna Development Method). The notation provided by the language obliges programmers to consider the correctness of programs throughout the whole process of programming, and the proof axiom and rules presented in this paper may be used to prove the correctness of programs. A complete example is given to illustrate how to program using APL and how to prove the correctness of programs using the given axiom and rules.     

Formal analysis of seamless application execution in mobile cloud computing

Mobile cloud computing augments the resource-constrained mobile devices to run rich mobile applications by leveraging the cloud resources and services. Compute-intensive mobile apps require significant communication resources for migrating the code from mobile devices to the cloud. For such apps, distributed application execution frameworks (DAEF) have been proposed in the literature. These frameworks either migrate the mobile app code during runtime or keep the app synchronized with another remotely executed app on the cloud. Frameworks also support mobile app live migration to cater for compute node mobility. One key research question arises is how successful are these DAEFs in achieving the seamless application execution under various network conditions? The answer to this question entails formal analysis of the DAEFs to determine the realistic bounds on propagation delay, bandwidth and application interaction with mobile device for various types and sizes of apps. In this research, we apply formal analysis techniques to define the execution time of the app and the time required for code migration. We also define three conditions for seamless application execution. Given realistic values for processor speed, application executable size, possible number of executed instructions, network propagation delay and transmission delay, we show what components of the mobile app need to be migrated during execution to the cloud. Finally, we compute realistic bounds for the app size (that can be executed seamlessly) based on important features which include cloud and device resources, bandwidth and latency profile.