A refinement relation supporting the transition from unbounded to bounded communication buffers

  • Ketil Stølen
Contributed Lectures
Part of the Lecture Notes in Computer Science book series (LNCS, volume 947)


This paper proposes a refinement relation supporting the transition from unbounded to bounded communication buffers. Employing this refinement relation, a system specification based on purely asynchronous communication can for example be refined into a system specification where the components communicate purely in terms of handshakes. First a weak version called partial refinement is introduced. Partial refinement guarantees only the preservation of safety properties — preservation in the sense that any implementation of the more concrete specification can be understood as an implementation of the more abstract specification if the latter is a safety property. This refinement relation is then strengthened into total refinement which preserves both safety and liveness properties. Thus a total refinement is also a partial refinement. The suitability of this refinement relation for top-down design is discussed and some examples are given.


Composition Operator Partial Refinement Output Channel Safety Property Proof Obligation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [AL88]
    M. Abadi and L. Lamport. The existence of refinement mappings. Technical Report 29, Digital, SRC, Palo Alto, 1988.Google Scholar
  2. [AL90]
    M. Abadi and L. Lamport. Composing specifications. Technical Report 66, Digital, SRC, Palo Alto, 1990.Google Scholar
  3. [AS85]
    B. Alpern and F. B. Schneider. Defining liveness. Information Processing Letters, 21:181–185, 1985.Google Scholar
  4. [AvT87]
    J. K. Annot and R. A. H. van Twist. A novel deadlock free and starvation free packet switching communication processor. In Proc. PA RLE'87, Lecture Notes in Computer Science 258, pages 68–85, 1987.Google Scholar
  5. [BA81]
    J. D. Brock and W. B. Ackermann. Scenarios: A model of non-determinate computation. In Proc. Formalization of Programming Concepts, Lecture Notes in Computer Science 107, pages 252–259, 1981.Google Scholar
  6. [BD92]
    M. Broy and C. Dendorfer. Modelling operating system structures by timed stream processing functions. Journal of Functional Programming, 2:1–21, 1992.Google Scholar
  7. [BDD+93]
    M. Broy, F. Dederichs, C. Dendorfer, M. Fuchs, T. F. Gritzner, and R. Weber. The design of distributed systems — an introduction to Focus (revised version). Technical Report SFB 342/2/92 A, Technische Universität München, 1993.Google Scholar
  8. [Bro92]
    M. Broy. Compositional refinement of interactive systems. Technical Report 89, Digital, SRC, Palo Alto, 1992.Google Scholar
  9. [Bro93]
    M. Broy. (Inter-) Action refinement: The easy way. In Proc. Program Design Calculi, Summerschool, Marktoberdorf, pages 121–158. Springer, 1993.Google Scholar
  10. [BS94]
    M. Broy and K. Stølen. Specification and refinement of finite dataflow networks — a relational approach. In Proc. FTRTFT'94, Lecture Notes in Computer Science 863, pages 247–267, 1994.Google Scholar
  11. [HJH90]
    J. He, M. Josephs, and C. A. R Hoare. A theory of synchrony and asynchrony. In Proc. IFIP WG 2.2/2.3 Working Conference on Programming Concepts and Methods, pages 459–478, 1990.Google Scholar
  12. [Hoa72]
    C. A. R. Hoare. Proof of correctness of data representations. Acta Informatica, 1:271–282, 1972.Google Scholar
  13. [Jon87]
    B. Jonsson. Compositional Verification of Distributed Systems. PhD thesis, Uppsala University, 1987.Google Scholar
  14. [Kah74]
    G. Kahn. The semantics of a simple language for parallel programming. In Proc. Information Processing 74, pages 471–475. North-Holland, 1974.Google Scholar
  15. [Kel78]
    R. M. Keller. Denotational models for parallel programs with indeterminate operators. In Proc. Formal Description of Programming Concepts, pages 337–366. North-Holland, 1978.Google Scholar
  16. [Kok87]
    J. N. Kok. A fully abstract semantics for data flow nets. In Proc. PARLE'87, Lecture Notes in Computer Science 259, pages 351–368, 1987.Google Scholar
  17. [LT87]
    N. Lynch and M. R. Tuttle. Hierarchical correctness proofs for distributed algorithms. In Proc. 6th Annual ACM Symposium on Principles of Distributed Computing, pages 137–151, 1987.Google Scholar
  18. [OG76]
    S. Owicki and D. Gries. An axiomatic proof technique for parallel programs. Acta Informatica, 6:319–340, 1976.Google Scholar
  19. [Par83]
    D. Park. The “fairness” problem and nondeterministic computing networks. In Proc. 4th Foundations of Computer Science, Mathematical Centre Tracts 159, pages 133–161. Mathematisch Centrum Amsterdam, 1983.Google Scholar
  20. [PJ91]
    P. K. Pandya and M. Joseph. P-A logic — a compositional proof system for distributed programs. Distributed Computing, 5:37–54, 1991.Google Scholar
  21. [SDW93]
    K. Stølen, F. Dederichs, and R. Weber. Assumption/commitment rules for networks of asynchronously communicating agents. Technical Report SFB 342/2/93 A, Technische Universität München, 1993. To appear in Formal Aspects of Computing.Google Scholar
  22. [Stø91]
    K. Stølen. A method for the development of totally correct shared-state parallel programs. In Proc. CONCUR'91, Lecture Notes in Computer Science 527, pages 510–525, 1991.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1995

Authors and Affiliations

  • Ketil Stølen
    • 1
  1. 1.Fakultät für InformatikTU MünchenMünchen

Personalised recommendations