Skip to main content
SpringerLink
Log in

The behavioural semantics of Event-B refinement

  • Published:
Formal Aspects of Computing

Abstract

Event-B provides a flexible framework for stepwise system development via refinement. The framework supports steps for (a) refining events (one-by-one), (b) splitting events (one-by-many), and (c) introducing new events. In each of the steps events can be indicated as convergent (to be made internal) or anticipated (treatment deferred to a later refinement step). All such steps are accompanied with precise proof obligations. However, no behavioural semantics has been provided to validate the proof obligations, and no formal justification has previously been given for the application of these rules in a refinement chain. Behavioural semantics expresses a clear relationship between the first and last machines in a refinement chain. The framework we present provides a coherent justification for Abrial’s approach to refinement in Event-B, and its generalisation to interface extension: adding events to the interface. In this paper, we give a behavioural semantics for Event-B refinement, with a treatment for the first time of splitting events and of anticipated events, adding to the well-understood treatment of convergent events. To this end, we define a CSP semantics for Event-B and show how the different forms of Event-B refinement can be captured as CSP refinement. It turns out that the appropriate CSP refinement relationship is influenced by the particular Event-B development strategy taken. We present two such strategies, one allowing, the other disallowing interface extensions.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Abrial J-R, Butler MJ, Hallerstede S, Hoang TS, Mehta F, Voisin L (2010) Rodin: an open toolset for modelling and reasoning in Event-B. STTT 12(6): 447–466

    Article  Google Scholar 

  2. Abrial J-R, Butler MJ, Hallerstede S, Voisin L (2008) A roadmap for the Rodin toolset. In: Börger E, Butler MJ, Bowen JP, Boca P (eds) ABZ. Lecture notes in computer science, vol 5238. Springer, Berlin, p 347

  3. Abrial J-R (2005) The B-book—assigning programs to meanings. Cambridge University Press

  4. Abrial J-R (2010) Modeling in Event-B: system and software engineering. Cambridge University Press

  5. Bolton C, Davies J (2002) Refinement in object-Z and CSP. In: Butler M, Petre L, Sere K (eds) IFM 2002: integrated formal methods. LNCS, vol 2335, pp 225–244

  6. Boiten EA, Derrick J (2009) Modelling divergence in relational concurrent refinement. In: Leuschel M, Wehrheim H (eds) Proceedings of 7th international conference on integrated formal methods, IFM 2009, Düsseldorf, Germany, February 16–19, 2009. Lecture notes in computer science, vol 5423. Springer, Berlin, pp 183–199

  7. Butler MJ, Hallerstede S (2007) The Rodin formal modelling tool. In: BCS-FACS Christmas 2007 Meeting—formal methods in industry

  8. Butler MJ (1992) A CSP approach to action systems. DPhil thesis, Oxford University

  9. Butler MJ (2000) csp2B: a practical approach to combining CSP and B. In: FACS, pp 182–196

  10. Butler MJ (2009) Decomposition structures for Event-B. In: Leuschel M, Wehrheim H (eds) Proceedings of 7th international conference on integrated formal methods, IFM 2009, Düsseldorf, Germany, February 16–19, 2009. Lecture notes in computer science, vol 5423. Springer, Berlin, pp 20–38

  11. Butler M (2012) External and internal choice with event groups in Event-B. Form Asp Comput 24(4–6): 555–567

    Article  MATH  MathSciNet  Google Scholar 

  12. Back R-J, von Wright J (1998) Refinement calculus: a systematic introduction. In: (eds) In: Graduate texts in computer science. Springer, Berlin

    Google Scholar 

  13. Derrick J, Boiten EA (2001) Refinement in Z and object-Z. Springer, Berlin

    Book  MATH  Google Scholar 

  14. Derrick J, Boiten EA (2003) Relational concurrent refinement. Form Asp Comput 15(2–3): 182–214

    Article  MATH  Google Scholar 

  15. Derrick J, Smith G (2003) Structural refinement of systems specified in object-Z and CSP. Form Asp Comput 15(1): 1–27

    Article  MATH  Google Scholar 

  16. Event-B.org (2011) Rodin platform version 2.2.2. Released 6 Jan 2011. http://www.event-b.org/

  17. Formal Systems (Europe) Ltd (2011) The FDR model checker. http://www.fsel.com/. Accessed 8 Mar 2011

  18. Hoang TS, Abrial J-R (2010) Event-B decomposition for parallel programs. In: Frappier M, Glässer U, Khurshid S, Laleau R, Reeves S (eds) ABZ. Lecture notes in computer science, vol 5977. Springer, Berlin, pp 319–333

  19. Hoang TS, Abrial J-R (2011) Reasoning about liveness properties in Event-B. In: Qin S, Qiu Z (eds) ICFEM. Lecture notes in computer science, vol 6991. Springer, Berlin, pp 456–471

  20. Hallerstede S (2011) On the purpose of Event-B proof obligations. Form Asp Comput 23(1): 133–150

    Article  MATH  MathSciNet  Google Scholar 

  21. Hoare CAR (1985) Communicating sequential processes. Prentice-Hall

  22. Iliasov A (2009) On Event-B and control flow. Technical report CS-TR-1159, School of Computing Science, Newcastle University, August 2009

  23. Jackson D (2002) Alloy: a lightweight object modelling notation. ACM Trans Softw Eng Methodol 11(2): 256–290

    Article  Google Scholar 

  24. Métayer C, Abrial J-R, Voisin L (2010) Event-B language, 2005. RODIN Project Deliverable 3.2. http://rodin.cs.ncl.ac.uk/deliverables/D7.pdf. Accessed 25 May 2010

  25. Morgan CC (1988) The specification statement. ACM Trans Program Lang Syst 10(3): 403–419

    Article  MATH  Google Scholar 

  26. Morgan CC (1990) Of wp and CSP. Beauty is our business: a birthday salute to E. W. Dijkstra, pp 319–326

  27. Olderog E-R, Wehrheim H (2005) Specification and (property) inheritance in CSP-OZ. Sci Comput Program 55(1–3): 227–257

    Article  MATH  MathSciNet  Google Scholar 

  28. Roscoe AW (1998) Theory and practice of concurrency. Prentice-Hall

  29. Schneider S (1999) Concurrent and real-time systems: the CSP approach. Wiley, New York

    Google Scholar 

  30. Silva RA, Hoang TS, Wei W, Iliasov A (2001) A survey on Event-B decomposition. In: Workshop on automated verification of critical systems (AVOCS 2011)

  31. Schneider S, Treharne H (2005) CSP theorems for communicating B machines. Form Asp Comput 17(4): 390–422

    Article  MATH  Google Scholar 

  32. Schneider S, Treharne H, Wehrheim H (2010) A CSP approach to control in Event-B. In: IFM, pp 260–274

  33. Schneider S, Treharne H, Wehrheim H (2011) Bounded retransmission in Event-B\({\parallel}\) CSP: a case study. In: Workshop B 2011, ENTCS

  34. Schneider S, Treharne H, Wehrheim H (2011) A CSP account of Event-B refinement. In: Derrick J, Boiten EA, Reeves S (eds) Refine 2011. EPTCS, vol 55, pp 139–154

  35. Schneider S, Treharne H, Wehrheim H (2011) Stepwise refinement in Event-B\({\parallel}\) CSP. Technical Report CS-11-03, University of Surrey

  36. Woodcock J, Cavalcanti A (2002) The semantics of circus. In: Bert D, Bowen JP, Henson MC, Robinson K (eds) ZB 2002. Lecture notes in computer science, vol 2272. Springer, Berlin, pp 184–203

  37. Woodcock JCP, Davies J (1996) Using Z: specification, refinement, and proof. Prentice Hall

Download references

Author information

Authors and Affiliations

  1. Department of Computing, University of Surrey, Surrey, UK

    Steve Schneider & Helen Treharne

  2. Department of Computer Science, University of Paderborn, Paderborn, Germany

    Heike Wehrheim

Authors
  1. Steve Schneider
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Helen Treharne
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Heike Wehrheim
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Steve Schneider.

Additional information

E. Boiten, J. Derrick, and S. Reeves

Rights and permissions

Reprints and permissions

About this article

Cite this article

Schneider, S., Treharne, H. & Wehrheim, H. The behavioural semantics of Event-B refinement. Form Asp Comp 26, 251–280 (2014). https://doi.org/10.1007/s00165-012-0265-0

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00165-012-0265-0

Keywords

Search

Navigation