A formal model of composing components: the TLA+ approach

  • Ondrej RysavyEmail author
  • Jaroslav Rab
Original Paper


In this paper, a method for writing composable TLA+ specifications that conform to the formal model called Masaccio is introduced. Specifications are organized in TLA+ modules that correspond to Masaccio components by means of a trace-based semantics. Hierarchical TLA+ specifications are built from atomic component specifications by parallel and serial composition that can be arbitrary nested. While the rule of parallel composition is a variation of the classical joint-action composition, the authors do not know about a reuse method for the TLA+ that systematically employs the presented kind of a serial composition. By combining these two composition rules and assuming only the noninterleaving synchronous mode of an execution, the concurrent, sequential, and timed compositionality is achieved.


Composing specifications Component model Hierarchical specifications Synchronous mode of executions Temporal logic of actions 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abadi M, Lamport L (1993) Composing specifications. ACM Trans Program Lang Syst 15(1): 73–132CrossRefGoogle Scholar
  2. 2.
    Abadi M, Lamport L (1993) Conjoining specifications. Research Report 118, Digital Equipment CorporationGoogle Scholar
  3. 3.
    Abadi M, Merz S (1995) An abstract account of composition. In: Wiedermann J, Hajek P (eds) Mathematical foundations of computer science. Lecture notes in computer science, vol 969. Springer, Prague, pp 499–508Google Scholar
  4. 4.
    Cousot P, Cousot R (2001) Verification of embedded software: problems and perspectives. Lecture notes in computer science, vol 2211. Springer, Berlin, pp 97–114Google Scholar
  5. 5.
    Diaconescu R, Futatsugi K, Iida S (1999) Component-based algebraic specification and verification in cafeobj. In: FM’99—formal methods. Lecture notes in computer science, vol 1709. Springer, Berlin, pp 1644–1663Google Scholar
  6. 6.
    Ghosal A, Henzinger TA, Iercan D, Kirsch C, Sangiovanni-Vincentelli AL (2006) Hierarchical timing language. Technical Report Technical Report No. UCB/EECS-20, EECS Department, University of California, BerkeleyGoogle Scholar
  7. 7.
    Henzinger TA (2000) Masaccio: a formal model for embedded components. In: TCS ’00: Proceedings of the international conference IFIP on theoretical computer science, exploring new frontiers of theoretical informatics. Springer, London, pp 549–563Google Scholar
  8. 8.
    Henzinger TA, Horowitz B, Kirsch CM (2001) Giotto: a time-triggered language for embedded programming. Lecture notes in computer science, vol 2211. Springer, Berlin, pp 166–184Google Scholar
  9. 9.
    Henzinger TA, Minea M, Prabbu V (2001) Hybrid systems: computation and control. Lecture notes in computer science, chapter Assume-guarantee reasoning for hierarchical hybrid systems, vol 2034. Springer, Berlin, pp 275–290Google Scholar
  10. 10.
    Herrmann P, Graw G, Krumm H (1998) Compositional specification and structured verification of hybrid systems in ctla. In: Proceedings of 1st IEEE international symposium on object-oriented real-time distributed computing. IEEE Computer Society Press, New York, pp 335–340Google Scholar
  11. 11.
    Hooman J (1993) A compositional approach to the design of hybrid systems. In: Hybrid systems. Springer, London, pp 121–148Google Scholar
  12. 12.
    Kaminski M, Yariv Y (2001) A real-time semantics of temporal logic of actions. J Logic Comput 13(6): 921–937CrossRefMathSciNetGoogle Scholar
  13. 13.
    Kopetz H (2002) Real-time systems: design principles for distributed embedded applications. The Springer international series in engineering and computer science, chapter The time-triggered architecture, vol 395. Springer, Netherlands, pp 285–297Google Scholar
  14. 14.
    Koymans R, Shyamasundar RK, de Roever WP, Gerth R, Arun-Kumar S (1988) Compositional semantics for real-time distributed computing. Inf Comput 79(3): 210–256CrossRefGoogle Scholar
  15. 15.
    Lamport L (1992) Hybrid systems in tla+. In: Hybrid systems. Lecture notes in computer science, vol 736. Springer, Berlin, pp 77–102Google Scholar
  16. 16.
    Lamport L (2003) Specifying systems: the TLA+ language and tools for hardware and software engineers. Addison-Wesley, ReadingGoogle Scholar
  17. 17.
    Lau K-K, Ukis V, Velasco P, Wang Z (2006) A component model for separation of control flow from computation in component-based systems. Electron Notes Theor Comput Sci 163(1): 57–69CrossRefGoogle Scholar
  18. 18.
    Lee E (2002) Advances in computers, chapter Embedded software. Academic Press, New YorkGoogle Scholar
  19. 19.
    Lynch N, Segala R, Vaandrager F (1996) Hybrid i/o automata. Lecture notes in computer science. Springer, Berlin, pp 196–510Google Scholar
  20. 20.
    Ramakrishna YS, Shyamasundar RK (1995) A compositional semantics of esterel in duration calculus. In: Proceedings of second AMAST workshop on real-time systems: models and proofs, bordeux. Springer, BerlinGoogle Scholar
  21. 21.
    Rysavy O, Rab J (2008) A component-based approach to verification of embedded control systems using tla. In: IEEE proceedings of international multiconference on computer science and information technology. IEEE Computer Society Press, New York, pp 719–725Google Scholar

Copyright information

© Springer-Verlag London Limited 2009

Authors and Affiliations

  1. 1.FIT UIFS, Brno University of TechnologyBrnoCzech Republic

Personalised recommendations