Reasoning about Timeouts

  • Ian J. Hayes
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2386)


In real-time programming a timeout mechanism allows exceptional behaviour, such as a lack of response, to be handled effectively, while not overly affecting the programming for the normal case. For example, in a pump controller if the water level has gone below the minimum level and the pump is on and hence pumping in more water, then the water level should rise above the minimum level within a specified time. If not, there is a fault in the system and it should be shut down and an alarm raised. Such a situation can be handled by normal case code that determines when the level has risen above the minimum, plus a timeout case handling the situation when the specified time to reach the minimum has passed.

In this paper we introduce a timeout mechanism, give it a formal definition in terms of more basic real-time commands, develop a refinement law for introducing a timeout clause to implement a specification, and give an example of using the law to introduce a timeout. The framework used is a machine-independent real-time programming language, which makes use of a deadline command to represent timing constraints in a machine-independent fashion. This allows a more abstract approach to handling timeouts.


Normal Case Auxiliary Variable Sequential Composition Idle Period Nondeterministic Choice 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    S. Dunne. Abstract commands: A uniform notation for specification and implementation. In C.J. Fidge, editor, Computing: The Australian Theory Symposium (CATS 2001), volume 42 of Electronic Notes in Theoretical Computer Science, pages 104–123. Elsevier, 2001.Google Scholar
  2. [2]
    C.J. Fidge, I.J. Hayes, and G. Watson. The deadline command. IEE Proceedings-Software, 146(2):104–111, April 1999.Google Scholar
  3. [3]
    S. Grundon, I.J. Hayes, and C.J. Fidge. Timing constraint analysis. In C. McDonald, editor, Computer Science’98: Proc. 21st Australasian Computer Sci. Conf. (ACSC’98), Perth, 4-6 Feb., pages 575–586. Springer, 1998.Google Scholar
  4. [4]
    I.J. Hayes. Separating timing and calculation in real-time refinement. In J. Grundy, M. Schwenke, and T. Vickers, editors, Int. Refinement Workshop and Formal Methods Pacific 1998, pages 1–16. Springer, 1998.Google Scholar
  5. [5]
    I.J. Hayes. Reasoning about non-terminating loops using deadline commands. In R. Backhouse and J.N. Oliveira, editors, Proc. Mathematics of Program Construction, volume 1837 of Lecture Notes in Computer Science, pages 60–79. Springer, 2000.CrossRefGoogle Scholar
  6. [6]
    I.J. Hayes. A predicative semantics for real-time refinement. In A. McIver and C.C. Morgan, editors, Essays in Programming Methodology. Springer, 2002.Google Scholar
  7. [7]
    I.J. Hayes. Reasoning about real-time repetitions: Terminating and nonterminating. Science of Computer Programming, 43(2–3):161–192, April 2002.Google Scholar
  8. [8]
    I.J. Hayes and M. Utting. Coercing real-time refinement: A transmitter. In D.J. Duke and A.S. Evans, editors, BCS-FACS Northern Formal Methods Workshop (NFMW’96). Springer, 1997.Google Scholar
  9. [9]
    I.J. Hayes and M. Utting. A sequential real-time refinement calculus. Acta Informatica, 37(6):385–448, 2001.zbMATHCrossRefMathSciNetGoogle Scholar
  10. [10]
    E.C.R. Hehner. Termination is timing. In J.L.A. van de Snepscheut, editor, Mathematics of Program Construction, volume 375 of Lecture Notes in Computer Science, pages 36–47. Springer, June 1989.Google Scholar
  11. [11]
    E.C.R. Hehner. A Practical Theory of Programming. Springer, 1993.Google Scholar
  12. [12]
    C.A.R. Hoare and He Jifeng. Unifying Theories of Programming. Prentice Hall, 1998.Google Scholar
  13. [13]
    J. Hooman. Specification and Compositional Verification of Real-Time Systems, volume 558 of Lecture Notes in Computer Science. Springer-Verlag, 1991.zbMATHGoogle Scholar
  14. [14]
    C.B. Jones. Program specification and verification in VDM. Technical Report UMCS-86-10-5, Department of Computer Science, University of Manchester, 1986.Google Scholar
  15. [15]
    C.C. Morgan. Programming from Specifications. Prentice Hall, second edition, 1994.Google Scholar
  16. [16]
    C.C. Morgan and T.N. Vickers. Types and invariants in the refinement calculus. Science of Computer Programming, 14:281–304, 1990.CrossRefMathSciNetzbMATHGoogle Scholar
  17. [17]
    C.C. Morgan and T.N. Vickers. Types and invariants in the refinement calculus. In C.C. Morgan and T.N. Vickers, editors, On the Refinement Calculus, pages 127–154. Springer-Verlag, 1994. Originally published as [16].Google Scholar
  18. [18]
    S. Schneider. Specification and verification in timed CSP. In M. Joseph, editor, Real-time Systems: Specification, Verification and Analysis, chapter 6, pages 147–181. Prentice Hall, 1996.Google Scholar
  19. [19]
    S. Schneider. Concurrent and Real-time Systems: The CSP Approach. Wiley, 2000.Google Scholar
  20. [20]
    D.J. Scholefield. A Refinement Calculus for Real-Time Systems. PhD thesis, Department of Computer Science, University of York, U.K., 1992.Google Scholar
  21. [21]
    D.J. Scholefield, H. Zedan, and He Jifeng. A specification-oriented semantics for the refinement of real-time systems. Theoretical Computer Science, 131:219–241, 1994.zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Ian J. Hayes
    • 1
  1. 1.School of Information Technology and Electrical EngineeringThe University of QueenslandBrisbaneAustralia

Personalised recommendations