Modular Specification of Encapsulated Object-Oriented Components

  • Arnd Poetzsch-Heffter
  • Jan Schäfer
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4111)


A well-defined boundary of components allows to encapsulate internal state and to distinguish between internal calls that remain inside the component and external calls that have target objects outside the component. From a static point of view, such boundaries define the programmer’s interface to the component. In particular, they define the methods that can be called on the component. From a dynamic point of view, the boundaries separate the component state and those parts of the program state outside the component.

In this tutorial paper, we investigate encapsulated components that are realized based on object-oriented concepts. We define a semantics that captures a flexible notion of hierarchical encapsulation with confined references. The semantics generalizes the encapsulation concepts of ownership types. It is used as a foundation for modular behavioral component specifications. In particular, it allows to provide a simple semantics for invariants and an alternative solution for the frame problem. We demonstrate this new specification methodology by typical programming patterns.


Induction Hypothesis Boundary Object External Object Frame Problem Pure Type 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ábrahám, E., Bonsangue, M.M., de Boer, F.S., Grüner, A., Steffen, M.: Observability, connectivity, and replay in a sequential calculus of classes. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2004. LNCS, vol. 3657, pp. 296–316. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  2. 2.
    Aldrich, J., Chambers, C.: Ownership domains: Separating aliasing policy from mechanism. In: Odersky [29], pp. 1–25Google Scholar
  3. 3.
    Banerjee, A., Naumann, D.A.: Representation independence, confinement and access control. In: Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 2002), pp. 166–177. ACM Press, New York (2002)CrossRefGoogle Scholar
  4. 4.
    Barnett, M., Naumann, D.A.: Friends need a bit more: Maintaining invariants over shared state. In: Kozen, D. (ed.) MPC 2004. LNCS, vol. 3125, pp. 54–84. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  5. 5.
    Barnett, M., DeLine, R., Fähndrich, M., Leino, K.R.M., Schulte, W.: Verification of object-oriented programs with invariants. Journal of Object Technology 3(6) (2004)Google Scholar
  6. 6.
    Boyapati, C., Lee, R., Rinard, M.: Ownership types for safe programming: Preventing data races and deadlocks. In: OOPSLA 2002 [30], pp. 211–230Google Scholar
  7. 7.
    Büchi, M.: Safe Language Mechanisms for Modularization and Concurrency. PhD thesis, Turku Centre for Computer Science (May 2000)Google Scholar
  8. 8.
    Clarke, D.: Object Ownership and Containment. PhD thesis, University of New South Wales (July 2001)Google Scholar
  9. 9.
    Clarke, D., Potter, J., Noble, J.: Ownership types for flexible alias protection. In: Proceedings of the 13th ACM SIGPLAN Conference on Object-Oriented Programing, Systems, Languages, and Applications (OOPSLA 1998), pp. 48–64. ACM Press, New York (1998)CrossRefGoogle Scholar
  10. 10.
    DeLine, R., Fähndrich, M.: Typestates for objects. In: Odersky [29], pp. 465–490Google Scholar
  11. 11.
    Dietl, W., Müller, P.: Universes: Lightweight ownership for JML. Journal of Object Technology 4(8), 5–32 (2005)CrossRefGoogle Scholar
  12. 12.
    Dietl, W., Müller, P., Poetzsch-Heffter, A.: A type system for checking applet isolation in Java Card. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 129–150. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Flatt, M., Krishnamurthi, S., Felleisen, M.: A programmer’s reduction semantics for classes and mixins. In: Alves-Foss, J. (ed.) Formal Syntax and Semantics of Java. LNCS, vol. 1523, pp. 241–269. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  14. 14.
    Gosling, J., Joy, B., Steele, G., Bracha, G.: The JavaTM Language Specification, 2nd edn. Addison-Wesley, Reading (2000)Google Scholar
  15. 15.
    Guttag, J.V., Horning, J.J.: Larch: Languages and Tools for Formal Specification. In: Texts and Monographs in Computer Science. Springer, Heidelberg (1993)Google Scholar
  16. 16.
    Igarashi, A., Pierce, B.C., Wadler, P.: Featherweight Java: A minimal core calculus for Java and GJ. ACM Transactions on Programming Languages and Systems (TOPLAS) 23(3), 396–450 (2001)CrossRefGoogle Scholar
  17. 17.
    Leavens, G.T., Baker, A.L., Ruby, C.: JML: A notation for detailed design. In: Kilov, H., Rumpe, B., Simmonds, I. (eds.) Behavioral Specifications of Businesses and Systems, ch. 12, pp. 175–188. Kluwer, Dordrecht (1999)Google Scholar
  18. 18.
    Leavens, G.T., Baker, A.L., Ruby, C.: Preliminary design of JML. Technical Report No. 98-06z, Iowa State University (2004)Google Scholar
  19. 19.
    Leino, K.R.M., Müller, P.: Object invariants in dynamic contexts. In: Odersky [29], pp. 491–516.Google Scholar
  20. 20.
    Leino, K.R.M., Nelson, G.: Data abstraction and information hiding. ACM Transactions on Programming Languages and Systems (TOPLAS) 24(5), 491–553 (2002)CrossRefGoogle Scholar
  21. 21.
    Leino, K.R.M., Poetzsch-Heffter, A., Zhou, Y.: Using data groups to specify and check side effects. In: Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation (PLDI 2002), pp. 246–257. ACM Press, New York (2002)CrossRefGoogle Scholar
  22. 22.
    Microsoft. C# Language Specification (2001)Google Scholar
  23. 23.
    Müller, P.: Modular Specification and Verification of Object-Oriented Programs. LNCS, vol. 2262. Springer, Heidelberg (2002)MATHCrossRefGoogle Scholar
  24. 24.
    Müller, P., Poetzsch-Heffter, A.: Universes: A type system for alias and dependency control. Technical Report 279–1, Fernuniversität Hagen (2001)Google Scholar
  25. 25.
    Müller, P., Poetzsch-Heffter, A., Leavens, G.T.: Modular specification of frame properties in JML. Concurrency and Computation: Practice and Experience 15(2), 117–154 (2003)MATHCrossRefGoogle Scholar
  26. 26.
    Müller, P., Poetzsch-Heffter, A., Leavens, G.T.: Modular invariants for layered object structures. Technical Report 424, ETH Zürich, Chair of Software Engineering (2005)Google Scholar
  27. 27.
    Naumann, D.A.: Assertion-based encapsulation, object invariants and simulations. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2004. LNCS, vol. 3657, pp. 251–273. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  28. 28.
    Noble, J., Vitek, J., Potter, J.: Flexible alias protection. In: Jul, E. (ed.) ECOOP 1998. LNCS, vol. 1445, pp. 158–185. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  29. 29.
    Odersky, M. (ed.): ECOOP 2004. LNCS, vol. 3086. Springer, Heidelberg (2004)Google Scholar
  30. 30.
    Proceedings of the 17th ACM SIGPLAN Conference on Object-Oriented Programing, Systems, Languages, and Applications (OOPSLA 2002). ACM Press, New York (2002)Google Scholar
  31. 31.
    Poetzsch-Heffter, A.: Specification and verification of object-oriented programs. Habilitationsschrift, Technische Universität München (1997)Google Scholar
  32. 32.
    Pucella, R.: Towards a formalization for COM part I: the primitive calculus. In: OOPSLA 2002 [30], pp. 331–342 (2002)Google Scholar
  33. 33.
    Schäfer, J., Poetzsch-Heffter, A.: Simple fuzzy ownership domains (unpublished) (Preliminary version), Available at:
  34. 34.
    Sun Microsystems, Inc., Palo Alto, CA. Java CardTM2.1.1 Virtual Machine Specification (May 2000)Google Scholar
  35. 35.
    Sun Microsystems, Inc. JavaTM2 Platform, Standard Edition, v 1.4.2 API Specification (2003),
  36. 36.
    Szyperski, C., Gruntz, D., Murer, S.: Component Software — Beyond Object-Oriented Programming, 2nd edn. Addison-Wesley, Reading (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Arnd Poetzsch-Heffter
    • 1
  • Jan Schäfer
    • 1
  1. 1.Technische Universität KaiserslauternGermany

Personalised recommendations