Foundations of compositional program refinement

Safety properties
  • Rob Gerth
Technical Contributions
Part of the Lecture Notes in Computer Science book series (LNCS, volume 430)


The aim of this paper is twofold: first is to formulate a foundation for refinement of parallel programs that may synchronously communicate and/or share variables; programs rendered as 1st order transition systems. The second aim is to bring closer and to show the relevance of the algebraic theory of parallel processes to that of the refinement of such 1st order systems. We do this by first developing a notion of refinement and a complete verification criteria for it for algebraic, uninterpreted transition systems—basing ourselves on already existing theory. Then we show how 1st order transition systems can be translated—while preserving those aspects of their semantics that we are interested in—into uninterpreted transition systems. Since this translation is canonical, it is used to lift the algebraic refinement and verification criteria to the level of 1st order systems. Specifically, we show that they yield assertional methods for refinement of such systems that resemble the methods used in Z. Manna and A. Pnueli's temporal logic proof system.


refinement implementation concurrency compositionality algebraic process theory transition system simulation assertional methods communication shared variables completeness (pre-)congruence behavior full abstractness 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [AL88]
    M. Abadi, L. Lamport (1988), “The Existence of Refinement Mappings”, Proc. 3d IEEE Conf. on Logic in Computer Science (LICS), pp. 165–175.Google Scholar
  2. [AL90]
    M. Abadi, L. Lamport (1990), “Composing Specifications”, this volume.Google Scholar
  3. [AS86]
    B. Alpern, F.B. Schneider (1986), “Recognizing Safety and Liveness”, Technical Report TR86-727, Dept. of Computer Science, Cornell University.Google Scholar
  4. [BC85]
    G. Berry, L. Cosserat (1985), The Synchronous Programming Language ESTEREL and its Mathematical Semantics, LNCS 197, pp. 389–449, Springer Verlag.Google Scholar
  5. [BHR84]
    S. Brookes, C.A.R. Hoare, A. Roscoe (1984), A Theory of Communicating Sequential Processes, Journal of the ACM, Vol. 31, No. 7, pp. 560–599.CrossRefGoogle Scholar
  6. [BK84]
    J. Bergstra, J.W. Klop (1984), Process Algebra for Synchronous Communication, Information and Computation, Vol. 60, pp. 109–137.Google Scholar
  7. [BKO86]
    J. Bergstra, J.W. Klop, E.-R. Olderog (1986), “Failure semantics with fair abstraction”, Report CS-R8609, Center for Mathematics and Computer Science (CWI), Amsterdam.Google Scholar
  8. [CM88]
    K.M. Chandy, J. Misra (1988), Parallel Program Design, Addison-Wesley.Google Scholar
  9. [Dar82]
    Ph. Darondeau (1982), “An Enlarged Definition and Complete Axiomatization of Observational Congruence of Finite Processes”, LNCS 137, pp. 47–62, Springer Verlag.Google Scholar
  10. [Dij76]
    E.W. Dijkstra (1976), A Discipline of Programming, Prentice-Hall.Google Scholar
  11. [Eil74]
    S. Eilenberg (1974), Automata, Languages and Machines, Volume A, Academic Press.Google Scholar
  12. [FLS87]
    A. Fekete, N. Lynch, L. Shrira (1987), “A Modular Proof of Correctness for a Network Synchronizer”, Proc. 2nd International Workshop on Distributed Algorithms, LNCS 312, Springer Verlag.Google Scholar
  13. [GB87]
    R. Gerth, A. Boucher (1987), “A Timed Failures Model for Extended Communicating Processes”, Proc. 14th ICALP, LNCS 267, pp. 95–115, Springer Verlag.Google Scholar
  14. [GP89]
    R. Gerth, A. Pnueli (1989), “Rooting UNITY”, Proc. 5th IEEE International Workshop on Software Specification and Design, pp. 11–19.Google Scholar
  15. [Flo67]
    R. Floyd (1967), “Assigning Meaning to Programs”, Proc. Sympos. in Appl. Math. 19, pp. 19–32, American Mathematical Society.Google Scholar
  16. [Har87]
    D. Harel (1987), Statecharts: a visual approach to complex systems, Science of Computer Programming, Vol. 8, No. 3.Google Scholar
  17. [Hen88]
    M. Hennesy (1988), Algebraic Theory of Processes, The MIT press.Google Scholar
  18. [Hoa85]
    C.A.R. Hoare (1985), Communicating Sequential Processes, Prentice-Hall.Google Scholar
  19. [JM88]
    F. Jahanian, A. Mok (1988), Modecharts: a specification language for real-time systems, IEEE Transactions on Software Engineering, to appear.Google Scholar
  20. [Lam83]
    L. Lamport (1983), Specifying concurrent program modules, ACM Transactions on Programming Languages and Systems, Vol. 5, No. 2, pp. 190–222.CrossRefGoogle Scholar
  21. [Lam86]
    L. Lamport (1986), “Specification Simplified”, Technical Report, DEC Systems Research Center, Alamaden.Google Scholar
  22. [Lyn90]
    N. Lynch (1990), “Multivalued Possibilities Mappings”, this volume.Google Scholar
  23. [LS84]
    S.S. Lam, A.U. Shankar (1984), Protocol verification via projection, IEEE Transactions on Software Engineering, Vol. 10, No. 4, pp. 325–342.Google Scholar
  24. [LT87]
    N. Lynch, M. Tuttle (1987), “Hierarchical correctness proofs for distributed algorithms”, Proc. 6th ACM Sympos. Principles of Distributed Computing (PODC), pp. 137–151, ACM.Google Scholar
  25. [Mer90]
    M. Merrit (1990), “Completeness Theorems for Automata”, this volume.Google Scholar
  26. [Mil71]
    R. Milner (1971), “An algebraic definition of simulation between programs”, Proc. 2nd Joint Confer. on Artificial Intelligence, BCS, pp. 481–489.Google Scholar
  27. [Mil80]
    R. Milner (1980), A Calculus of Communicating Systems, LNCS 94, Springer-Verlag, New York.Google Scholar
  28. [Mil83]
    R. Milner (1983), Calculi for Synchrony and Asynchrony, Theoretical Computer Science, Vol. 25, pp. 267–310.CrossRefGoogle Scholar
  29. [Mil89]
    R. Milner (1989), Communication and Concurrency, Prentice Hall.Google Scholar
  30. [MP81]
    Z. Manna, A. Pnueli (1981), “Verification of Concurrent Programs: The Temporal Framework”, The Correctness Problem in Computer Science (R. S. Boyer, J. S. Moore, eds.), pp. 215–274, Academic Press.Google Scholar
  31. [MP84]
    Z. Manna, A. Pnueli (1984), Adequate Proof Principles for Invariance and Liveness Properties of Concurrent Programs, Science of Computer Programming, Vol. 4, pp. 257–289.CrossRefGoogle Scholar
  32. [Nic87]
    R. De Nicola (1987), Extensional Equivalences for Transition Systems, Acta Informatica, Vol. 24, pp. 211–237.CrossRefGoogle Scholar
  33. [NH84]
    R. De Nicola, M. Hennessy (1984), Testing Equivalences for Processes, Theoretical Computer Science, Vol. 34, pp. 83–133.CrossRefGoogle Scholar
  34. [SdeR87]
    F. Stomp, W.P. de Roever (1987), “A correctness proof of a distributed minimum-weight spanning tree algorithm”, Proc. 7th IEEE International Conference on Distributed Computer Systems (ICDCS), pp. 440–448.Google Scholar
  35. [Sto89]
    F. Stomp (1989), Design and Verification of Distributed Network Algorithms: Foundations and Applications, Ph.D. thesis, Eindhoven University of Technology.Google Scholar
  36. [WLL88]
    J. Welch, L. Lamport, N. Lynch (1988), “A lattice-structured proof of a minimum spanning tree algorithm”, Proc. ACM Symposium on Principles of Distributed Computing (PODC).Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1990

Authors and Affiliations

  • Rob Gerth
    • 1
  1. 1.Department of Computing ScienceEindhoven University of TechnologyEindhovenThe Netherlands

Personalised recommendations