The incremental development of correct specifications for distributed systems

  • Stephan Kleuker
  • Hermann Tjabben
Session 7b: Distributed Systems (2)
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1051)


Provably correct software can only be achieved by basing the development process on formal methods. For most industrial applications such a development never terminates because requirements change and new functionality has to be added to the system. Therefore a formal method that supports an incremental development of complex systems is required. The project CoCoN (Provably Correct Communication Networks) that is carried out jointly between Philips Research Laboratories Aachen and the University of Oldenburg takes results from the ESPRIT Basic Research Action ProCoS to show the applicability of a more formal approach to the development of correct telecommunications software. These ProCoS-methods have been adapted to support the development of extensible specifications for distributed systems. Throughout this paper our approach is exemplified by a case study how call handling software for telecommunication switching systems should be developed.


extension of existing formal methods combination of methods incremental development 


  1. 1.
    D. Bjørner, H. Langmaack, C.A.R. Hoare, ProCoS I Final Deliverable, ProCoS Technical Report ID/DTH db 13/1, January 1993Google Scholar
  2. 2.
    D. Bjørner et al., A ProCoS project description: ESPRIT BRA 3104, Bulletin of the EATCS, 39:60–73, 1989Google Scholar
  3. 3.
    J. Bohn, H. Hungar, TRAVERDI — Transformation and Verification of Distributed Systems, in M. Broy, S. Jähnichen, (eds.): KORSO: Methods, Languages, and Tools for the Construction of Correct Software, LNCS 1009 (Springer-Verlag), 1995Google Scholar
  4. 4.
    J. Bohn, S. Rössig, On Automatic and Interactive Design of Communicating Systems, in B. Steffen (ed.): Proc. TACAS '95, LNCS 1019 (Springer Verlag), 1995Google Scholar
  5. 5.
    J. Bowen et al., Developing Correct Systems, Bulletin of the EATCS, June 1993Google Scholar
  6. 6.
    J.R. Burch et al, Symbolic Model Checking: 1020 States and Beyond, in Proceedings of the Fifth Annual Logic in Computer Science, June 1990Google Scholar
  7. 7.
    D. Y. Chao, D. T. Wang, An Interactive Tool for Design, Simulation, Verification, and Synthesis of Protocols, Software — Practice and Experience, Vol. 24(8), 1994Google Scholar
  8. 8.
    E.M. Clarke et al., Automatic Verification of Finite State Concurrent Systems Using Temporal Logic Specifications, ACM TOPLAS 8, 1986Google Scholar
  9. 9.
    E.M. Clarke, O. Grumberg, D. Long, Verification Tools for Finite-State Concurrent Systems, in J.W. de Bakker, W.-P. de Roever, G. Rozenberg (eds.): Decade of Concurrency, LNCS 803 (Springer-Verlag), 1995Google Scholar
  10. 10.
    M. Francis et al., LAMBDA Version 4.3, Documentation Set, 1993Google Scholar
  11. 11.
    D. Harel, Statecharts: A Visual Formalism for Complex Systems, Science of Computer Programming 8, 1987Google Scholar
  12. 12.
    H. Hungar, Combining Model Checking and Theorem Proving to Verify Parallel Processes, in C. Courcoubetis (ed.): Computer Aided Verification, LNCS 697 (Springer-Verlag), 1993Google Scholar
  13. 13.
    C.A.R. Hoare, Communicating Sequential Processes, Prentice-Hall, London, 1985Google Scholar
  14. 14.
    S. Kleuker, A. Kehne, H. Tjabben, Provably Correct Communication Networks (CoCoN), Philips Research Laboratories Aachen, Technical Report, 1123/95, 1995 available by ftp: /pub/procos/cocon/ Scholar
  15. 15.
    S. Kleuker, Case Study: Stepwise Development of a Communication Processor using Trace Logic, in D.J. Andrews et al. (eds.): Workshop on Semantics of Specification Languages, Utrecht 1993, Workshops in Computing (Springer-Verlag), 1994Google Scholar
  16. 16.
    S. Kleuker, A Gentle Introduction to Specification Engineering Using a Case Study in Telecommunications, in P.D. Mosses, M. Nielsen, M.I. Schwartzbach (eds.): Proc. TAPSOFT '95, LNCS 915 (Springer-Verlag), 1995Google Scholar
  17. 17.
    S. Kleuker, H. Tjabben, A Formal Approach to the Development of Reliable Multi-User Multimedia Applications, in R. Gotzhein, J. Bredereke, (eds.): Proc. of the 5th GI/ITG-Fachgespräch “Formale Beschreibungstechniken für verteilte Systeme”, University of Kaiserslautern, 1995Google Scholar
  18. 18.
    S. Kleuker, Model Checking with Trace Logic (Draft), University of Oldenburg, internal paper, 1995Google Scholar
  19. 19.
    L. Lamport, TLA in Pictures, technical research report, Digital Equipment Corporation, in,1994Google Scholar
  20. 20.
    L. Logrippo, M. Faci, M. Haj-Hussein, An Introduction to LOTOS, Computer Networks and ISDN Systems 23 (1992) 325–342, North-HollandGoogle Scholar
  21. 21.
    N.A. Lynch, M.R. Tuttle, An Introduction to Input/Output Automata, Technical Report CWI-Quarterly 2(3), CWI, 1989Google Scholar
  22. 22.
    O. Müller, T. Nipkow, Combining Model Checking and Deduction for I/O-Automata, in B. Steffen (ed.): Proc. TACAS '95, LNCS 1019 (Springer Verlag), 1995Google Scholar
  23. 23.
    E.-R. Olderog, Towards a Design Calculus for Communicating Programs, LNCS 527 (Springer-Verlag), p. 61–77, 1991Google Scholar
  24. 24.
    E.-R. Olderog, S. Rössig, A Case Study in Transformational Design on Concurrent Systems, in M.-C. Gaudel, J.-P. Jouannaud (eds.): Proc. TAPSOFT '93, LNCS (Springer-Verlag), 1993Google Scholar
  25. 25.
    E.-R. Olderog, S. Rössig, J. Sander, M. Schenke, ProCoS at Oldenburg: The Interface between Specification Language and OCCAM-like Programming Language. Technical Report Bericht 3/92, Univ. Oldenburg, Fachbereich Informatik, 1992.Google Scholar
  26. 26.
    S. Owicki, D. Gries, An Axiomatic Proof Technique for Parallel Programs, Acta Informatica, 16, 1976Google Scholar
  27. 27.
    H.A. Partsch, Specification and Transformation of Programs, Springer-Verlag, 1990Google Scholar
  28. 28.
    W. Reif, K. Stenzel, Reuse of Proofs in Software Verification, in Shyamasundar (ed.): Foundations of Software Technology and Theoretical Computer Science, Bombay, LNCS 761 (Springer-Verlag), 1993Google Scholar
  29. 29.
    S. Rössig, A Transformational Approach to the Design of Communicating Systems, PhD thesis, University of Oldenburg, 1994Google Scholar
  30. 30.
    S. Rössig, M. Schenke, Specification and Stepwise Development of Communicating Systems, LNCS 551 (Springer-Verlag), 1991Google Scholar
  31. 31.
    P. Zafiropulo et al., Towards Analyzing and Synthesizing Protocols, IEEE Transactions on Communications, Vol COM-28, No. 4, April 1980Google Scholar
  32. 32.
    J. Zwiers, Compositionality, Concurrency and Partial Correctness — Proof Theories for Networks of Processes and Their Relationship, LNCS 321 (Springer-Verlag), 1989Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1996

Authors and Affiliations

  • Stephan Kleuker
    • 1
  • Hermann Tjabben
    • 2
  1. 1.FB InformatikUniversity of OldenburgOldenburgGermany
  2. 2.Philips Research Laboratories AachenAachenGermany

Personalised recommendations