Towards a theory of consistency enforcement

Abstract.

State oriented specifications with invariants occur in almost all formal specification languages. Hence the problem is to prove the consistency of the specified operations with respect to the invariants. Whilst the problem seems to be easily solvable in predicative specifications, it usually requires sophisticated verification efforts, when specifications in the style of Dijkstra's guarded commands as e.g. in the specification language B are used. As an alternative consistency enforcement will be discussed in this paper. The basic idea is to replace inconsistent operations by new consistent ones preserving at the same time the intention of the old one. More precisely, this can be formalized by consistent spezializations, where specialization is a specific partial order on operations defined via predicate transformers. It will be shown that greatest consistent specializations (GCSs) always exist and are compatible with conjunctions of invariants. Then under certain mild restrictions the general construction of such GCSs is possible. Precisely, given the GCSs of simple basic assignments the GCS of a complex operation results from replacing involved assignments by their GCSs and the investigation of a guard. In general, GCS construction can be embedded in refinement calculi and therefore strengthens the systematic development of correct programs.