We use cookies to distinguish you from other users and to provide you with a better experience on our websites. Close this message to accept cookies or find out how to manage your cookie settings.
We use cookies to distinguish you from other users and to provide you with a better experience on our websites. Close this message to accept cookies or find out how to manage your cookie settings.
Published online by Cambridge University Press: 02 March 2010
There are many existing formal methods that support modeling and analysis with complex state, including Alloy (Jackson, 2006), ASMs (Gurevich, 1995; Börger and Stärk, 2003), B (Abrial, 1996), Promela (Holzmann, 2004), TLA (Lamport, 2002), Unity (Chandy and Misra, 1988), VDM (Fitzgerald and Larsen, 1998), and Z (Woodcock and Loomes, 1989; Spivey, 1992; Davies and Woodcock, 1996; Jacky, 1997). Case studies in these methods demonstrate many ways to use sets, bags, sequences, maps, and other data types similar to the ones in the modeling library.
AsmL (abstract state machine language) (Gurevich et al., 2005) includes highlevel data structures like sets and maps and builds on the theory of partial updates (Gurevich and Tillmann, 2005) that allows pointwise changes to such data structures that may, moreover, be nested. AsmL was first supported in the model-based testing tool AsmL-T (Barnett et al., 2003) and is also supported in the Spec Explorer tool (Spec Explorer, 2006). Spec Explorer also supports an extension of the SpeC# language (Barnett et al., 2005) with high-level data structures such as sets and maps.
The pruning techniques discussed in Section 11.2 are mostly based on work that was done in Spec Explorer (Veanes et al., in press). The use of composition in this context is based on Veanes et al. (2007a). The state grouping technique discussed in Section 11.2.5 is introduced in Grieskamp et al. (2002). The algorithm is also explained in Börger and Stärk (2003, Section 3.2). The technique can be extended to multiple groupings (Campbell and Veanes, 2005) that can be used to define groupings per feature in a model program with multiple features. State grouping is related to abstraction in model checking (Clarke et al., 1999).
To save this book to your Kindle, first ensure no-reply@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.
Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.
Find out more about the Kindle Personal Document Service.
To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.
To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.
