VSR Mondex Meeting

1
VSR Mondex Meeting

• Cliff Jones
• University of Newcastle

2
Some related things Im up to

• Splitting (software) atoms (safely)
• EPSRC funded
• adding a design abstraction
• to data reification, operation decomposition
• the lie of atomicity
• Hayes/Jackson/Jones
• uses rely/guarantee reasoning
• first specify larger system
• record assumptions about bits cant control
• derive spec of computer system

3
Some questions about the yellow book spec

• so its OK for a designer to
• fix that each night all but one card loses 1 and
  it all shifts to her card
• OK for the bank to charge hidden interest
• another pound off per night
• for me
• the key issue of transfer between consenting
  individuals is crucial

4
but at least one mechanical proof

• face Tonys question
• in the intervening decade, have tools made it
  possible to completely check Susans proof
• even think about creating a better proof
• Im happy to view the YB abstract spec as a
  useful property wed like to prove

5
Jims programmesome issues Id like to look at

• promotion
• messy in VDM ?
• invariants (limit types?)
• guards and pre-conditions
• ordering operations
• reasoning about partial functions

6
Interdisciplinary Research Collaboration in
Dependability of Computer-Based Systems
www.dirc.org.uk