slide
advertisement
An Institution for Imperative RSL Specifications
Dedicated to Kokichi Futatsugi
Anne E. Haxthausen
DTU Compute
Technical University of Denmark
aeha@dtu.dk
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 1
Agenda
1. Background and goals.
2. Semantic approach using institutions.
3. RSLI : an imperative subset of RSL.
4. Definition of an institution for RSLI .
5. Concluding remarks and related work
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 2
Background
The RAISE specification language RSL:
◆ is a formal specification language
◆ integrates different specification styles:
■ algebraic and model-oriented,
■ applicative, imperative, and concurrent
in a unifying syntax and semantics
◆ useful for software development
But:
◆ its denotational semantics is very complicated due to:
■ the unifying semantics
■ the way it has been defined
Question: How can we provide a better semantics?
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 3
Solution Idea
A Typical RAISE Development:
Algebraic
Model−oriented
Applicative
Imperative
RSLI
Idea:
1. provide semantics for selected subsets of RSL ⇒ simpler
semantic domains
2. make these semantics institution-based ⇒ clear structure, can
relate specs of various institutions by defining mappings between
the institutions
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 4
Contribution of this Paper
1. Definition of an institution for an imperative subset RSLI of RSL.
2. Sketch of the institution-based semantics for this subset.
Related work: [Lindegaard&Haxthausen 2004] gave an
institution-based semantics for an applicative subset of RSL.
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 5
Institutions
A category theoretical formalization of the concept of “a logical system”, [Goguen & Burstall].
An institution consists of
◆ a category Sign of signatures Σ and signature morphisms
σ : Σ → Σ′
◆ a functor Sen : Sign → Set:
Sen(Σ) is the set of Σ-sentences,
Sen(σ) : Sen(Σ)→Sen(Σ′ ) is the σ sentence translation map
◆ a functor M od : Sign → Catop :
M od(Σ) is the category of Σ-models and Σ-homomorphisms,
M od(σ) : M od(Σ′ ) → M od(Σ) is a σ reduct functor
◆ a satisfaction relation |=Σ ⊆ |M od(Σ)| × Sen(Σ) for each Σ ∈ Sign
such that the satisfaction condition is fulfilled for any σ : Σ → Σ′ , m′ , e:
m′ |=Σ′ Sen(σ)(e)
c
Anne
E. Haxthausen
i
M od(σ)(m′ ) |=Σ e
An Institution for Imperative RSL Specifications – p. 6
Semantic Approach
RSL I specs
Theory presentations
Kernel
determines
( Σ, Ε)
Mod (Σ)
Mod (Σ, Ε)
m1 m2 ...
short for
◆ An RSLI spec sp determines a signature Σ and a set of sentences
E ⊆ Sen(Σ).
◆ The semantics of sp is the loose semantics of (Σ, E):
M od(Σ, E) = { m ∈ M od(Σ) | (∀ e ∈ E : m |=Σ e) }
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 7
RSLI Kernel Specifications
An RSLI kernel specification consists of:
◆ abbreviation type definitions: type id = t
◆ variable declarations: variable x : t
◆ value declarations: value v : t (values can be possibly higher-order functions)
◆ axioms (axiom e)
where
◆ t is a type expression:
∼
t ::= Bool | Int |...| t × t |...| t → read {x1 , ..., xn } write {x′1 , ..., x′m } t
◆ e is a value expression:
e ::= v | x |true|false|...|(e, e)|...|e op e|e(e)|∀ id : t • e|...|x := e|e ; e|...
Note: no syntactic distinction between value expressions and statements.
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 8
Example of an RSLI Kernel Specification
class
type Stack = Intω
variable stack : Intω
value
∼
push : Int → read {stack} write {stack} Unit
axiom
∀ elem : Int • push(elem) ≡ stack := helemi b stack
end
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 9
Agenda
1. Background and goals.
2. Semantic approach using institutions.
3. RSLI : an imperative subset of RSL.
4. Definition of an institution for RSLI :
(a) signatures
(b) sentences
(c) models
(d) satisfaction relation
5. Concluding remarks and related work
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 10
Signatures
For a set of variables X , T (X) denotes the set of type expressions over X .
A signature is a triple Σ = (A, OP, V ) where
◆ A ∈ IdA →
m T (IdV ) maps type ids in IdA to type expressions.
◆ OP ∈ IdOP →
m T (IdV ) maps value ids in IdOP to type expressions.
◆ V ∈ IdV →
m T (∅) maps variable ids in IdV to type expressions.
Example: The signature of
class
type Stack = Intω
variable stack : Intω
∼
value push : Int → read {stack} write {stack} Unit
axiom ...
end
has A = [ Stack 7→ Intω ], V = [ stack 7→ Intω ],
∼
OP = [ push 7→ Int → read {stack} write {stack} Unit ]
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 11
Static Semantics of Value Expressions e
Assertion Σ ⊢ e ⊲ t, rs, ws states: e is well-formed wrt. Σ and
◆ has type t ∈ T (IdV )
◆ potentially reads in the variables in rs ⊆ IdV
◆ potentially writes in the variables in ws ⊆ IdV
Inference rules define the static semantics:
Σ ⊢ e ⊲ t, rs, ws, x ∈ IdV , t = V (x)
(A, OP, V ) ⊢ x := e ⊲ Unit, rs, ws ∪ {x}
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 12
Σ-Sentences
◆ An Σ-sentence is a an RSLI value expression e for which
Σ ⊢ e ⊲ Bool, rs, ∅ holds for some rs.
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 13
Semantics Domains
◆ Valuet for each t ∈ T (IdV ):
■ ValueInt = Z
■ ...
■ Value ∼
=
t1 → read rs write ws t2
Valuet1 → (Storers → ((Storews × Valuet2 ) ∪ {⊥})), where
Storevs = {st : IdV →
m Value | dom st = vs ∧ ∀v ∈ vs • st(v) ∈ V alueV (v) }
◆ Value =
S
t∈T (IdV )
Valuet
◆ Type = {Valuet | t ∈ T (IdV )}
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 14
Σ-Models
Let Σ = (A, OP, V ). A Σ-model is a triple m = (mA , mOP , stinit ) where
◆ mA ∈ IdA →
m Type is an interpretation of type ids in A
◆ mOP ∈ IdOP →
m Value is an interpretation of value ids in OP
◆ stinit ∈ IdV →
m Value is an initial store for variables in V
such that
T (IdV )
IdOP
OP
✲
T (IdV )
= MΣ
mOP
✛
M
mA
Σ
A
✲
IdA
❄
❄
T ype
V alue
∈✲
IdV
V✲
T (∅)
= MΣ
mV
❄
❄
T ype
V alue
∈✲
❄
T ype
where Value and Type are the semantic domain of values and types, and
MΣ ∈ T (IdV ) → T ype is the meaning function for type expressions:
MΣ (t) = Valuet
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 15
Dynamic Semantics of Σ Value Expressions
Let Σ = (A, OP, V ).
The semantics of a Σ value expression e in a Σ-model m:
MΣ (m)(e) ∈ StoreIdV → ((StoreIdV × Valuet ) ∪ {⊥})
where
◆ t is the static type of e , i.e. Σ ⊢ e ⊲ t, rs, ws for some rs and ws
Example:
MΣ (m)(x := e)(st) =
case MΣ (m)(e)(st) of
⊥ → ⊥,
(st′ , v ′ ) → (st′ † [ x 7→ v ′ ], skip)
end
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 16
Satisfaction Relation
For any Σ-model m and any Σ-sentence e
m |=Σ e
if and only if
∀st ∈ StoreIdV
c
Anne
E. Haxthausen
•
M Σ (m)(e)(st) = (st, tt)
An Institution for Imperative RSL Specifications – p. 17
Signature Morphisms
Let Σ = (A, OP, V ) and Σ′ = (A′ , OP ′ , V ′ ) be signatures.
A signature morphism σ : Σ → Σ′ is a triple σ = (σA , σOP , σV ) where
◆ σA ∈ IdA → IdA′ is a mapping of abbreviation type names
◆ σOP ∈ IdOP → IdOP ′ is a mapping of value names
◆ σV ∈ IdV → Id′V is an injective mapping of variable names
such that
IdA
A
❄
T (IdV )
c
Anne
E. Haxthausen
σA ✲ ′
IdA
A′
❄
σ✲
T (IdV ′ )
IdOP
OP
❄
T (IdV )
σOP✲
IdOP ′
OP ′
❄
σ✲
T (IdV ′ )
IdV
σV ✲
V′
V
❄
T (∅)
IdV ′
id ✲
❄
T (∅)
An Institution for Imperative RSL Specifications – p. 18
Sen(σ) and M od(σ)
Each signature morphisms σ : Σ → Σ′ can be lifted to:
◆ a sentence translation function Sen(σ) : Sen(Σ)→Sen(Σ′ ) and
◆ a model reduct functor M od(σ) : M od(Σ′ ) → M od(Σ)
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 19
Concluding Remarks
Results:
◆ an institution for RSLI
◆ a sketch of how RSLI can be given semantics in terms of that
Evaluation:
◆ the new semantics is simpler and more elegant than the old one
Future work:
◆ extend RSLI and the underlying institution to allow sorts and ...
◆ define a mapping between institutions for applicative to imperative
specifications
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 20
Related Work on Semantics of State-based Specs
◆ co-algebraic approaches, but they use terminal and not loose
semantics as in RSL
◆ Hennicker&Bidoit 1998: used a loose semantics for an
observational logic, but RSL is not using an observational
approach
◆ Futatsugi et al.: used a behavioural approach with hidden sorts for
CafeOBJ
◆ Baumeister&Zamulin 2000: state-based extension of CASL having
a loose semantics, but in this extension there is a syntactic and
semantic distinction between applicative and imperative functions
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 21
Thank you for you attention!
c
Anne
E. Haxthausen
An Institution for Imperative RSL Specifications – p. 22
