Z User Workshop, Oxford 1990(English, Paperback, unknown)
Quick Overview
Product Price Comparison
The approach described in [JonSl, JonS3a, JonS3b] set out to extend operation decom- position methods for sequential programs - such as are used in VDM [Jon90] - to cover concurrent shared-variable systems. The essential step in [JonSl] was to recognise that 1 inter/erence had to be specified. This is necessary in order to achieve a notion of compo- sitionality - contrast [Owi75]. Rather than the many erudite definitions of composition- ality (e. g. [ZwiSS]), the view taken here is that, when a development task is decomposed into sub-tasks, these must be simpler than the original 'task. This is easy to achieve for sequential programs: decomposing a specified operation S into (Sl; S2), the specifica- tions of the Sj should neither include unnecessary information from each other nor from the context (i. e. S). An interesting discussion of the 'Quest for Compositionality' (in the context of concurrency) is contained in [dRS5, dRS6]. The rely/guarantee idea provided an existence proof that specifications and developments could be made powerful enough to cope with some forms of interference.The work initially attracted little attention but 2 3 there have recently been some critiques and attempts to extend the work * Most notably, Ketil St~len's thesis [St~90] addresses the main shortcomings of [JonSl]: the fact that no attempt had been made to handle synchronization has been remedied by adding a wait condition and other limitations of expressiveness have been shown to succumb to the judicious use of auxiliary variables.