The University of Southampton
University of Southampton Institutional Repository

Retrenching the purse: The balance enquiry quandary, and generalised and (1, 1) forward refinements

Retrenching the purse: The balance enquiry quandary, and generalised and (1, 1) forward refinements
Retrenching the purse: The balance enquiry quandary, and generalised and (1, 1) forward refinements
Some of the success stories of model based refinement are recalled, as well as some of the annoyances that arise when refinement is deployed in the engineering of large systems. The way that retrenchment attempts to alleviate such inconveniences is briefly reviewed. The Mondex Electronic Purse formal development provides a highly credible testbed for examining how real world refinement difficulties can be treated via retrenchment. The contributions of retrenchment to integrating the real implementation with the formal development are surveyed, and the extraction of commonly occurring ‘retrenchment patterns’ is recalled. One of the Mondex difficulties, the ‘Balance Enquiry Quandary’ is treated in detail, and the way that retrenchment is able to account for the system behaviour is explained. The problem is reconsidered using generalised forward refinement, and the simplicity of the resolution of the quandary, both by retrenchment, and by generalised forward refinement, inspires the creation of a genuine (1; 1) forward refinement for Mondex, something long thought impossible. The forward treatment exhibits a similar balance enquiry quandary to the backward refinement, as it must, given that both are refinements of an atomic action to a non-atomic protocol, and the forward quandary is dealt with as easily by retrenchment as is the backward case. The simplicity of the retrenchment treatment foreshadows a general purpose retrenchment Atomicity Pattern for dealing with atomic-versus-finegrained situations.
Retrenchment, Refinement, Verification, Mondex Purse, Atomicity
29-69
Banach, Richard
3c9a2946-4d86-428e-bce2-6dfdde219ff3
Jeske, Czeslaw
fbe74737-872a-44ad-9592-d2036aeb95a1
Poppleton, Michael
4c60e63f-188c-4636-98b9-de8a42789b1b
Stepney, Susan
7a80b0af-85d5-4686-87fe-62d782c72156
Skowron, A
edef9f61-bd4a-42ab-bc9c-42d4b9d9c07a
Bartol, W
091d1d8d-5014-429e-a42d-7e91447de9a5
Polkowski, L
4eb98601-c1d6-4ebc-bbdc-2a7a04d574e5
Rasiowa, H
a59a349a-e77c-4bc1-b9ed-8e51060ed39b
Banach, Richard
3c9a2946-4d86-428e-bce2-6dfdde219ff3
Jeske, Czeslaw
fbe74737-872a-44ad-9592-d2036aeb95a1
Poppleton, Michael
4c60e63f-188c-4636-98b9-de8a42789b1b
Stepney, Susan
7a80b0af-85d5-4686-87fe-62d782c72156
Skowron, A
edef9f61-bd4a-42ab-bc9c-42d4b9d9c07a
Bartol, W
091d1d8d-5014-429e-a42d-7e91447de9a5
Polkowski, L
4eb98601-c1d6-4ebc-bbdc-2a7a04d574e5
Rasiowa, H
a59a349a-e77c-4bc1-b9ed-8e51060ed39b

Banach, Richard, Jeske, Czeslaw, Poppleton, Michael and Stepney, Susan , Skowron, A, Bartol, W, Polkowski, L and Rasiowa, H (eds.) (2007) Retrenching the purse: The balance enquiry quandary, and generalised and (1, 1) forward refinements. Fundamenta Informaticae, 77 (1-2), 29-69.

Record type: Article

Abstract

Some of the success stories of model based refinement are recalled, as well as some of the annoyances that arise when refinement is deployed in the engineering of large systems. The way that retrenchment attempts to alleviate such inconveniences is briefly reviewed. The Mondex Electronic Purse formal development provides a highly credible testbed for examining how real world refinement difficulties can be treated via retrenchment. The contributions of retrenchment to integrating the real implementation with the formal development are surveyed, and the extraction of commonly occurring ‘retrenchment patterns’ is recalled. One of the Mondex difficulties, the ‘Balance Enquiry Quandary’ is treated in detail, and the way that retrenchment is able to account for the system behaviour is explained. The problem is reconsidered using generalised forward refinement, and the simplicity of the resolution of the quandary, both by retrenchment, and by generalised forward refinement, inspires the creation of a genuine (1; 1) forward refinement for Mondex, something long thought impossible. The forward treatment exhibits a similar balance enquiry quandary to the backward refinement, as it must, given that both are refinements of an atomic action to a non-atomic protocol, and the forward quandary is dealt with as easily by retrenchment as is the backward case. The simplicity of the retrenchment treatment foreshadows a general purpose retrenchment Atomicity Pattern for dealing with atomic-versus-finegrained situations.

Text
Retrench.Mondex.Bal.pdf - Other
Restricted to Repository staff only
Request a copy
Text
Retrench.Mondex.Bal.pdf - Other
Restricted to Repository staff only
Request a copy

More information

Published date: 2007
Keywords: Retrenchment, Refinement, Verification, Mondex Purse, Atomicity

Identifiers

Local EPrints ID: 262794
URI: http://eprints.soton.ac.uk/id/eprint/262794
PURE UUID: 60060c0e-ce9f-456f-a4a6-8662be3991ac

Catalogue record

Date deposited: 05 Jul 2006
Last modified: 14 Mar 2024 07:18

Export record

Contributors

Author: Richard Banach
Author: Czeslaw Jeske
Author: Michael Poppleton
Author: Susan Stepney
Editor: A Skowron
Editor: W Bartol
Editor: L Polkowski
Editor: H Rasiowa

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×