A pragmatic basis for the formal development of distributed systems

We present a basis for the formal specification and stepwise development of distributed systems, i.e. programs which are intended (at least conceptually) to run on distributed-memory parallel machines which communicate via synchronized message-passing. Our approach was motivated by the need for a practicable formal complement to the informal "bubbles and arrows" reasoning which is typically used by those who develop such programs for real parallel machines. The approach extends the sequential refinement calculus to allow the introduction of CSP-style concurrency. This extension is achieved by augmenting the language of the sequential calculus with appropriate parallel constructs and by replacing the underlying weakest precondition semantics with an extended failures-divergences semantics originally used to give a denotational semantics to occam. The resulting calculus maintains the laws of the original sequential calculus while allowing the seamless introduction of concurrency.