Title :
The existence of refinement mappings
Author :
Abadi, Martin ; Lamport, Leslie
Author_Institution :
Digital Equipment Corp., Maynard, MA, USA
Abstract :
Refinement mappings are used to prove that a lower-level specification correctly implements a higher-level one. The authors consider specifications consisting of a state machine (which may be infinite-state) that specifies safety requirements and an arbitrary supplementary property that specifies liveness requirements. A refinement mapping from a lower-level specification S/sub 1/ to higher-level one S/sub 2/ is a mapping from S/sub 1/´s state space to S/sub 2/´s state space that maps steps of S/sub 1/´s state machine steps to steps of S/sub 2/´s state machine and maps behaviors allowed by S/sub 1/ to behaviors allowed by S/sub 2/. It is shown that under reasonable assumptions about the specifications, if S/sub 1/ implements S/sub 2/, then by adding auxiliary variables to S/sub 1/ one can guarantee the existence of a refinement mapping. This provides a completeness result for a practical hierarchical specification method.<>
Keywords :
automata theory; automata theory; existence; hierarchical specification method; liveness requirements; lower-level specification; refinement mappings; safety requirements; state machine; Circuits; Safety; State-space methods; Writing;
Conference_Titel :
Logic in Computer Science, 1988. LICS '88., Proceedings of the Third Annual Symposium on
Conference_Location :
Edinburgh, UK
Print_ISBN :
0-8186-0853-6
DOI :
10.1109/LICS.1988.5115
