Ada 9X, the revised definition of the Ada programming language, supports object-oriented programming. This paper examines the new, object-oriented features of the language, their use, and how they fit into Ada's strong type system. Basic object-oriented mechanisms are covered, such as inheritance and polymorphism. We then show how to combine these mechanisms into valuable programming techniques; topics include programming by extension, heterogeneous data structures, and mixin inheritance.", } @InProceedings{Barbey94a, author = "St{\'e}phane Barbey and Alfred Strohmeier", booktitle = "{SQM}'94 Second Conference on Software Quality Management, Edinburgh, Scotland, UK, July 26-28 1994", editor = "M. Ross and C. A. Brebbia and G. Staples and J. Stapleton", pages = "411--426", title = "The Problematics of Testing Object-Oriented Software", volume = "2", year = "1994", keywords = "Paper, Testing, Conform", URL = "http://lgl.epfl.ch/pub/Papers/barbey-problematic_of_toos.ps", abstract = "Within object-oriented approaches, testing has almost been ignored in favor of analysis, design, and coding. However, object-orientedness does not solve the problem of testing by itself and may even induce new problems.
Most work in testing has been done with {"}procedure-oriented{"} software in mind. Traditional methods, despite their efficiency, cannot be applied without adaptation to object-oriented systems. In an object-oriented system, the basic unit of testing is a class instead of a subprogram; testing should hence focus on classes and objects. Moreover, it is not possible to test the operations of a class in isolation, as they interact with each other by modifying the state of the object they are applied to.
Sometimes testing object-oriented software can benefit from object-oriented technology, for instance, by capitalizing on the fact that a superclass has already been tested, and by decreasing the effort to test derived classes, which reduces the cost of testing in comparison with a flat class structure.
The object-oriented paradigm can also be a hindrance to testing, due to the nature of some aspects of its very nature: encapsulation, inheritance and polymorphism.
In the presence of encapsulation, the only way to observe the state of an object is through its operations; there is therefore a fundamental problem of observability. Inheritance opens the issue of re-testing. Should operations inherited from ancestor classes be re-tested in the context of the descendant class? A case analysis will show that there is no definite answer.
Polymorphic calls are difficult to test. A test suite must ensure that all possible cases of bindings are covered. Moreover, when extending a software by a new derived class (programming by extension), calls with possible bindings to operations of this new derived class must be re-tested.", } @InProceedings{Barbey94b, author = "St{\'e}phane Barbey and Didier Buchs", booktitle = "Eurospace Ada-Europe'94 Symposium Proceedings, Copenhagen, Danemark, September 26-30 1994", editor = "Marcel Toussaint", note = "Also available as Technical Report EPFL-DI No 94/75", volume = "887", pages = "76--89", publisher = "Springer Verlag", series = "LNCS (Lecture Notes in Computer Science)", title = "Testing of {A}da Abstract Data Types using Formal Specifications", year = "1994", keywords = "Paper, Ada, Testing, Conform", URL = "http://lgl.epfl.ch/pub/Papers/barbey-testing_adt-TR95-75.ps", abstract = "The purpose of this paper is to present an experiment with formal methods for the black-box testing of reusable abstract data types (ADTs). We propose to test a family of software components by re-engineering a formal specification from an existing Ada implementation, using algebraic specifications. From this well-defined basis, we generate test sets automatically, by constructing an exhaustive set of formulae that prove the property preservations of a program with respect to its specifications, and by reducing this set to a finite size by applying reduction hypotheses. Once the selection of a finite test set has been performed, we show how to build the oracle, the decision procedure for the success or the failure of a test set. Finally, we discuss the advantages of test sets generated from the formal specification over those defined by a programmer, based on his intuitive understanding of the behavior of the ADT.", } @InProceedings{Barbey94c, author = "St{\'e}phane Barbey and Manuel Ammann and Alfred Strohmeier", booktitle = "ECSQ'94 (European Conference on Software Quality), Basel, Switzerland, October 17-20 1994", editor = "Karol Fr{\"u}hauf", note = "Also available as Technical Report EPFL-DI No 94/45", pages = "257--267", publisher = "vdf Hochschulverlag AG an der ETH Z{\"u}rich", title = "Open Issues in Testing Object-Oriented Software", year = "1994", keywords = "Paper, Testing, Conform", URL = "http://lgl.epfl.ch/pub/Papers/barbey-open_issues_in_toos-TR94-45.ps", abstract = "While the use of object-oriented development methods has increased the quality of software by leading to better, modular architectures, it does not provide correctness by itself. Thus, testing software remains an important task even in the presence of object-orientedness.
The traditional testing methods decompose software into procedures. However, the dimensions of object-oriented programming are such that this decomposition is ill-fitted for testing object-oriented programs. We address the problems of testing in the three dimensions of object-oriented software: classes, hierarchies, subsystems. The class forms a well-defined basic test unit; however its testing is impeded by encapsulation and inheritance issues. The class hierarchy concept introduces problems of undecidability due to polymorphism. Subsystems are the building blocks in integration testing.
We also study the use of traditional methods and the modifications that are needed to apply them to object-oriented software, e.g. complexity metrics.", } @InProceedings{Barbey94d, author = "St{\'e}phane Barbey and Magnus Kempe and Alfred Strohmeier", booktitle = "TOOLS Europe'94, Versailles, France, March 7-11 1994", series = "Tutorial Notes", title = "Ada 9{X} for Object-Oriented Programming", year = "1994", keywords = "Tutorial, Ada", abstract = "Ada 9X -the revised definition of the Ada programming language- provides support for object-oriented programming. This course examines the new, object-oriented features of the language, their use, and how they fit into Ada's strong type system and genericity mechanisms. Basic object-oriented mechanisms are covered, such as: extension, inheritance, and polymorphism. We then show how to integrate these mechanisms into good programming practices; topics will include incremental programming, heterogeneous data structures, mixin inheritance, and design for reuse. We will also compare standard object-oriented idioms as implemented in Ada vs. other object-oriented languages (e.g. C++, Eiffel).", } @InProceedings{Barbey94e, author = "St{\'e}phane Barbey", booktitle = "TRI-Ada'94 Conference, Baltimore, Maryland, USA, November 6-11 1994", editor = "Charles B. Engle Jr", note = "Also available as Technical Report EPFL-DI No 94/65", pages = "129--140", publisher = "ACM Press", title = "Working with {A}da 9{X} classes", year = "1994", keywords = "Paper, Ada", URL = "http://lgl.epfl.ch/pub/Papers/barbey-working_with_9X_classes-TR94-65.ps", abstract = "Ada 9X refines the Ada 83 concept of class and introduces class-wide types to support run-time polymorphism. We study how the Ada definition of class compares to other definitions of this term. We examine how run-time polymorphism is introduced in Ada 9X, how it relates to the different concepts of subtype, and how it compares with other forms of polymorphism. We also discuss the different uses of class-wide types, mainly as a means for dynamic binding (dispatching). However, since Ada 9X has adhered to the philosophy of building blocks, class-wide entities can be used for other purposes than dispatching. These uses are idioms that every programmer should be aware of. Some of these idioms are presented here. We also examine how classes are integrated with generics.", } @InProceedings{Barbey94g, author = "St{\'e}phane Barbey and Magnus Kempe and Alfred Strohmeier", booktitle = "Ada-Europe'94, Copenhagen (Denmark), September 16-30 1994", series = "Tutorial Notes", title = "Object-Oriented Programming with Ada 9{X}", year = "1994", keywords = "Tutorial, Ada", abstract = "Ada 9X -the revised definition of the Ada programming language- provides support for object-oriented programming. This course offers a comprehensive view of object-oriented programming with Ada; it is divided in three parts. First, we examine the object-oriented features of the language, their use, and how they fit into Ada's strong type system and genericity mechanisms. Basic object-oriented mechanisms are covered: extension, inheritance, and polymorphism. Second, we show how to integrate these mechanisms into good programming practices; topics include incremental programming, heterogeneous data structures, mixin and sibling inheritance. Finally, we compare standard object-oriented idioms in Ada vs. major object-oriented languages (C++, Smalltalk, Eiffel).", } @InProceedings{Barbey94h, author = "St{\'e}phane Barbey and Magnus Kempe and Alfred Strohmeier", booktitle = "OOPSLA'94 (Object-Oriented Programming, Systems, Languages and Applications), Portland, Oregon, USA, October 23-27 1994", number = "44", publisher = "ACM Press", series = "Tutorial Notes", title = "Object-Oriented Programming with Ada 9{X}", year = "1994", keywords = "Tutorial, Ada", abstract = "Ada 9X -the revised definition of the Ada programming language- provides support for object-oriented programming. This course offers a comprehensive view of object-oriented programming with Ada; it is divided in three parts. First, we examine the object-oriented features of the language, their use, and how they fit into Ada's strong type system and genericity mechanisms. Basic object-oriented mechanisms are covered: extension, inheritance, and polymorphism. Second, we show how to integrate these mechanisms into good programming practices; topics include incremental programming, heterogeneous data structures, mixin and sibling inheritance. Finally, we compare standard object-oriented idioms in Ada vs. major object-oriented languages (C++, Smalltalk, Eiffel).", } @InProceedings{Barbey95, author = "St{\'e}phane Barbey", booktitle = "Proceedings of Ada-Europe'95, Frankfurt, Germany, October 2-6 1995", editor = "M. Toussaint", note = "Also available as Technical Report EPFL-DI No 96/164", pages = "406--418", publisher = "Springer Verlag", series = "LNCS (Lecture Notes in Computer Science)", volume = "1031", title = "Testing {A}da 95 Object-Oriented Programs", year = "1995", keywords = "Paper, Ada, Testing, Conform", URL = "http://lgl.epfl.ch/pub/Papers/barbey-testing_ada95_oop.ps", abstract = "We show some of the specific problems for testing software introduced by the object-oriented features of Ada 95, and focus on specification-based testing, since this strategy is the key strategy for testing object-oriented software. We present a theory for testing software by refinement of an exhaustive test set into a finite test set using three reduction hypothesis. We also show how the Oracle problem can be partially solved using some particular features of Ada 95.
Slides: http://lgl.epfl.ch/pub/Papers/barbey-testing_ada95_oop-slides.ps", } @InProceedings{Barbey95a, author = "St{\'e}phane Barbey and Magnus Kempe and Alfred Strohmeier", booktitle = "Ada-Europe'95, Frankfurt (Germany), October 2-6 1995", note = "Also available as Technical Report EPFL-DI No 96/175", series = "Tutorial Notes", title = "Advanced Object-Oriented Programming with Ada 95", year = "1995", keywords = "Tutorial, Ada", abstract = "Ada 95 -the revised definition of the Ada programming language- provides support for object-oriented programming. This course offers a comprehensive view of object-oriented programming with Ada; it is divided in four parts. First, we examine the object-oriented features of the language, their use, and how they fit into Ada's strong type system and genericity mechanisms. Basic object-oriented mechanisms are covered: extension, inheritance, and polymorphism. Second, we show how to integrate these mechanisms into good programming practices; topics include incremental programming, heterogeneous data structures, mixin and sibling inheritance. We then demonstrate the proper use of these features in order to design for reuse, and to transition smoothly from Ada 83 to Ada 95. Finally, we compare standard object-oriented idioms in Ada vs. major object-oriented languages (e.g. C++, Smalltalk, Eiffel).", } @InProceedings{Barbey95b, author = "St{\'e}phane Barbey", booktitle = "Proceedings of TRI-Ada'95, Anaheim, California, November 5-10 1995", editor = "Charles B. {Engle, Jr.}", note = "Also available as Technical Report EPFL-DI No 96/165", pages = "212--225", publisher = "ACM Press", title = "Ada 95 as Implementation Language for Object-Oriented Designs", year = "1995", keywords = "Paper, Ada, OOMethod", URL = "http://lgl.epfl.ch/pub/Papers/barbey-ada95_as_il_for_ood-revised.ps", abstract = "In this paper, we show how Ada 95 can be used as an implementation language for object-oriented designs. We present a strategy to map Fusion class descriptions into Ada specifications, considering the various kinds of qualifiers that can be applied to attributes, and the various ways methods can be mapped. We also discuss issues such as naming conventions, mapping of operations, use of mixins and of generics. Finally, we show how bidirectional associations, that usually end up in a mutual dependency, can be implemented in Ada 95.", } @InProceedings{Barbey95c, author = "St{\'e}phane {Barbey, moderator} and Brad Balfour and Bill Beckwith and David Weller", booktitle = "Proceedings of TRI-Ada'95, Anaheim, California, November 5-10 1995", editor = "Charles B. {Engle, Jr.}", pages = "194--199", publisher = "ACM Press", title = "Experiences in Object-Oriented Programming ({P}anel)", year = "1995", keywords = "Paper, Ada", URL = "http://lgl.epfl.ch/pub/Papers/barbey-experiences_in_oop.ps", abstract = "The goal of this panel is to renew this discussion, now that the language definition is complete, that more complete development environments have found their way to the programmer, and especially that we have more experience with its features. The panel will focus on all aspects of object-oriented programming with Ada 95. The discussion will cover expressivity, programming practices, the match with design methods, integration, and any issue related to Ada in object-oriented software development.", } @InProceedings{Barbey95d, author = "St{\'e}phane Barbey and Magnus Kempe and Alfred Strohmeier", booktitle = "Proceedings of TRI-Ada'95, Anaheim, California, November 5-10 1995", editor = "Charles B. {Engle, Jr.}", note = "Also available as Technical Report EPFL-DI No 96/175", publisher = "ACM Press", title = "Advanced Object-Oriented Programming with {A}da 95", year = "1995", keywords = "Tutorial, Ada", abstract = "Ada 95 -the revised definition of the Ada programming language- provides support for object-oriented programming. This course offers a comprehensive view of object-oriented programming with Ada; it is divided in four parts. First, we examine the object-oriented features of the language, their use, and how they fit into Ada's strong type system and genericity mechanisms. Basic object-oriented mechanisms are covered: extension, inheritance, and polymorphism. Second, we show how to integrate these mechanisms into good programming practices; topics include incremental programming, heterogeneous data structures, mixin and sibling inheritance. We then demonstrate the proper use of these features in order to design for reuse, and to transition smoothly from Ada 83 to Ada 95. Finally, we compare standard object-oriented idioms in Ada vs. major object-oriented languages (e.g. C++, Smalltalk, Eiffel).", } @InProceedings{Barbey95e, author = "St\'ephane Barbey", booktitle = "In the Proceedings of the TRI-Ada'95, Workshop on Design Guidelines for Ada 95, Anaheim, California, November 5-10 1995", publisher = "ACM Press", title = "Annotating Dispatching", year = "1995", keywords = "Paper, Ada", URL = "http://lgl.epfl.ch/pub/Papers/barbey-annotate_dispatching.ps", abstract = "Dispatching calls decrease the understandability of programs, and thus some extra annotations must be given some extra highlight by special annotation. We present and criticize several possibilities to annotate dispatching and re-dispatching calls.", } @InProceedings{Barbey95f, author = "St{\'e}phane Barbey and Magnus Kempe and Alfred Strohmeier", booktitle = "OOPSLA'95 (Object-Oriented Programming, Systems, Languages and Applications), Austin, Texas, USA, October 15 1995", publisher = "ACM Press", series = "Tutorial Notes", title = "Object-Oriented Programming with Ada 95", year = "1995", keywords = "Tutorial, Ada", abstract = "Ada 95 -the revised definition of the Ada programming language- provides support for object-oriented programming. This course offers a comprehensive view of object-oriented programming with Ada; it is divided in three parts. First, we examine the object-oriented features of the language, their use, and how they fit into Ada's strong type system and genericity mechanisms. Basic object-oriented mechanisms are covered: extension, inheritance, and polymorphism. Second, we show how to integrate these mechanisms into good programming practices; topics include incremental programming, heterogeneous data structures, mixin and sibling inheritance. Finally, we compare standard object-oriented idioms in Ada vs. major object-oriented languages (C++, Smalltalk, Eiffel).", } @InProceedings{Barbey96, author = "St{\'e}phane Barbey and Magnus Kempe and Alfred Strohmeier", booktitle = "Tutorial Proceedings of TRI-Ada'96, Philadelphia, Pennsylvania, December 3-7 1996", publisher = "ACM Press", title = "Object-Oriented Programming with {A}da 95", year = "1996", keywords = "Tutorial, Ada", abstract = "Ada 95 -the revised definition of the Ada programming language- provides support for object-oriented programming. This course offers a comprehensive view of object-oriented programming with Ada; it is divided in four parts. First, we examine the object-oriented features of the language, their use, and how they fit into Ada's strong type system and genericity mechanisms. Basic object-oriented mechanisms are covered: extension, inheritance, and polymorphism. Second, we show how to integrate these mechanisms into good programming practices; topics include incremental programming, heterogeneous data structures, mixin and sibling inheritance. We then demonstrate the proper use of these features in order to design for reuse, and to transition smoothly from Ada 83 to Ada 95. Finally, we compare standard object-oriented idioms in Ada vs. major object-oriented languages (e.g. C++, Smalltalk, Eiffel).", } @InProceedings{Barbey96a, author = "St{\'e}phane Barbey and Didier Buchs and C{\'e}cile P{\'e}raire", booktitle = "Proceedings of EDCC2 (European Dependable Computing Conference), Taormina, Italy, October 1996", institution = "EPFL-DI-LGL", note = "Also available as Technical Report EPFL-DI No 96/163, Published in DeVa first year report (December 96)", pages = "303--320", publisher = "Springer Verlag", series = "LNCS (Lecture Notes in Computer Science)", volume = "1150", title = "A Theory of Specification-Based Testing for Object-Oriented Software", year = "1996", keywords = "Paper, Testing, PeraireMain, Conform, peraire", URL = "http://lgl.epfl.ch/pub/Papers/barbey-edcc2-96.ps", abstract = "The current strategies for testing object-oriented software all lack the formal basis which is necessary to perform this task efficiently. We propose the adaptation to object-oriented software of an existing theory of testing for stateless ADTs, to find errors in a class by checking that its implementation meets its specification. We present shortly in an informal way an object-oriented language, CO-OPN/2, in which language we will write the specification. We introduce a notion of test that takes into account the possible and impossible sequences of call of class methods. We examine the black-box test procedure, and give techniques to select a finite and pertinent test set from an exhaustive test set, including all the possible behaviors of the class under test, by applying test reduction hypothesis. We also study the construction of an oracle, the procedure that analyses the results of the tests, adapted to object-oriented software.", } @InProceedings{Barbey96b, author = "St\'ephane Barbey and Didier Buchs and C\'ecile P\'eraire", booktitle = "Tagungsband {"}Qualit{\"a}tsmanagement der objektorientierten Software-Entwicklung{"}, Basel, October 24 1996", pages = "73--112", title = "Overview and Theory for Unit Testing of Object-Oriented Software", year = "1996", keywords = "Testing, Conform, OOMethod, peraire, Paper", URL = "http://lgl.epfl.ch/pub/Papers/barbey-saq96.ps", } @PhdThesis{Barbey97, author = "St{\'e}phane Barbey", address = "D{\'e}partement d'Informatique, 1015 Lausanne, Switzerland", school = "Ecole Polytechnique F{\'e}d{\'e}rale de Lausanne", number = "1753", title = "Test Selection for Specification-Based Testing of Object-Oriented Software Based on Formal Specifications", year = "1997", keywords = "OOMethod, Testing, Conform, PhD", URL = "http://lgl.epfl.ch/pub/Papers/barbey-thesis.pdf", abstract = "Traditional testing techniques cannot be directly applied to object-oriented software systems because of some features of this paradigm, namely history, encapsulation, inheritance and polymorphism. We propose a specification based strategy for test selection to verify the interactions of the methods of an object or of a cluster of objects. Its essence is to perform selection as a reduction process. The exhaustive test set which serves as reference of correctness is transformed into a practicable test set by applying hypotheses on the program under test. The number of cases that must be tested is reduced while preserving the integrity of the test set. The oracle is implemented as an observational equivalence, which allows disregarding the internal representation of objects.
Besides analyzing the problems induced by the object-oriented paradigm, the main contribution of the thesis is to present a set of hypotheses specific to object-oriented systems. Regularity hypotheses are m:n generalizations of the program behavior and allow specifying the shape of test cases. Uniformity hypotheses are 1:n generalizations of the program behavior. Used in conjunction with subdomain decomposition, they ensure a good coverage of the specification. Incrementallity hypotheses are applied to take advantage of the hierarchy relationships inside object models by reusing test cases already selected for parent classes to test subclasses. Other hypotheses are proposed to limit the impact of polymorphism by taking into account the properties of the subtyping relationships.
For further information, please go to my PhD home page.", } @TechReport{Barbey98, author = "St{\'e}phane Barbey and Didier Buchs and C{\'e}cile P{\'e}raire", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", number = "DI/98/298", title = "Modelling the Production Cell Case Study using the Fusion Method", year = "1998", keywords = "Paper, Fusion, peraire", URL = "http://lgl.epfl.ch/pub/Papers/Barbey98-298.ps.gz", abstract = "The purpose of this work is to evaluate, by means of a case study, our formal testing method for object-oriented software. For this purpose we propose the development of an object-oriented application of realistic size, addressing all the phases of the software life-cycle: requirements, analysis, design, formal description, implementation and testing. Analysis and design are performed with the Fusion method, formal description with the CO-OPN language, implementation with Ada 95 and test selection with our testing method. This report presents the description of the production cell case study and Fusion models. The formal description and testing phase are presented in technical report EPFL-DI 98/299.", } @TechReport{Barbey98a, author = "St\'ephane Barbey and Didier Buchs and C\'ecile P\'eraire and Alfred Strohmeier", address = "CH-1015 Lausanne. Switzerland", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", number = "DI/99/303", title = "Incremental Test Selection for Specification-Based Unit Testing of Object-Oriented Software Based on Formal Specifications", year = "1998", keywords = "Testing, Conform, OOMethod, Paper, peraire", URL = "http://lgl.epfl.ch/pub/Papers/barbey-unpublished.ps", abstract = "We propose a test case selection methodology for object-oriented software. This methodology is based on formal specifications and is aimed at verifying the correctness of method interaction of an object or a cluster of objects. The essence of this methodology is to select test cases by a reduction process. The exhaustive test set, the reference for correctness, is transformed into a practicable test set by applying hypotheses to the objects. We present a set of hypotheses specific to object-oriented systems. Regularity hypotheses are m:n generalizations of the unit behaviour and provides for specifying the shape of test cases. Uniformity hypotheses are 1:n generalizations. Used in conjunction with subdomain decomposition, they guarantee a coverage of the specification. Incrementallity hypotheses take advantage of the subtyping and subclassing relationships to justify the reuse of test cases.", } @InProceedings{Barbey98b, author = "St{\'e}phane Barbey and Didier Buchs and Marie-Claude Gaudel and Bruno Marre and C{\'e}cile P{\'e}raire and Pascale Th{\'e}venod-Fosse and H{\'e}l{\`e}ne Waeselynck", booktitle = "Published in DeVa Third Year Report", month = dec, pages = "331--384", title = "From Requirements to Tests via Object-Oriented Design", year = "1998", keywords = "Paper, Testing, Conform, peraire, PeraireMain", URL = "http://lgl.epfl.ch/pub/Papers/barbey-DeVa98.ps", abstract = "This paper studies testing in an object-oriented (OO) development process. It is based on the production cell case study. A control program for the production cell has been developed using both the Fusion method, for OO analysis and design, and the formal notation CO-OPN, as an intermediate between the OO design and an implementation in Ada 95. The paper describes the application of a statistical testing method, developed at LAAS, where test inputs are derived from the OO analysis documents, and the application of a formal testing method, developed at EPFL, where test inputs are derived from CO-OPN descriptions. Then various problems which have appeared during the case study are reported. They mainly concern controllability and observability issues and caused some iteration and backtrack on OO analysis and design. The paper concludes by sketching a notion of OO design for testability.", } @InProceedings{Barbey:97:OOPA, author = "St{\'e}phane Barbey and Alfred Strohmeier", booktitle = "International Conference on Reliable Software Technologies, Ada-Europe'97, London, U.K, June 1-6 1997", series = "Tutorial Notes", title = "Object-Oriented Programming with Ada 95", year = "1997", keywords = "Tutorial, Ada", } @InProceedings{Bastide:97:MFMOODC, author = "Remi Bastide and Didier Buchs", booktitle = "Workshop Reader, ECOOP Conference 1997", editor = "Stuart Mitchell and Jan Bosch", pages = "221--255", publisher = "Springer Verlag", series = "LNCS (Lecture Notes in Computer Science)", title = "Models, Formalisms and Methods for Object Oriented Distributed Computing", volume = "1357", year = "1997", keywords = "Conform", } @InProceedings{Beringer93, author = "Dorothea Beringer", booktitle = "Sonderausgabe OUTPUT - Objektorientierte Systeme, November 1993", title = "Der Weg zum Objektmodell", year = "1993", keywords = "OOMethod", abstract = "Das Objektmodell ist das Kernstueck der meisten objektorientierten Analyse- und Designmethoden. Die Unterschiede der verschiedenen Methoden liegen vor allem darin, wie das Objektmodell erstellt wird. Anhand der Methode Fusion wird gezeigt, wie die Erarbeitung des Objektmodells durch eine explizite Anforderungsdefinition erweitert werden kann.", } @InProceedings{Beringer94, author = "Dorothea Beringer", booktitle = "TOOLS Europe'94, Paris-Versailles, March 7-10 1994", note = "Also available as Technical Report EPFL-DI No 94/40", pages = "161--171", title = "Limits of Seamlessness in Object-Oriented Software Development", year = "1994", keywords = "OOMethod", URL = "http://lgl.epfl.ch/pub/Papers/beringer-seamlessness.ps", abstract = "Seamlessness is a promise often used to promote object orientation, and the use of object orientation in the different domains and in the different stages of the software development process has brought great improvements in seamlessness.
Where can we find seamlessness? And are there different kinds of seamlessness? In this paper we look at seamlessness starting with the different models found in large software developments. To give a common base for the discussion a model architecture is presented and different aspects of seamlessness are defined. We then show on a general level, where object orientation has already brought some seamlessness, where it will hopefully bring a higher degree of seamlessness in the future and where it cannot bring seamlessness due to restrictions inherent to the model architecture. The emphasis of the discussion is not to present a complete theoretical treatment but rather to help software developers to judge the many claims about seamlessness.", } @InProceedings{Beringer95, author = "Dorothea Beringer", booktitle = "SQM'95 Third International Conference on Software Quality Management, Sevilla, Spain, 1995", editor = "M. Ross and C. A. Brebbia and G. Staples and J. Stapleton", note = "Also available as Technical Report EPFL-DI No 95/111", pages = "469--480", title = "The Model Architecture Frame: Quality Managment in a Multi Method Environment", volume = "1", year = "1995", keywords = "OOMethod", URL = "http://lgl.epfl.ch/pub/Papers/beringer-SQM95submission.ps", abstract = "Most quality management systems (QMS) which integrate software development are based on a single software development method. This particular method is enforced on all projects. The resulting QMS has to fulfil the ISO 9000 standards [13] and enables the control of the projects and the improvement of the development process, supporting it with all necessary guidelines and providing one terminology for the whole company. However, using only one specific method is not necessarily the best solution for a company with very heterogeneous projects and products. Requirements of customers, existing experience and training in the teams, projects still using structured methods and newer ones using object-oriented methods, adaptation of methods for special circumstances, and evolving modelling techniques, all of these factors call for the coexistence of different modelling methods within one company. If a QMS is based on only a single method, many projects might run outside the quality management regulations, unless the QMS excludes the details of the software development process.
This problem can be overcome by the use of model architectures and model architecture frames. A model architecture describes the models that are developed within one specific method or project. All the different model architectures are derived from the generic model architecture frame. Such a frame, and not just one specific method, becomes the basis for the company wide regulations.
This paper describes reasons for having multiple methods and life cycle models within one QMS, explains the basic concepts of defining a QMS using model architectures and model architecture frames, and shows how this approach may be applied in a project.", } @TechReport{Beringer95a, author = "Dorothea Beringer", address = "Lausanne, Switzerland", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", number = "DI/96/215", title = "Modelling Global Behaviour in Object-Oriented Analysis: Scenarios, Use Cases and Interaction Diagrams", year = "1996", keywords = "OOMethod", URL = "http://lgl.epfl.ch/pub/Papers/beringer-overview_scenarios.ps.Z", abstract = "Most software development methods define notations for modelling global behaviour. Many of these notations use interaction diagrams to model possible sequences of interactions between a system and its environment, or between the objects of the system. Other methods use structured textual descriptions or regular expressions for specifying use cases or use scenarios. Although many methods use similar notations, there are often substantial differences in their underlying concepts and in the content expressed by the diagrams. On the other hand, completely different notations use sometime the same concepts and show the same aspects of the global behaviour of a system. In this document we investigate the characteristics of different notations. We show what their underlying concepts are and how they relate to each other. Finally, we give an overview of the techniques that are used by some of the current object-oriented analysis methods for modelling global behaviour.", } @InProceedings{Beringer95b, author = "Dorothea Beringer", booktitle = "Position Paper", month = jul, title = "An Enhanced Scenario Modelling Technique for Object-Oriented Analysis", year = "1995", keywords = "OOMethod", URL = "http://lgl.epfl.ch/pub/Papers/beringer-position_paper_scenarios.ps", abstract = "During the last years, scenarios, use-cases and other techniques for modelling the global behaviour have been introduced into object-oriented analysis. However, aggregation and generalisation of scenarios as well as the integration of scenarios reflecting different abstraction levels are usually not supported. By integrating these concepts into an enhanced scenario modelling technique we could overcome some of the drawbacks of current approaches, e.g. their limitation to monolithic systems with fixed automation boundaries, their restriction to flat event structures, and their insufficient support of the transition from analysis to design.", } @TechReport{Beringer96a, author = "Dorothea Beringer", address = "Lausanne, Switzerland", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", number = "DI/96/216", title = "The Goals of the Analysis Model", year = "1996", keywords = "OOMethod", URL = "http://lgl.epfl.ch/pub/Papers/beringer-goals_analysis.ps.Z", abstract = "When developing an analysis model, the notation itself does not suffice for determining the content of the analysis model and the end of the analysis process. For this, the goals and intents of the analysis model are used, either implicitly or explicitly. In this report we take a look at various possibilities to define the term analysis and the goals of the analysis model. We start with considering the reference model of the problem solving cycle. We examine the definitions that refer to analysis as the {"}what{"} in opposite to the {"}how{"}, or as the problem definition phase of a problem solving cycle. We then continue with a discussion of various criteria (like technology independence, real word model, unambiguous or essential model) that are often used to specify the goals of an analysis model. Difficulties that arise with these criteria are that they cannot be combined arbitrarily and that some of them are very vague; we propose therefore also some more concrete formulations. In the last part of the report we take a closer look at some misconceptions and intent clashes that are due to a too idealistic model of the software development process. Objective real world models, analysis models that are stable after the analysis phase and analysis models that are equal to the high-level view of the final software system are often attempted, but are normally not realistic. This leads to intent clashes with the desire for a seamless and easy controllable development process. We explain these intent clashes and we also describe the three different approaches taken by software development methods to cope with these intent clashes.", } @PhdThesis{Beringer97, author = "Dorothea Beringer", address = "Departement d'Informatique, 1015 Lausanne, Switzerland", month = may, school = "Ecole Polytechnique Federale de Lausanne", number = "1655", title = "Modelling Global Behaviour with Scenarios in Object-Oriented Analysis", year = "1997", keywords = "OOMethod, Scenarios", URL = "http://lgl.epfl.ch/pub/Papers/beringer-thesis.ps.Z", abstract = "This thesis investigates the concepts commonly used for modelling global behaviour in object-oriented analysis methods (use cases, interaction diagrams, scenarios, scripts etc.). It describes some common drawbacks of current approaches (e.g. assumption of having a flat list of independant scenario types on exactly one abstraction level), discusses the reasons for these drawbacks and proposes an enhanced scenario modelling technique that offers e.g. hierarchies of services.
Full abstract of the thesis.", } @InProceedings{Berry94, author = "P.-M Berry and Didier Buchs and L. Friha", address = "Zaragoza, Espagne", booktitle = "15th International Conference on Application and Theory of Petri Nets, Workshop on Computer-Supported Cooperative Work, Petri Nets and Related Formalisms, June 21 1994", title = "Agent modelling using Structured Algebraic Petri Nets in {DISA}", year = "1994", keywords = "Conform", } @InProceedings{Besrour:02:COFNSR, author = "Adel Besrour and Didier Buchs", booktitle = "IEEE International conference on Systems, Man and Cybernetics", title = "Man-Machine Occupational Risk Modeling ({MORM})", month = mar, publisher = "IEEE Press", pages = "234--239", year = "2002", keywords = "Conform", } @InProceedings{Biberstein94, author = "Olivier Biberstein and Didier Buchs", booktitle = "IS-CORE Workshop (ESPRIT), Amsterdam, September 27-30 1994", note = "Also available as Technical Report EPFL-DI No 94/76", title = "An Object Oriented Specification Language based on Hierarchical Petri Nets", year = "1994", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/biber-iscore94coopn2.ps", abstract = "During the last few years there has been significant interest in combining the benefits of an object-oriented approach with Petri net formalism which is suitable to modelling and simulation of concurrent systems. Nevertheless, for modelling some system behaviour dynamic creation of new components is often needed. In this paper we introduce a formalism based on algebraic Petri nets using the object-orientation paradigm. Object classes are specified by means of algebraic Petri nets, synchronization expressions link the class instances and static as well as dynamic creation of objects is allowed. Inheritance and subtyping are considered as two different mechanisms. Inheritance is viewed as a duplication mechanism while subtyping is considered at a semantic level as a relation between models. The order-sorted algebras framework captures the subtyping notion between the objects which are identified by order-sorted values. Language semantics is defined through distributed transition systems over the models of algebraic specification.", } @TechReport{Biberstein95, author = "Olivier Biberstein and Didier Buchs and Mathieu Buffo and Christophe Buffard and Jacques Flumet and Jarle Hulaas and Giovanna di Marzo and Pascal Racloz", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", number = "DI/95/133", title = "{SANDS1}.5/{COOPN1}.5 An Overview of the Language and its Supporting Tools", year = "1995", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/biber-main.ps", abstract = "In this document we give an overview of the CO-OPN/1.5 (Concurrent Object-Oriented Petri Nets) specification language and describe the features of each tool provided in the SANDS/1.5 (Structured Algebraic Net Development System) development environment. The CO-OPN/1.5 language is a specification language devised to support the development of large concurrent systems. The underlying formalisms of the language are algebraic specifications and Petri nets in which tokens correspond to algebraic values. Furthermore, in order to deal with large specifications, some structuring principles have been introduced and in particular, object-orientation paradigm has been adopted for the Petri nets. This means that a CO-OPN/1.5 specification is a collection of objects which interact concurrently. Interaction between the objects is achieved by means of synchronization expressions which allow the designer to select the object interaction policies. The development system provides many different tools such as a syntax checker, a simulator, a property verifier based on temporal logic, a graphic editor, a transformation tool supporting the derivation of specifications, an Ada translator which allows to analyze Ada programs in the CO-OPN/1.5 framework, and a MIMD compiler.", } @InProceedings{Biberstein95a, author = "Olivier Biberstein and Didier Buchs", editor = "G. Agha and F. de Cindio", journal = "Workshop on Object-Oriented Programming and Models of Concurrency'95", note = "Turin", pages = "131--145", title = "Structured Algebraic Nets with Object-Orientation", year = "1995", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/biber-t1.ps", } @InProceedings{Biberstein95b, author = "Olivier Biberstein and Didier Buchs", booktitle = "IS-CORE Workshop, Evry, 1995", pages = "73--75", title = "Concurrency and Object-Orientation with Structured Algebraic Nets", year = "1995", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/biber-t2.ps", } @TechReport{Biberstein96, author = "{Olivier Biberstein, Didier Buchs} and Nicolas Guelfi", address = "Lausanne, Switzerland", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", number = "DI/96/167", title = "{COOPN}/2 : {A} Specification Language for Distributed Systems Engineering", year = "1996", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/biber-TR96-167.ps", abstract = "In this article we present the concurrent object-oriented specification language COOPN/2 which extends the COOPN (Concurrent Object Oriented Petri Nets) formalism, destined to support the development of large heterogenous distributed systems. The development of distributed applications has recently been the subject of intensive research, due to potential benefits that can be expected to offer in increasing reliability and overall performance of computer processing. One way of improving the effectiveness of the distributed system construction is to adopt a rigorous approach for system development, based on structuring principles. The COOPN/2 approach proposes a specification language, based on the object-oriented paradigm, which includes a fine description of true concurrent behaviors.
This hybrid approach (model and property-oriented) allows for a description of the concurrent aspects through the use of a high-level Petri nets formalism which includes data structures expressed with the algebraic abstract data types and a synchronization mechanism for building hierarchies of abstraction. This latter notion is the concept which is used in structuring applications.
Interesting properties of COOPN, such as the progressive refinement of specifications, allow for the building of systems in an incremental manner.In this article, we introduce COOPN/2 informally, by means of a typical example of distributed systems, the transit node, in order to introduce each useful and innovative mechanism of the language. Then, in the context of distributed software engineering with COOPN/2, we present our current works done in order to provide formal methods for several steps of a life cycle model test, prototyping, analysis,....).
Keywords: software engineering, formal specification language, refinement, prototyping, distributed systems, object orientation, concurrency, Petri nets, algebraic specification.", } @InProceedings{Biberstein96a, author = "{Olivier Biberstein, Didier Buchs} and Nicolas Guelfi", booktitle = "IMACS-IEEE-SMC conference on Computational Engineering in Systems Application (CESA'96), Lille, France, 1996", note = "Also available as Technical Report EPFL-DI No 96/187", title = "Using the {COOPN}/2 Formal Method for Groupware Systems Engineering", year = "1996", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/biber-CESA_96.ps", abstract = "COOPN/2 (Concurrent Object Oriented Petri Nets) is an object-oriented specification formalism based on Petri Nets and algebraic specifications. It is fully adapted to the specification of complex concurrent systems because it inherits the advantages of algebraic specifications for the specification of abstract data types, from Petri nets to describe partially ordered events and from the object-oriented paradigm for the 'structuring' of the specification. All these features are especially useful when speaking about groupware systems, which are application which demand rich modeling capabilities on concurrency and structuring. This paper explains the major principles for the specification of groupware systems with COOPN/2. This is done by mapping groupware concepts into COOPN/2 concepts and is demonstrated by means of an example of shared distributed diaries. Furthermore, we present the work done on the methodological approach for the development of concurrent object-oriented systems with COOPN/2 which cover analysis, specification, design, prototyping and testing. groupware, replication, object-orientation, distributed systems, formal methods, Petri Nets, algebraic specification of abstract data types, software engineering.
Keywords : groupware, replication, object-orientation, distributed systems, formal methods, Petri Nets, algebraic specification of abstract data types, software engineering.", } @InProceedings{Biberstein96b, author = "Olivier Biberstein and Didier Buchs and Nicolas Guelfi", booktitle = "Workshop on Object-Oriented Programming and Models of Concurrency'96, Osaka, Japan, 1996", editor = "G. Agha and F. de Cindio", title = "Modeling of Cooperative Editors Using {COOPN}/2", year = "1996", keywords = "Conform, OOMethod", URL = "http://lgl.epfl.ch/pub/Papers/biberOOPMC_96.ps", abstract = "In this paper we describe how to use the COOPN/2 (Concurrent Object-Oriented Petri Net) formalism, by developing a case study on groupware or, more specifically, on a cooperative editor of hierarchical diagrams. First of all, we present COOPN/2 and describe how some aspects specific to object orientation, such as the notions of class/object, of object reference and of the distinction between inheritance and sub-typing, are taken into account within the formalism. Afterwards, we show how these notions may be used for the modeling and the design of an editor of hierarchical Petri nets and discuss some points related to the concurrency. Finally, we show how flexible our modeling architecture is by giving some insight into to the design of other kinds of cooperative diagram editors.
Keywords: groupware, object-orientation, distributed systems, formal methods, Petri nets, algebraic specification, software engineering.", } @TechReport{Biberstein96c, author = "Olivier Biberstein and Didier Buchs and Nicolas Guelfi", address = "Lausanne, Switzerland", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", number = "DI/96/184", title = "{COOPN}/2 Applied to the Modeling of Cooperative Structured Editors", year = "1996", keywords = "Conform, OOMethod", URL = "http://lgl.epfl.ch/pub/Papers/biberTR96_184.ps", abstract = "In this paper we describe how to use the COOPN/2 (Concurrent Object-Oriented Petri Net) formalism, by developing a case study on groupware or, more specifically, on a cooperative editor of hierarchical diagrams. First of all, we present COOPN/2 and describe how some aspects specific to object orientation, such as the notions of class/object, of object reference and of the distinction between inheritance and sub-typing, are taken into account within the formalism. Afterwards, we show how these notions may be used for the modeling and the design of an editor of hierarchical Petri nets and discuss some points related to the concurrency. Finally, we show how flexible our modeling architecture is by giving some insight into to the design of other kinds of cooperative diagram editors.", } @PhdThesis{Biberstein:97:CAOOFSCS, author = "Olivier Biberstein", month = jul, school = "University of Geneva", title = "{CO}-{OPN}/2: An Object-Oriented Formalism for the Specification of Concurrent Systems", year = "1997", keywords = "formal specification, nets, concurrency, formal methods, subtyping", URL = "http://lgl.epfl.ch/pub/Papers/biberstein-thesis97.ps.gz", abstract = "In this thesis we formally define the syntactic and semantic aspects of the object-oriented formalism, called CO-OPN/2 (Concurrent Object-Oriented Petri Nets), which is devised for the specification and the modeling of large concurrent systems. Moreover, we propose a concrete specification language which supports the formalism and which is used in numerous examples. CO-OPN/2 belongs to the category of algebraic nets, i.e. a powerful combination of algebraic specifications and Petri nets. The former underlying formalism is used to describe the data structures and the functional aspects of a system, while the latter serves to model its operational and concurrent features. Our approach fully integrates the most important notions specific to object orientation: encapsulation, class of objects, dynamic creation/destruction, concurrency, subtyping, and inheritance. The original and innovative features of CO-OPN/2 are its sophisticated synchronization mechanism, the definition of subtyping based on bisimulation, and the explicit distinction between inheritance and subtyping. A static and a dynamic semantics of the formalism are provided. As for the dynamic semantics, it consists in a step semantics expressed in terms of transition systems and constructed by means of a set inference rules. These inference rules have been designed to deal differently with internal and external object events. In addition, special care has been directed to provide the maximal flexibility concerning the dynamic creation/destruction and the concurrency. Finally, in order to demonstrate the adequacy of our approach we adopted a common case study. This case study deals with the specification of a collaborative editor of structured diagrams.", } @InProceedings{Biberstein:97:CCOOF, author = "Olivier Biberstein and Didier Buchs and Nicolas Guelfi", booktitle = "Proc. Second IFIP Conf. on Formal Methods for Open Object-Based Distributed Systems (FMOODS), Canterbury, UK, July 21-23 1997", pages = "57--72", publisher = "Chapman and Hall, London", title = "{CO-OPN/2}: {A} Concurrent Object-Oriented Formalism", year = "1997", URL = "http://lgl.epfl.ch/pub/Papers/biber_fmoods97.ps.gz", } %% @INCOLLECTION{Biberstein:97:OONASCF, %% AUTHOR = {Olivier Biberstein and Didier Buchs and Nicolas Guelfi}, %% BOOKTITLE = {Advances in Petri Nets on Object-Orientation}, %% EDITOR = {G. Agha and F. De Cindio}, %% PUBLISHER = {Springer Verlag}, %% SERIES = {LNCS (Lecture Notes in Computer Science)}, %% VOLUME = {2001}, %% TITLE = {Object-Oriented Nets with Algebraic Specifications: The {CO-OPN/2} Formalism}, %% YEAR = {1997}, %% URL = {http://lgl.epfl.ch/pub/Papers/biber_lncs97.ps.gz}, %% } @InCollection{Biberstein:01:OONWASCF, author = "Olivier Biberstein and Didier Buchs and Nicolas Guelfi", booktitle = "Advances in Petri Nets on Object-Orientation", editor = "G. Agha and F. De Cindio and G. Rozenberg", publisher = "Springer Verlag", series = "LNCS (Lecture Notes in Computer Science)", title = "Object-Oriented Nets with Algebraic Specifications: The {CO-OPN/2} Formalism", year = "2001", volume = "2001", pages = "70--127", month = may, URL = "http://lgl.epfl.ch/pub/Papers/biber_lncs97.ps.gz", note = "(the URL points to a preliminary version of the article)", ISBN = "3-540-41942-X", } @InProceedings{Binder:2004:ECOOP-CPUAccounting, author = "Walter Binder and Jarle Hulaas", title = "{Portable CPU Accounting in Java}", address = "Oslo, Norway", year = "2004", month = jun, booktitle = "10th ECOOP Workshop On Mobile Object Systems", URL = "http://cui.unige.ch/~ecoopws/", keywords = "ResMan, JRAF2, J-RAF2, Java", } @Article{Binder:2004:IEEEInternetComputing, author = "Walter Binder and Jarle Hulaas", title = "A Portable {CPU}-Management Framework for {J}ava", journal = "IEEE Internet Computing", year = "2004", month = sep # "/" # oct, volume = "8", number = "5", pages = "74--83", URL = "http://www.jraf2.org/", keywords = "ResMan, JRAF2, J-RAF2, Java", } @InProceedings{Binder:2004:JDKExtension, author = "Walter Binder and Jarle Hulaas", title = "Extending Standard {J}ava Runtime Systems for Resource Management", address = "Linz, Austria", year = "2004", month = sep, booktitle = "Software Engineering and Middleware (SEM 2004)", series = "LNCS", volume = "3437", pages = "154--169", URL = "http://www.jraf2.org/", keywords = "ResMan, JRAF2, J-RAF2, Java", } @InProceedings{Binder:2005:BytecodeTransformations, author = "Walter Binder and Jarle Hulaas", title = "Java Bytecode Transformations for Efficient, Portable {CPU} Accounting", booktitle = "Bytecode 2005 (the First Workshop on Bytecode Semantics, Verification, Analysis and Transformation)", address = "Edinburgh, Scotland", month = apr, year = "2005", series = "{ENTCS} (Electronic Notes in Theoretical Computer Science)", volume = "not yet available", keywords = "ResMan, JRAF2, J-RAF2, Java", URL = "http://www.jraf2.org/", } @InProceedings{Binder:2005:PortableMetrics, author = "Walter Binder and Jarle Hulaas", title = "Using Virtual Machine Instruction Counting as Portable {CPU} Consumption Metrics", booktitle = "QAPL'05 (3rd Workshop on Quantitative Aspects of Programming Languages)", address = "Edinburgh, Scotland", month = apr, year = "2005", series = "{ENTCS} (Electronic Notes in Theoretical Computer Science)", volume = "not yet available", keywords = "ResMan, JRAF2, J-RAF2, Java", URL = "http://www.jraf2.org/", } @TechReport{Binder:2005:ExactProfiling, author = "Walter Binder and Jarle Hulaas", title = "Exact and Portable Profiling for Java Using Bytecode Instruction Counting", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", type = "Technical Report", month = mar, year = "2005", number = "EPFL-IC-2005011", keywords = "ResMan, Java", } @InProceedings{Brunet94, author = "Denis Brunet and Didier Buchs and Daniel Monteiro and Fabrice Mourlin", booktitle = "FIP WG10.3 Working Conference on Programming Environments for Massively Parallel Distributed Systems, Monte Verita, Ascona, April 25-29 1994", title = "Parallel Distributed Algorithm Design through Specification Transformation: The Asynchronous Vision System", year = "1994", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/brunet-asynchronousvisionsystem.ps", abstract = "We present a constructive approach to the realization of a parallel system for the vision processing. This approach follows the classical software engineering principles: analysis, specification, design and implementation. The language CO-OPN (Concurrent Object Oriented Petri Net) is used to discribe the specification and the design of such system, while the implementation has been performed on a transputer machine. The writting of the CO-OPN specifications has been supported by the SANDS environement (Structured Algebraic Nets Development System) which also allow to simulate the behavior of the modelled system in an abstract way. A module, the main piece of the vision system, is presented that can be used for composing a computer vision architecture exploiting asynchronous data flows. This module is general enough to be duplicated and interconnected into a uniform graph. A module works by grouping asynchronous pieces of information coming through a channel, which delays them according to their relevance to the task of the module. The traditional separation between quantitative and symbolic processings vanishes since the module allows them to be implemented in a uniform way. The abstract specification of such principle is proposed, followed by a transformation refining this abstract specification into a concrete specification by introducing a distributed algorithm The concrete specification serves as the reference for the implementation on the distributed machine. We present a constructive approach to the realization of a parallel system for the vision processing. This approach follows the classical software engineering principles: analysis, specification, design and implementation. The language CO-OPN (Concurrent Object Oriented Petri Net) is used to discribe the specification and the design of such system, while the implementation has been performed on a transputer machine. The writting of the CO-OPN specifications has been supported by the SANDS environement (Structured Algebraic Nets Development System) which also allow to simulate the behavior of the modelled system in an abstract way. A module, the main piece of the vision system, is presented that can be used for composing a computer vision architecture exploiting asynchronous data flows. This module is general enough to be duplicated and interconnected into a uniform graph. A module works by grouping asynchronous pieces of information coming through a channel, which delays them according to their relevance to the task of the module. The traditional separation between quantitative and symbolic processings vanishes since the module allows them to be implemented in a uniform way. The abstract specification of such principle is proposed, followed by a transformation refining this abstract specification into a concrete specification by introducing a distributed algorithm The concrete specification serves as the reference for the implementation on the distributed machine.", } @InProceedings{Buch93a, author = "Didier Buchs and Fabrice Mourlin and Lorens Safavi", booktitle = "Software Engineering for Parallel Systems, Germany, September 20-24 1993", organization = "World Transputer Congress in Aachen", publisher = "IOS Press", title = "{CO}-{OPN} for specifying a distributed termination detection algorithm", volume = "3", year = "1993", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/buchs-distributedtermination.ps", abstract = "The SANDS environment along with the CO-OPN specification formalisms are presented. The latter permitting specification of data types and concurrency through the use of modular algebraic specifications and structured algebraic nets based upon an object oriented approach. System specification will be demonstrated through an ascending distributed termination detection algorithm. Major aspects of the environment and the CO-OPN formalism will be discussed.", } @InProceedings{Buch96c, author = "Didier Buchs", booktitle = "Neuvi\`eme journ\'ees internationales, Le g\'enie logiciel et ses applications, Revue g\'enie logiciel, November 18-21 1996", title = "{M}\'ethodes formelles pour le d\'eveloppement et la v\'erification de logiciels", year = "1996", keywords = "Testing, Conform, OOMethod", URL = "http://lgl.epfl.ch/pub/Papers/buchs_cgl_96.ps", abstract = "Cet article pr\'esente les diff\'erents composants d'une m\'ethode de d\'eveloppement de logiciel int\'egr\'ee. Nous soulignerons la n\'ecessit\'e de fournir un cadre coh\'erent l'int\'egration des activit\'es de sp\'ecification, d'impl\'ementation et de v\'erification. L'usage de m\'ethodes formelles sera \'etudi\'e en montrant, l'importance de la s\'emantique dans la formalisation des techniques de d\'eveloppement ainsi que la n\'ecessit\'e de supporter un d\'eveloppement incr\'emental. L'incr\'ementalit\'e est situ\'ee au niveau de l'\'elaboration de la sp\'ecification et au niveau de la construction des programmes. Finalement nous pr\'esenterons une r\'ealisation concr\`ete de syst\`eme de d\'eveloppement bas\'e sur le formalisme CO-OPN que nous avons men\'e \`a l'EPFL, dont une partie est support\'ee par des outils int\'egr\'es dans l'environnement SANDS.", } @InProceedings{Buchs93, author = "Didier Buchs and Pascal Racloz", booktitle = "8th International Symposium on Computer and Information Sciences, Istambul, November 3-5 1993", pages = "189--196", title = "Symbolic Proof of {CTL} Formulae over Petri Nets", year = "1993", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/buchs-symbolicproofsoverpn.ps", abstract = "We present a method for proving properties of Petri nets expressed in the branching time temporal logic CTL. The framework of CTL formulae, viewed through the notions of predicates and predicate transformers in the context of Petri nets, is also presented. By overcoming the normal limitation of model checking which restricts its applicability to finite state systems this improvement will allow the use of symbolic model checking. The new concept of predicate structure, a symbolic representation of a set of markings of a Petri net, is defined together with a set of associated operations.", } @InProceedings{Buchs93b, author = "Didier Buchs and Jacques Flumet and Pascal Racloz", booktitle = "14th International Conference on Application and Theory of Petri Nets, Tool presentation abstracts, Chicago, USA, June 1993", editor = "Ugo Buy", pages = "25--29", title = "{SANDS}: Structured Algebraic Net Development System", year = "1993", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/buchs-ManualCO-OPN.ps", abstract = "SANDS is a development tool based on structured algebraic nets. The environment is composed of the following features:
- Algebraic nets allowing the definition and use of structured tokens by means of algebraic specifications. Apart from reducing the size of a model these nets are accurate in describing data transformations during the evolution of the system being modelled;
- Structured nets necessary for large system developments.
The latter two components form together the language used and understood by the environment.
The development environment provides the user with an application simulation tool. This component provides immediate views of any modifications brought to the system being modelled. The environment also permits modifications to the automatically generated code through manual insertions or deletions of C or Prolog instructions.
Model semantics possess a well formalized underlying theory. Connections with other theories are numerous and offer a large range of possibilities for describing and proving properties about systems. We can mention amongst other rewriting systems, bisimulation (behaviour comparison between two system models), refinement of objects, algebraic specifications and proof of temporal logic properties used as a more abstract specification language.
The user builds and structures his model as a set of algebraic nets called 'objects' representing either instances or classes depending on the context of the modelling. These objects are related to each other by synchronization links which determine and limit the way the objects can evolve concurrently. Algebraic specifications and objects can be used in three different ways: they can be generic, 'ground' or instantiated. The underlying model, namely CO-OPN (Concurrent Object-Oriented Petri Nets), is described in more depth in: 'CO-OPN: A Concurrent Object- Oriented Petri Nets' International Conference on Application and Theory of Petri Nets, Aarhus June 1991.
SANDS has two main components: the CO-OPN graphical editor and the simulation tool. Both parts are independent in the following sense: the user can develop his model inside the graphical editor and call the simulation tool from the editor, on the other hand he can use the CO-OPN specification language to describe his model in a textual way and then use the simulation tool after having verified the validity of the specification with the compiler. Moreover these possibilities can be mixed. The user can also modify the specifications by editing the file generated by the graphical editor (written in the CO-OPN language). The graphical tool can be avoided, if desired, through hand written specifications describing the model; a specification made in the CO-OPN language can also be loaded and then modified in the graphical environment. The specifications obtained can then be simulated once the compilation and linking phases have been successfully achieved. The compiling and linking can be performed through the grap The algebraic specification of data can be defined outside of the graphical editor environment. When this has been done the latter specifications can be imported in the graphical editor where their signatures are graphically represented. This set of algebraic specifications are used as a basis which support object specifications. There is no constraint on the way the user builds his specifications. He can adopt a top-down or a bottom-up methodology. Therefore the user can set the overall objects distribution in order to structure his model and then define the behaviour of each object. On the othe hand he can build his application on a set of objects already defined. However, these approaches can also be mixed.", } @InProceedings{Buchs93c, author = "Didier Buchs and Nicolas Guelfi", booktitle = "International Conference on Parallel Architectures and Languages Europe PARLE'93, Munich, 1993", volume = "694", pages = "353--366", series = "LNCS", title = "Formal Development of Actor Programs using Structured Algebraic Petri Nets", year = "1993", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/buchsPARLE_93.ps.gz", abstract = "This paper provides with an actor semantics using a formalism called CO-OPN (Concurrent Object Oriented Petri Nets) which is modular and incorporates both concurrency and data structuring features. Actor languages are the main model of concurrent object oriented languages, but they are rarely well formalized. CO-OPN is a structured extension of Petri nets and algebraic abstract data types. A CO-OPN specification is composed of a set of objects (algebraic abstract data types and Petri nets), and of a synchronous communication mechanism. These synchronisation mechanism are defined in order to keep object state encapsulation, allowing to specify independantly each object. The translation of an actor program into a CO-OPN specification is done by building objects for actors. The adequacy of CO-OPN to describe the semantics of concurrent object oriented languages is shown by this formal semantic description of actor languages. Some particular implementations are suggested, improving the concurrency of executions of actor programs.
Keywords : Specification and verification, Formal program development methodologies, modular specification, semantics, actor languages semantics, high level Petri nets, algebraic abstract data types.", } @InProceedings{Buchs94, author = "Mathieu Buffo and Didier Buchs and Jos{\'e} Rolim", booktitle = "IEEE/USP workshop on high performance computing - WHPC'94, Compilers and tools for parallel processing, Sao Paulo (Br{\'e}sil), March 28-30 1994", title = "Developping parallel programs based on rewriting techniques", year = "1994", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/buchs-developparallelprograms.ps", abstract = "Starting with a formal problem specification, we show how to progressively achieve a parallel distributed solution, using convenient transformations of specifications. In order to achieve a solution, we use rewriting techniques applied in the context of transformations. This paper explains the methodology, points out its advantages and its requests. We first, introduce the specification language CO-OPN used to express both abstract specification and implementation. CO-OPN is a structured version of algebraic specification and Petri nets in which adequate notions of equivalence can be formalized to handle the concept of correct transformations. Then we introduce the general technique of applying transformations to get specifications progressively closer to the implementation level. These transformations are classified into two levels, the high level transformation performing abstract modification of algorithm and the low level transformations which are applicable on the specification closer to the implementation. Finally, a concrete example will show how the simple {"}permutation sort{"} can be transformed quite automatically in a distributed implementation of a {"}quick sort{"} algorithm.", } @InProceedings{Buchs94a, author = "Didier Buchs and Mathieu Buffo and Jacques Flumet and Pascal Racloz and Erik Urland", booktitle = "Proceedings of CASE Tools Workshop of the World Transputer Congress 1994, Cernobbio, Italia, 1994", editor = "Innes Jelly and Ian Gorton", title = "{SANDS} Tools : an environment for deriving parallel programs", year = "1994", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/buchs-envdev.ps.gz", abstract = "This paper describes the techniques and the tools developed to construct CO-OPN specifications (Concurrent Object Oriented Petri Nets) and to derive parallel programs. CO-OPN is a specification language allowing to describe concurrent aspects and data-structure of computer programs in an abstract way. The concurrent part of the formalism is described with Petri nets while the data-structure are described with algebraic abstract data types. In the CO-OPN formalism, this association is structured by the notion of object. The environment developed around CO-OPN is SANDS (Structured Algebraic Nets Development System). The production of quality software needs the use of a complete development method based on a life cycle including specification and implementation phases. This method must provide techniques in order to derive implementation from specification and for verifying if the implementation is adequate. The development of software must be supported by tools such as editors, validation and verification processes. A tool for obtaining correct parallel programs from formally specified problems is presented. The technique we propose is based on the concept of transformations oriented into the context of parallelism. In addition we introduce a methodology for deriving correct parallel algorithms.", } @TechReport{Buchs94b, author = "Didier Buchs and Pascal Racloz", address = "Switzerland", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", month = jan, number = "DI/94/42", title = "Symbolic Proofs of Temporal Properties", year = "1994", keywords = "Conform", } @TechReport{Buchs94c, author = "Didier Buchs and Daniel Monteiro and Fabrice Mourlin and Denis Brunet", address = "Switzerland", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", month = oct, number = "DI/94/74", title = "Parallel Distributed Algorithm Design through Specification Transformation: The Asynchronous Vision System", year = "1994", keywords = "Conform", } @TechReport{Buchs94d, author = "Didier Buchs and Jose Rolim", address = "Switzerland", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", number = "DI/94/80", title = "Methodology for Producing Parallel Probabilistic Algorithms from Specifications: Collection of Articles", year = "1994", keywords = "Conform", } @TechReport{Buchs94e, author = "Didier Buchs and Giovanna Di Marzo", address = "Switzerland", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", month = nov, number = "DI/94/86", title = "{ACCESS} - Algebraic Concurrent Events for System Specification", year = "1994", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/dimarzo-TR94-86.ps", abstract = "Access is a new algebraic specification formalism, which focuses on the fine description of the ``true'' concurrency and on a high degree of expressivity. Systems are specified by a set of local states, whose value changes under the occurrence of events. Both events and data structure are specified by abstract data types. Static properties, i.e. global constraints over events and data structure, are described by first order formulae, while dynamic axioms, explaining the behavior of events, are given by causality rules. Concurrency can be described in different ways, it can be interleaving or true concurrency. Finally, expressivity is given by fine descriptions of both static and dynamic properties. Access has demonstrate to be a natural generalization of a great variety of Petri Nets (as for example -Algebraic, -Coloured, -With arc extensions Petri Nets). It is also able to capture concepts from other formalisms as Gamma language or CO-OPN. This report presents a complete description of Access syntax and semantics, together with an example of Access specification based on Petri Nets with Arc Extensions. This report also explains how specifications written in other languages as Petri Nets, Gamma, CO-OPN, are written in Access.", } @InProceedings{Buchs95, author = "Didier Buchs", booktitle = "Software Quality Management, Sevilla, Spain, April 1995", note = "(Also Available as Technical Report EPFL-DI No 95/101)", pages = "403--414", title = "Test Selection Method to Validate Concurrent Programs against their Specifications", year = "1995", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/buchs-testmethodSQM95.ps", } @InProceedings{Buchs95a, author = "Didier Buchs and Christophe Buffard and Pascal Racloz", booktitle = "Ada in Europe'95, Frankfurt, Germany, October 2-4 1995", editor = "Toussaint", organization = "Springer Verlag", pages = "284--297", series = "LNCS (Lecture Notes in Computer Science)", volume = "1031", title = "Modelling and validation of tasks with algebraic structured nets", year = "1995", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/buchs-article.ps", } @InProceedings{Buchs95c, author = "Didier Buchs and Jarle Hulaas", booktitle = "SIPAR workshop, Biel, Switzerland, October 1995", pages = "141--145", title = "Incremental Object Oriented Implementation of Concurrent Systems based on Prototyping of Formal Specifications", year = "1995", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/buchs-Sipar-OO-distr.abstract.ps", } @InProceedings{Buchs95d, author = "Didier Buchs and Jarle Hulaas and Pascal Racloz and Mathieu Buffo and Jacques Flumet and Erik Urland", journal = "16th International Conference on Application and Theory of Petri Nets, Turin, Italie", pages = "45--53", title = "{SANDS} Structured Algebraic Net Development System for {CO}-{OPN}", year = "1995", keywords = "Conform", } @Article{Buchs96, author = "Didier Buchs and Pascal Racloz and Mathieu Buffo and Jacques Flumet and Erik Urland", journal = "Transputer Communication Journal", number = "1", pages = "23--32", title = "Deriving Parallel Programs using {SANDS} tools", volume = "3", year = "1996", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/buchs-sands.ps", abstract = "This paper describes the techniques and the tools developped to construct CO-OPN specifications.", } @InCollection{Buchs96a, author = "Didier Buchs", address = "Lausanne", booktitle = "G{\'e}nie logiciel: principes, m{\'e}thodes et techniques", editor = "Alfred Strohmeier and Didier Buchs", pages = "137--158", publisher = "Presses Polytechniques et Universitaires Romandes", title = "Les sp{\'e}cifications alg{\'e}briques, un mod{\`e}le formel pour le d{\'e}veloppement de logiciels", year = "1996", ISBN = "2-88074-296-X", } @InProceedings{Buchs96b, author = "Didier Buchs and Jarle Hulaas", booktitle = "IEEE International Conference on Systems, Man and Cybernetics, Beijing, China, October 14-17 1996", pages = "3021--3026", title = "Evolutive Prototyping of Heterogeneous Distributed Systems Using Hierarchical Algebraic Petri Nets", year = "1996", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/buchsIEEE_96.ps", abstract = "This paper presents several extensions to a new evolutive prototyping process, called object-oriented mixed prototyping. Our application field is complex distributed systems modelled by the means of CO-OPN, a hierarchical algebraic Petri net language. CO-OPN being a strong synchronous language, we also show an original implementation scheme for its high-level communication model in heterogeneous wide-area networks.", } @InProceedings{Buchs97, author = "Didier Buchs and Jarle Hulaas and Pascal Racloz", booktitle = "Tool Presentations, International Conference on Application and Theory of Petri Nets ICATPN'97, Toulouse, France, 1997", pages = "34--43", title = "Exploiting Various Levels of Semantics in {CO}-{OPN} for the {SANDS} Environment Tools", year = "1997", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/buchs-ICATPNtools97.ps.Z", abstract = "This paper describes the techniques and tools developed to support the construction of CO-OPN specifications (Concurrent Object Oriented Petri Nets) [7] and the kind of semantics that are needed for each part of the environment. CO-OPN is a specification language which permits an abstract description of aspects of concurrent operations and data-structures of computer programs. The concurrent and operational part of the formalism is described by means of Petri nets, while the data-structures are described by means of algebraic abstract data types. In the CO-OPN formalism, these associations are structured with the notion of objects. CO-OPN specifications can be developed, analyzed and simulated in a dedicated environment called SANDS (Structured Algebraic Nets Development System [6]). Various semantics of CO-OPN are exploited: an abstract operational semantics is used for the logic programming simulator as well as for the test set generation tool, while a more concrete operational semantics based on transactions is necessary for prototyping on distributed systems. All these semantics are valid and partially complete on a subpart of the CO-OPN language with respect to its denotational semantics.", } @InProceedings{Buchs98, author = "D. Buchs and A. Diagne and F. Kordon", booktitle = "Proceedings of the 9th International Workshop on Rapid System Prototyping, Leuven, Belgium", month = jun, pages = "6--12", publisher = "{J. Becker Ed, IEEE Computer Society Press}", title = "{Testing Prototypes Validity to Enhance Code Reuse}", year = "1998", } @Article{Buchs:99:TOOS, author = "Didier Buchs and C{\'e}cile P{\'e}raire", journal = "Industry-{T}utorial on {F}ormal {M}ethods and {T}esting, {F}ormal {M}ethods 99, {T}oulouse {F}rance", month = sep, title = "Testing Object-Oriented Software", year = "1999", keywords = "Tutorial, Test", URL = "http://lgl.epfl.ch/pub/Papers/buchs99-toos.ps", abstract = "This tutorial describes the approach we develop for the formal testing of OO software. We also describe the operational techniques, that can be used, to select test cases.", } @InProceedings{Buchs:99:RPFMDS, author = "D. Buchs and M. Buffo", booktitle = "Proceedings of the Tenth International Workshop on Rapid System Prototyping (RSP'99)", editor = "Frances M. Titsworth", month = jun, publisher = "IEEE", title = "Rapid Prototyping of Formally Modelled Distributed Systems", year = "1999", keywords = "prototyping, ooMethod, concurrency, conform", URL = "http://lgl.epfl.ch/pub/Papers/Buchs:99:RPFMDS.ps.gz", ISBN = "0-7695-0246-6", abstract = "This paper presents various kinds of prototypes, used in the prototyping of formally modelled distributed systems. It presents the notions of prototyping techniques and prototype evolution, and shows how to relate them to the software life-cycle. It is illustrated through the use of the formal modelling language for distributed systems CO-OPN/2.", } @Article{Buchs:00:FSFOODS, author = "Didier Buchs and Nicolas Guelfi", title = "A Formal Specification Framework for Object-Oriented Distributed Systems", journal = "IEEE Transactions on Software Engineering", volume = "26", number = "7", pages = "635--652", month = jul, year = "2000", keywords = "Formal specification,CO-OPN, Distributed Systems,Conform", } @Article{Buchs:02:CBSMEV, author = "Didier Buchs and Sandro Costa and David Hurzeler", title = "Component Based System Modelling for Easier Verification", booktitle = "Concurrency in Dependable Computing", editor = "P. Ezhilchevan and A. Romanovsky", publisher = "Kluwer", pages = "61--86", year = "2002", keywords = "Petri Nets,Conform", } %% @techreport{Buchs:02:OSCA, %% AUTHOR = {Didier Buchs and Sandro Costa and David Hurzeler}, %% TITLE = {Observers for Substitutability: a CO-OPN/2 approach}, %% YEAR = {2002}, %% NUMBER = {IC/2002/43}, %% INSTITUTION = {Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences}, %% KEYWORDS = {Petri Nets,Conform}, %% } } @TechReport{Buchs:2002:FSRCOF, author = "Didier Buchs and Sandro Costa and David Hurzeler", title = "Flexible Subtyping Relations for Component-Oriented Formalisms", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", year = "2002", number = "IC/2002/43", month = jun, keywords = "Petri Nets,Conform", URL = "http://ic2.epfl.ch/publications/documents/IC_TECH_REPORT_200243.pdf", abstract = "In the first part of this paper we present a new general component-oriented formalism, which has, among others, the following features: Concurrency, atomicity, synchronization between and inside components, and modularity. We give the inference rules which may be used to inductively build the semantics of composed components. The second part of the paper addresses the problem of substitutability and consists in the definition of a very general and flexible notion of subtyping; This notion of subtyping depends on a set of properties we are interested in preserving during the substitution and a special {"}observer{"} component which filters or adds behaviours to the components we are trying to substitute. The buffer example is used to illustrate the definitions.", } @InProceedings{Buchs:2003:MSMTSC, author = "Didier Buchs and Stanislav Chachkov and David Hurzeler", title = "Modelling a Secure, Mobile and Transactional System with {CO}-{OPN}", booktitle = "Proceedings of the International Conference on Application of Concurrency to System Design, Guimar{\~a}es, Portugal", keywords = "Conform", pages = "82--91", year = "2003", editor = "Johan Lilius and Felice Balarin and Ricard J. Machado", month = jun, publisher = "IEEE CS Press", note = "Also available as Technical Report IC/2003/14, Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", URL = "http://ic2.epfl.ch/publications/documents/IC_TECH_REPORT_200314.pdf", abstract = "Modelling complex concurrent systems is often difficult and error-prone, in particular when new concepts coming from advanced practical applications are considered. These new application domains include dynamicity, mobility, security, and localization dependent computing. In order to fully model and prototype such systems we propose to use several concepts introduced in our specification language CO-OPN, like context, dynamicity, mobility, subtyping and inheritance. CO-OPN (Concurrent Object Oriented Petri Net) is a formal specification language for modelling distributed systems; it is based on coordinated algebraic Petri nets. This paper focuses on the use of several basic mechanisms of CO-OPN for modelling mobile systems and the generation of corresponding Java code. A significant example of distributors accessible through mobile devices (for example, PDA with Bluetooth) is fully modelled and implemented with our technique.", } @InProceedings{Buffo94, author = "Mathieu Buffo and Erik Urland and Josi Rolim and Didier Buchs", booktitle = "Proceedings of the International Workshop on Parallel Processing'94, December 1994", organization = "IEEE, Bangalore", publisher = "McGraw Hill", title = "Progressive generation of parallel solutions for formally specified problems", year = "1994", keywords = "Conform", } @InProceedings{Buffo96, author = "Mathieu Buffo and Didier Buchs", booktitle = "X SBES Brazilian Symposium on Software Engineering, Brasil, 1996", editor = "Jose Carlos Maldonado and Paulo Cesar Masiero", pages = "341--356", title = "Contextual coordination between objects", year = "1996", URL = "http://lgl.epfl.ch/pub/Papers/Buffo:96:CCO.ps.gz", abstract = "Notwithstanding the promises it provides for the future of software engineering,the object paradigm suffers from a lack of development methods focusing on the coordination between objects. The distinction of coordination and computation mechanisms is an important separation principle for increasing the management and understanding of the interactions among objects and the configurations of objects on the target systems. This paper shows that contextual coordination must be introduced during the object oriented analysis in order to early take into account the inevitable constraints of the concrete implementation. This contextual coordination leads to a hierarchical model composed of imbricated execution contexts of objects.", } @InProceedings{Buffo98:ECP, author = "Mathieu Buffo", journal = "Workshops proceedings of the International Conference on Database and Expert Systems Applications (DEXA'98)", month = aug, pages = "536--541", publisher = "IEEE Computer Society", title = "Experiences in Coordination Programming", year = "1998", keywords = "text, conference, coordination, oomethod, concurrency, conform", URL = "http://lgl.epfl.ch/pub/Papers/Buffo:98:ECP.ps.gz", ISBN = "0-8186-8353-8", abstract = "The term coordination is now unavoidable when speaking about software systems composed of many computing entities. More and more coordination models and languages are available, but they are used mainly in toy examples. This paper relates concrete experiences in the field of coordination programming, starting with formal object-oriented specifications and ending with Java programs. It shows that suitable coordination model and language are actually fruitful whn used since the design phase of software development.", } @InProceedings{Buffo:99:DSIBCL, author = "M. Buffo and D. Buchs", booktitle = "Proceedings of the Third International Conference on Coordination Models and Languages (COORDINATION'99)", month = apr, number = "1594", publisher = "Springer Verlag", series = "LNCS (Lecture Notes in Computer Science)", title = "A Distributed Semantics for a {IWIM}-Based Coordination Language", year = "1999", keywords = "coordination, ooMethod, concurrency, conform", URL = "http://lgl.epfl.ch/pub/Papers/Buffo:99:DSIBCL.ps.gz", ISBN = "3-540-65836-X", abstract = "Coordination patterns are likely to be applied during the design phase of software development, provided the use of a suitable design-level coordination language, like COIL. This formal language is member of the IWIM family of coordination languages, but suffers up to now from a lack of distributed semantics. This paper defines a new, formal distributed semantics for COIL, taking into account problems like object migration and restrictions in non-local interactions. This new semantics opens the door to major improvements of COIL dealing with the dynamicity of coordination mechanisms, like migration of coordinated sub-systems, or dynamic re-configuration of coordinated sub-systems for instance. A discussion about the properties of this semantics is included.", } @InProceedings{Buffo:99:PMRMAPNC, author = "M. Buffo and D. Buchs", booktitle = "Proceedings of the Tools Presentation of th 20th International Confernce on Application and Theory of Petri Nets (ICATPN'99)", editor = "S. Donatelli and J. Kleijn", month = jun, title = "Polymorphism and Module-Reuse Mechanisms for Algebraic Petri Nets in CoopnTools", year = "1999", keywords = "petri net, ooMethod, concurrency, conform", URL = "http://lgl.epfl.ch/pub/Papers/Buffo:99:PMRMAPNC.ps.gz", abstract = "This paper introduces CoopnTools, a tool set allowing the support of object-oriented specifications written by means of the language CO-OPN/2, based on synchronised algebraic Petri nets. In particular, this paper shows how concrete mechanisms dealing with polymorphism and module-reuse are implemented in CoopnTools.", } @TechReport{Buffo:94:PTSPP, author = "Mathieu Buffo and Erik Urland and Jos Rolim and Didier Buchs", address = "CUI, Universite de Geneve, {24, rue du General Dufour}, 1211 Geneve 4, Suisse", month = dec, number = "91", title = "Le projet {TSPP}", type = "Cahiers du CUI", year = "1994", keywords = "Text, Report, Concurrency, Transformation, Conform", URL = "http://lgl.epfl.ch/pub/Papers/Buffo:94:PTSPP.ps.gz", } @InProceedings{Buffo:95:PGPSFSP, author = "Mathieu Buffo and Erik Urland and Jos Rolim and Didier Buchs", booktitle = "Proceedings of the International Workshop on Parallel Processing'94, New Dehli, India, January 1995", editor = "Viktor Prasanna and Vijay Bhatkar and Lalit Patnaik and Satish Tripathi", organization = "IEEE", pages = "89--93", publisher = "Tata McGraw-Hill", title = "Progressive generation of parallel solutions for formally specified problems", year = "1995", keywords = "Text, Paper, Concurrency, Transformation, Conform", URL = "http://lgl.epfl.ch/pub/Papers/Buffo:95:PGPSFSP.ps.gz", abstract = "In this paper we show a progressive way for managing abstract algebraic specifications in order to obtain efficient parallel or distributed algorithms. Our approach is based on TSPP technique (Transformations de Sp cifications de probl mes orient es vers le Parall lisme et le Probabilisme). We claim that the process of transformation of specifications can be done, in many cases, automatically in direction from a high level of abstraction to concrete one using a sequence of derivation steps. The resulting specification, obtained by such a transformation process, is then well suited for execution on target parallel machine. Further we shortly describe the SANDS system (Structured Algebraic Nets Development System) and the TTool - transformation tool package which was developed for performing transformations on specifications. To illustrate the TSPP technique we present here an example developed in SANDS system environment by application of TTool. Finally we discuss the obtained speedup of execution such a derived specification on parallel machine with various number of processors.", } @InProceedings{Buffo:96:CCDO, author = "Mathieu Buffo", booktitle = "Proceedings of the 1996 SIPAR-Workshop on Parallel and Distributed Computing, Geneva, Switzerland, October 1996", editor = "C. A. H{\'e}ritier and B. Chopard", organization = "SIPAR", publisher = "CUI, Universit de Geneve", title = "Contextual Coordination for Distributed Objects", year = "1996", keywords = "Text, Conference, Coordination, OOMethod, Concurrency, Conform", URL = "http://lgl.epfl.ch/pub/Papers/Buffo:96:CCDO.ps.gz", abstract = "This position paper explain why and how coordination may play a role in the development of distributed object applications.", } @PhdThesis{Buffo:97:CCCMDOS, author = "Mathieu Buffo", month = jul, school = "University of Geneva", title = "Contextual Coordination: a Coordination Model for Distributed Object Systems", year = "1997", keywords = "Text, Thesis, Coordination, OOMethod, Concurrency, Conform", URL = "http://lgl.epfl.ch/pub/Papers/Buffo:97:CCCMDOS.ps.gz", abstract = "From a software engineer's point of view, refining object-oriented specifications in distributed software architectures seems to be a promising way for developing programmes. Unfortunately, the use of the most of current coordination models prevents a direct refinement; finding an appropriate coordination model is the aim of this thesis.", } @InProceedings{Buffo:97:CMDOS, author = "Mathieu Buffo and Didier Buchs", booktitle = "Proceedings of the Second International Conference on Coordination Models and Languages COORDINATION'97, September 1997", publisher = "Springer Verlag", series = "LNCS (Lecture Notes in Computer Science)", title = "A Coordination Model for Distributed Object Systems", volume = "1282", year = "1997", keywords = "Text, Conference, Coordination, OOMethod, Concurrency, Conform", URL = "http://lgl.epfl.ch/pub/Papers/Buffo:97:CMDOS.ps.gz", abstract = "Distributed systems have strong similarities with object systems. However, coordination models for these systems have slightly different requirements. This paper presents a specific coordination model for distributed object systems, built on hierarchical execution contexts. This model allows to refine object-oriented specifications into distributed software architectures.", } @InProceedings{Buffo:00:CTSC, author = "Mathieu Buffo and Didier Buchs and Stanislav Chachkov", title = "CoopnTools a Toolkit for the support of {CO}-{OPN}", booktitle = "Proceedings of the Tools Demonstration of the 21th International Conference on Application and Theory of Petri Nets", month = jun, year = "2000", pages = "2--6", publisher = "Aarhus University", keywords = "Petri Nets, Tools,Conform", } @TechReport{Buffo:00:FCODLBDS, author = "Mathieu Buffo and Didier Buchs", title = "A Formal Component-Oriented Design Language for building Distributed System", type = "Technical Report", number = "DI/00/308", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", year = "2000", } @TechReport{Camesi:2004:Monitoring, author = "Andrea Camesi and Jarle Hulaas and Walter Binder", title = "Graphical Monitoring of {CPU} Resource Consumption in a Java-based Framework", type = "Technical Report", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", number = "EPFL-IC-200473", month = sep, year = "2004", URL = "http://www.jraf2.org/", keywords = "ResMan, JRAF2, J-RAF2, Java", } @MastersThesis{Caron:2000:OOSS, author = "Xavier Caron", address = "D{\'e}partement d'Informatique, 1015 Lausanne, Switzerland", school = "Ecole Polytechnique F{\'e}d{\'e}rale de Lausanne", title = "Object-Oriented Stable Storage", year = "2000", URL = "http://lgl.epfl.ch/pub/Papers/caron-stable-storage.pdf", abstract = "This report is the result of a diploma thesis of Xavier Caron, a computer science student at the Software Engineering Lab (LGL), which is part of the Swiss Federal Institute of Technology in Lausanne (EPFL). The LGL is currently developing an object-oriented library providing transaction support for Ada programmers. Transactions are actions that have the well-known ACID properties (Atomicity, Consistency, Isolation, and Durability). Durability of objects can be achieved by saving their state to so-called {"}stable storage{"}. The goal of this project is to implement the two following forms of stable storage: 1) Stable storage using a technique called mirroring. The integrity of the stored data must be guaranteed even in the presence of crash failures. 2) Stable storage based on replication. Using the distributed programming facilities of Ada 95, a mechanism must be devised that allows to broadcast the information that has to be made durable to a group of collaborating machines for storage. Of course, it should also be possible to retrieve the data in a consistent manner. This report describes the system design and implementation in Ada 95.", } @InProceedings{Chachkov:01:FAOOMRUESC, author = "Stanislav Chachkov and Didier Buchs", title = "From an Abstract Object-Oriented Model to a Ready-to-Use Embedded System Controller", booktitle = "Rapid System Prototyping, Monterey, CA", publisher = "IEEE Computer Society Press", pages = "142--148", month = jun, year = "2001", abstract = "We present an example of a construction of an embedded software system-a controller-from the formal specification to executable code. The CO-OPN (Concurrent Object Oriented Petri Net) formal specification language is used for modelling the controller and the associated hardware system with the inherent limitation of its physical components. CO-OPN formal language is based on coordinated algebraic Petri nets. The CO-OPN model can be used to verify some properties of the controller in the concrete physical environment. This is achieved by constrained animation of the valid prototype produced by automatic code generation. The possibility to incrementally refine the generated code can be used to obtain a more efficient implementation.", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/chachkov-RSP2001.pdf", } @InProceedings{Chachkov:01:FFSRUSCCOOPNA, author = "Stanislav Chachkov and Didier Buchs", title = "From Formal Specifications to Ready-to-Use Software Components: The Concurrent Object-Oriented Petri Net Approach", booktitle = "International Conference on Application of Concurrency to System Design, Newcastle", pages = "99--110", publisher = "IEEE Computer Society Press", month = jun, year = "2001", abstract = "CO-OPN (Concurrent Object Oriented Petri Net) is a formal specification language for modelling distributed systems; it is based on coordinated algebraic Petri nets. In this paper we describe a method for generating an executable prototype from a CO-OPN specification. We focus our discussion on the generation of executable code for CO-OPN classes. CO-OPN classes are defined using Petri Nets. The main problems arise when implementing synchronization and non-determinism of CO-OPN classes in procedural languages. Our method proposes a solution to these problems. Another interesting aspect of our method is the easy integration of a generated prototype into any existing system. This paper focuses on the generation of Java code that fulfils the Java Beans component architecture, however our approach is also applicable to other object-oriented implementation languages with a component architecture.", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/chachkov-ICACSD2001.pdf", } @InProceedings{Chachkov:02:ISLNDP, author = "Stanislav Chachkov and Didier Buchs", title = "Interfacing Software Libraries from Non-deterministic Prototypes", booktitle = "Rapid System Prototyping, Darmstadt, Germany", publisher = "IEEE Computer Society Press", pages = "92--98", month = jul, year = "2002", keywords = "Conform", } @PhdThesis{Chachkov:2004:PHD, author = "Stanislav Chachkov", school = "School of Computer & Communications Sciences, Ecole Polytechnique F{\'e}d{\'e}rale de Lausanne (EPFL), Switzerland", number = "2924", title = "Generation of object-oriented programs from {CO}-{OPN} specifications", year = "2004", keywords = "OOMethod, Conform, PhD", } @InProceedings{Cifuentes:98:SSMI, author = "C. Cifuentes and S. Sendall", booktitle = "6th International Workshop on Program Comprehension - IWPC'98, Ischia, Italy, June 24-26 1998", pages = "126--133", publisher = "IEEE Computer Society", title = "Specifying the Semantics of Machine Instructions", year = "1998", keywords = "binary translation, retargetable, formal specification, CISC, RISC", URL = "http://lgl.epfl.ch/pub/Papers/sendall-spec_mach_instr_98.ps", abstract = "Computer architecture manuals describe the instruction set of the machine and the semantics of those instructions by a combination of natural language and ISP (Instruction Set Processor) descriptions. The syntax of the instructions in assembly is well define in the form of tables in the manual. However, the semantics is not so well specified and descriptions vary widely from one manual to another. When developing a retargetable binary translator, as much as possible needs to be specified in order to automatically generate code from specifications, hence separating machine-independent issues from the manual coding stage. The specification of the semantics of machine instructions is one such task, with the aim of generating suitable code for an intermediate representation that is to be used during the analysis stage. We describe the design process used to develop a semantic specification language, SSL, to integrate into a retargetable binary translation framework. The techniques described herein are suitable not just to binary translators but also to machine-code manipulation tools such as optimizing compilers, binary profilers, instrumentors, and binary debuggers.", } @InProceedings{crettaz:01:OOSSBMICAS, author = "Valentin Crettaz and Mohamed Mancona Kand{\'e} and Shane Sendall and Alfred Strohmeier", booktitle = "UML 2001 - The Unified Modeling Language: Modeling Languages, Concepts and Tools, Fourth International Conference, Toronto, Canada, October 1-5, Martin Gogolla (Ed.)", title = "Integrating the Concern{BASE} Approach with {SADL}", series = "LNCS (Lecture Notes in Computer Science)", volume = "2185", pages = "166--181", publisher = "Springer Verlag", year = "2001", note = "Also available as Technical Report EPFL-DI No 01/366", URL = "http://lgl.epfl.ch/pub/Papers/crettaz-2001-icas.pdf", abstract = "We describe ConcernBASE, a UML-based approach that is an instantiation of the IEEE's Conceptual Framework (Std 1471) for describing software architectures. We show how the approach supports advanced separation of concerns in software architecture by allowing one to identify and define multiple viewpoints, concern spaces and views of an architecture. Our work focuses on integrating the ConcernBASE approach with the Structural Architecture Description Language (SADL) in order to make the verification capabilities of SADL available to those who develop in UML. The result is a UML profile for structural description of software architecture. The paper also presents a prototype tool that supports this UML profile.", } @InProceedings{Currie97, author = "Currie Colket et alii (including Sergey Rybin and Alfred Strohmeier)", booktitle = "ACM Ada Letters, January 1997", number = "1", pages = "35--40", title = "Architecture of {ASIS}: {A} Tool to Support Code Analysis of Complex Systems", volume = "XVII", year = "1997", } @TechReport{Dimarzo:97:FDJP, author = "Giovanna Di Marzo Serugendo and Nicolas Guelfi", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", number = "DI/97/248", title = "Formal Development of Java Programs", year = "1997", URL = "http://lgl.epfl.ch/pub/Papers/dimarzo-TR97-248.ps.gz", abstract = "The Java object-oriented programming language has been the subject of an important involvement from programmers and industry. Especially for applications related to the Web. The problem of such rapid penetration of Java programs into commercial product is that software engineers does not have any methodology and have to develop complex parallel applications. In this paper, we present, using a real (http://lglsun.epfl.ch/Team/GDM/DSGamma.html) but simple Web parallel application, a possible formal development methodology based on the stepwise refinement of CO-OPN/2 formal specifications. The application chosen is based on the Gamma paradigm, in which additions are realized across distributed multisets of integers maintained by local Java applets. CO-OPN/2 is an object-oriented specification formalism allowing the formal specification of abstract data types based on algebraic specification and of concurrent objects using a Petri net like approach. An interesting feature of CO-OPN/2 is that it gives a coherent solution for the expression of complex properties combining inheritance, concurrency and synchronizations. The refinement of formal descriptions for building progressively the Java program is presented in several refinement steps. This refinement process focuses on the distribution of data and treatments, and validation and verification are studied through the refinement of system properties.", } @InProceedings{Dimarzo:98:FDJBWPA, author = "Giovanna Di Marzo Serugendo and Nicolas Guelfi", booktitle = "Proceedings of the Hawai International Conference on System Sciences, 1998", note = "Also available as Technical Report EPFL-DI No 97/248", title = "Formal Development of Java Based Web Parallel Applications", year = "1998", URL = "http://lgl.epfl.ch/pub/Papers/dimarzo-hicss98.ps.gz", abstract = "The Java object-oriented programming language has been the subject of an important involvement from programmers and the industry. Especially for applications related to the Web. The problem of such a rapid penetration of Java programs into commercial products is that software engineers do not have any methodology and have to develop complex parallel applications. Here, we present a formal development methodology based on the stepwise refinement of CO-OPN/2 formal specifications, using a real Web parallel application. Starting from a centralized view, we present the following refinement steps: data distribution, behavior distribution, communication layer, and Java program. During the whole refinement process, we study the evolution and the verification of one specific property.", } @TechReport{Dimarzo:98:FDVDSBCCAA, author = "G. Di Marzo Serugendo and N. Guelfi and A. Romanovsky and A. Zorzo", address = "Lausanne, Switzerland", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", number = "DI/98/265", title = "Formal Development and Validation of the {DSG}amma System Based on {CO}-{OPN}/2 and Coordinated Atomic Actions", year = "1998", URL = "http://lgl.epfl.ch/pub/Papers/dimarzo-TR98-265.ps.gz", abstract = "The objectives of this research are twofold. On the first hand, it aims to show the interest of Coordinated Atomic actions (CA actions) as a design concept and, on the other hand it explains how the formal language \COOPNTWO\ can be used to express a CA action design. A real distributed application is developed according to a simple development life cycle: informal requirements, specification, design, implementation. The design phase is built according to the CA action concept. The \COOPNTWO\ language is used to express the specification, and design phase. The implementation is made in Java based on a library of generic classes adapted to CA action concepts. The validation phase is briefly addressed, in order to demonstrate the extent to which the development methodology followed in this paper can be useful for proving properties.", } @InProceedings{Dimarzo:98:UOOANREJPCS, author = "Giovanna Di Marzo Serugendo and Nicolas Guelfi", booktitle = "Proceedings of the International Conference on Application of Concurrency to System Design (CSD'98)", note = "Also available as Technical Report EPFL-DI No 98/267", pages = "166--176", publisher = "IEEE Computer Society Press", title = "Using Object-Oriented Algebraic Nets for the Reverse Engineering of Java Programs: {A} Case Study", year = "1998", URL = "http://lgl.epfl.ch/pub/Papers/dimarzo-csd98.ps.gz", abstract = "The problem addressed in this paper is the following: How to use high-level Petri nets for the reverse engineering of implemented distributed applications ?. We present a reverse engineering methodology applied on a real (simple) Java applet based client/server application. First, starting from the Java program, several abstraction steps are described using the \COOPNTWO\ formal specification language. Then, we present a brand new research that studies properties preservations during a refinement process.", } @InProceedings{Dimarzo:99:FDVJDDS, author = "G. Di Marzo Serugendo and N. Guelfi and A. Romanovsky and A. F. Zorzo", booktitle = "Fifth IEEE International Conference on Engineering of Complex Computer Systems (ICECCS'99)", publisher = "IEEE Computer Society Press", title = "Formal Development and Validation of {Java} Dependable Distributed Systems", year = "1999", URL = "http://lgl.epfl.ch/pub/Papers/dimarzo-iceccs99.ps.gz", abstract = "The rapid expansion of Java programs into software market is often not supported by a proper development methodology. Here, we present a formal development methodology well-suited for Java dependable distributed applications. It is based on the stepwise refinement of model-oriented formal spcifications, and enables validation of the obtained systme wrt the client's requirements. Three refinement steps have been identified in the case of fault-tolerant distributed applications: first, starting from informal requirements, an initial formal specification is derived. It does not depend on implementation constraints and provides a centralized solution; second, dependability and distribution constraints are integrated; third, the Java implementation is realised. The CO-OPN/2 language is used to express specifications formally; and the dependability and distribution design is based on the Coordinated Atomic action concept. The methodology and the three refinement steps are presented through a very simple fault-tolerant distributed Java application.", } @InProceedings{Dimarzo:99:FDVMSD, author = "G. Di Marzo Serugendo", booktitle = "Fifth International Conference on Information Systems Analysis and Synthesis (ISAS'99)", title = "A Formal Developement and Validation Methodology for System Design", year = "1999", URL = "http://lgl.epfl.ch/pub/Papers/dimarzo-isas99.ps.gz", abstract = "This paper presents first a formal development methodology that enables the validation of formal specifications as well as program codes wrt client's requirements. The methodology is based on the two languages framework: it advocates the joint use of a model-oriented specification and a logical language. Second, the paper describes development guidelines for system design within the proposed methodology. Guidelines, specific to each kind of system, can be defined. They enable the specifier to add progressively the complexity into the system desing. Two development processes are proposed: the first one leads to a traditional client/server desing; the second one enables to integrate fault-tolerance in the design. Both development processes have been applied on an example and produced a Java program.", } @PhdThesis{DiMarzo:99:SRFSBLF, author = "Giovanna Di Marzo Serugendo", address = "D{\'e}partement d'informatique, CH-1015, Lausanne, Suisse", school = "Ecole Polytechnique F{\'e}d{\'e}rale de Lausanne", number = "1931", title = "Stepwise Refinement of Formal Specifications Based on Logical Formulae: from {COOPN}/2 Specifications to Java Programs", year = "1999", URL = "http://lgl.epfl.ch/pub/Papers/dimarzo-thesis.pdf", abstract = "One of the steps making it possible to increase the quality and the reliability of the software executing on distributed systems consists of the use of methods of software engineering that are known as formal. The majority of the formal methods currently existing correspond in fact more to formal specifications languages than to methods themselves. This is due to the fact that the two fundamental aspects which are: the logic of use of the language and the coverage of the software life cycle are not, for the majority, defined. The development by stepwise refinement is one of the means making it possible to define these two aspects.
This thesis aims to the definition of the concepts of refinement and implementation of model-oriented formal specifications. It brings a methodological base making it possible to use such a specifications language during a development by stepwise refinements and during the implementation stage.
This thesis defines, initially, a theoretical framework for the refinement and the implementation of formal specifications. The main idea consists in associating a contract with each specification. A contract explicitly represents the whole of the properties of the specification which it is necessary to preserve at the time of a refinement of this specification. To show that a concrete specification refines some abstract specification, it is then a matter of showing that the contract of the concrete specification is sufficient to ensure the properties corresponding to the contract of the abstract specification.
The second part of this thesis consists in applying this theoretical framework in the context of the CO-OPN/2 language. CO-OPN/2 is an object-oriented formal specifications language founded on algebraic specifications and Petri nets. Thus, definitions of the concepts of contracts, refinement and implementation are proposed for this language. The contracts are expressed using the Hennessy-Milner temporal logic (HML). This logic is used in the theory of test provided with language CO-OPN/2. Thus, the verification of the contractual properties, as well as the verification of the stages of refinement are facilitated. Refinement and implementation are controlled semantically by the satisfaction of the contracts; syntactically, a renaming is authorised. We specifically study the implementation using the Java programming language. We show how to specify classes of the Java programming language using language CO-OPN/2, so that the last stage of the process of refinement leads to a specification entirely built using CO-OPN/2 components specifying Java classes. The stage of implementation in the Java language itself is thus facilitated.
The third part of this thesis shows how it is possible to practically verify that a CO-OPN/2 specification satisfies its own contract, that a stage of refinement is correctly carried out, and finally that the stage of implementation is correctly performed. These verifications are carried out using the theory of the test provided with language CO-OPN/2.
Finally, the last part of this thesis illustrates the cogency of this approach by applying it to a complete and detailed case study. A distributed Java application is developped according to the method introduced for the CO-OPN/2 language. Refinement is guided mainly by the satisfaction of functional requirements and by constraints of design integrating the concept of client/server architecture. Lastly, the stages chosen in the refinement process of this development make it possible to study aspects specific to distributed applications, and to propose generic schemas for the design of such applications.", } @TechReport{DiMarzo:00:ARTCSPN, author = "Giovanna Di Marzo Serugendo and Dino Mandrioli and Didier Buchs and Nicolas Guelfi", title = "Adding Real Time Constraints to Synchronised Petri Nets", year = "2000", number = "DI/00/341", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", keywords = "Petri Nets,Conform", } @InProceedings{DiMarzo:02:RTSPN, author = "Giovanna Di Marzo Serugendo and Dino Mandrioli and Didier Buchs and Nicolas Guelfi", booktitle = "International Conference on Theory and Application of Petri Nets, Adela{\"i}de, Australia", editor = "J. Esparza and Ch. Lakos", publisher = "Springer Verlag", series = "LNCS (Lecture Notes in Computer Science)", volume = "2360", title = "Real-Time Synchronized Petri Nets", pages = "142--162", year = "2002", keywords = "Conform", } @InProceedings{Ebel90, author = "Norbert Ebel and Christian Genillard", booktitle = "Ada Software Reuse, London, 1990", editor = "P. J. L. Wallis and R. J. Gautier", pages = "83--97", publisher = "Peter Peregrinus", title = "The Reusability of Ada Software Components", year = "1990", keywords = "Ada", } @InProceedings{Eckert93a, author = "Gabriel Eckert and Alfred Strohmeier", booktitle = "OOPSLA'93 Workshop on Specification of Behavioral Semantics in Object-Oriented Information Modeling, Washington (USA), 1993", pages = "147--150", publisher = "ACM Press", title = "Behavioral Specification Techniques", year = "1993", keywords = "OOMethod", URL = "http://lgl.epfl.ch/pub/Papers/eckert-behavioral_specification_techniques.ps", abstract = "This position paper provides a quick overview of the various behavioral specification techniques, from decision tables, finite state machines, Petri nets, and program design languages, to formal specification languages. It contrasts property based behavioral models (and languages) with model-based ones.", } @Article{Eckert94, author = "Gabriel Eckert and Paul Golder", journal = "Information and Software Technology", note = "Also available as Technical Report EPFL-DI No 93/32", number = "2", pages = "67--86", title = "Improving Object-Oriented Analysis", volume = "36", year = "1994", keywords = "OOMethod", abstract = "This paper evaluates current object-oriented analysis methods and proposes some possible improvements. We start by describing software requirements definition activities and reviewing the concepts of data modeling and object-orientation. We then identify key principles of object-oriented analysis and judge a selection of emerging methods against these principles. Finally, a proposal is presented which attempts to avoid some of the identified shortcomings. The proposal provides a nested object-relationship-operation framework which is based on a consistent use of the object model, a strong notion of encapsulation and a clear distinction between the essential and the contingent properties of the modelled entities.", } @InProceedings{Eckert94a, author = "Gabriel Eckert", booktitle = "IEEE International Conference on Requirements Engineering, Colorado Springs (USA), April 1994", note = "Also available as Technical Report EPFL-DI No 93/33", pages = "32--39", title = "Types, Classes and Collections in Object-Oriented Analysis", year = "1994", keywords = "OOMethod", abstract = "This paper evaluates the classification support provided by current object-oriented analysis methods and proposes possible improvements. Concepts of object-orientation are briefly reviewed. Key principles for classification are identified and emerging object-oriented analysis methods are then judged against these principles. In an attempt to avoid some of the identified shortcomings, it is proposed that classification support during analysis should be based on two distinct constructs (types and collections) instead of a single class construct. This suggestion is based on a clear distinction between the essential and the contingent properties of the modelled objects.", } @Article{Eckert95, author = "Gabriel Eckert and Magnus Kempe", journal = "ROAD (Report on Object Analysis & Design)", note = "Also available as Technical Report EPFL-DI No 93/29", number = "5", pages = "20--27", title = "Modeling with Objects and Values: Issues and Perspectives", volume = "1", year = "1995", keywords = "OOMethod", URL = "http://lgl.epfl.ch/pub/Papers/eckert-modeling_with_objects_and_values.ps", abstract = "The nature, purpose and assumptions of modeling are discussed. The concepts of {"}value{"} and {"}object{"} are assessed in this context. Their fundamental nature is compared and different uses are investigated. Various approaches are illustrated with comparative examples, and we indicate in what respect they may be reconciled beyond their (perceived) oppositions. The paper has the form of a Socratic dialogue.", } @InCollection{Eckert95a, author = "Gabriel Eckert", booktitle = "Object-Oriented Development at Work: Fusion in the Real World", chapter = "11", editor = "Ruth Malan {Derek Coleman, Reed Letsinger}", pages = "276--313", publisher = "Prentice-Hall", title = "Improving the Analysis Stage of the Fusion Method", year = "1995", keywords = "OOMethod", } @Misc{Eckert95b, author = "Gabriel Eckert", howpublished = "Cours postgrade en informatique - G{\'e}nie logiciel: principes, m{\'e}thodes et techniques", month = nov, title = "Enseignement de g{\'}enie logiciel au moyen de projets de groupe", year = "1995", keywords = "OOMethod", } @InCollection{Eckert96, author = "Gabriel Eckert", address = "Lausanne", booktitle = "G{\'e}nie logiciel: principes, m{\'e}thodes et techniques", editor = "Alfred Strohmeier and Didier Buchs", pages = "103--136", publisher = "Presses Polytechniques et Universitaires Romandes", title = "Langages purement fonctionnels modernes", year = "1996", ISBN = "2-88074-296-X", } @InProceedings{Fofanov97, author = "Vasiliy Fofanov and Sergey Rybin and Alfred Strohmeier", booktitle = "Proceedings of TRI-Ada'97, St. Louis, MO, USA, November 11-13 1997", editor = "Susan Carlson", note = "Also available as Technical Report EPFL-DI No 97/242", pages = "205--209", publisher = "ACM Press", title = "{ASIS}tint: An Interactive {ASIS} Interpreter", year = "1997", keywords = "Ada", URL = "http://lgl.epfl.ch/pub/Papers/fofanov97.ps", abstract = "ASIStint is an interactive ASIS interpreter with scripting facilities. It may be used for learning ASIS, i.e. the user may interactively try out the effects of the various ASIS queries. It might also be used as an assistant (sic!) when experimenting with ASIS queries, e.g. in order to discover a way of implementing a part of an ASIS application, or to correct it. Yet another use is debugging and testing an ASIS implementation. Input-output of a session may be recorded, and then be replayed.
Keywords: Ada, ASIS, Interpreter.
Contents:
1. Introduction
2. Example of an ASIStint script
3. ASIStint language description
4. The ASIStint execution environment
5. Implementation approach and limitations
6. Uses and benefits of ASIStint
6.1 Learning ASIS and experimenting with it
6.2. Testing an ASIS implementation
7. Conclusions
8. References", } @InProceedings{garcia:2000:ACRTPOG, author = "Tullio Vardanega and Rodrigo Garc{\'i}a and Juan Antonio de la Puente", booktitle = "6th International Conference on Reliable Software Technologies - Ada-Europe'2001, Leuven, Belgium, May 14 - 18, 2001", title = "An Application Case for Ravenscar Technology: Porting {OBOSS} to {GNAT}/{ORK}", editor = "Dirk Craeynest and Alfred Strohmeier", series = "LNCS (Lecture Notes in Computer Science)", volume = "2043", pages = "392--404", publisher = "Springer Verlag", year = "2001", } @Article{Garcia:2002:ERIEPTG, author = "Rodrigo Garc{\'i}a Garc{\'i}a and Alfred Strohmeier", title = "Experience Report on the Implementation of {EPT}s (Extensible Protected Types) for {GNAT}", publisher = "ACM Press", series = "Ada Letters", volume = "XXII", number = "4", pages = "22--27", year = "2002", month = dec, note = "Also available as Technical Report IC/2002/8, Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", URL = "http://ic2.epfl.ch/publications/documents/IC_TECH_REPORT_200208.pdf", abstract = "Extensible Protected Types were devised to integrate concurrent and object-oriented features of Ada 95. This paper reports on a feasibility study based on implementing Extensible Protected Types for the GNAT compiler.", } @InProceedings{garcia:2000:ACRTPOG, author = "Rodrigo Garc{\'i}a Garc{\'i}a and Esther Gelle and Alfred Strohmeier", booktitle = "Proceedings 7th IEEE International Enterprise Distributed Object Computing Conference, September 16-19, Brisbane, Australia", title = "A Software Architecture for Industrial Automation", pages = "315--320", publisher = "IEEE Computer Society Press", address = "Los Alamitos, California", year = "2003", note = "Also available as Technical Report EPFL IC/2003/28", URL = "http://ic2.epfl.ch/publications/documents/IC_TECH_REPORT_200328.pdf", abstract = "The Aspect Integrator Platform (AIP) from ABB was designed to build the next generation of industrial automation applications. This platform is part of a set of products that provide the means to model, control and supervise continuous or discrete processes in various market domains, ranging from chemical and metal to paper and consumer industries. Each product works at a different level in the manufacture process, having distinct safety and real time requirements, but all of them rely on a common architecture for interoperability. The architecture proposes a set of components that can be reused in the different products. The current implementation of the architecture provides considerable flexibility in terms of modelling domain information and dynamically modifying it at run-time. On the one hand, this is a feature required by applications that must run 24 hours a day. On the other hand, this flexibility adds complexity to the maintenance of the installed application because dependencies among its components change dynamically. In this paper, we study the different kind of dependencies that can arise between components and show them in the context of an example from automotive industry. We then show how dependency tracking and consistency among components can be improved by representing them in XML, thanks to the structuring and validation properties of XML Schemas. Finally, we also outline the advantages that the use of XML would provide to future developments of the platform in the areas of data manipulation, transmission and storage.", } @TechReport{Garcia:2003:ASDSA, author = "Rodrigo Garc{\'i}a Garc{\'i}a and Alfred Strohmeier and Lukas Keller", title = "Automatic Serialization of Dynamic Structures in Ada", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", year = "2003", number = "IC/2003/63", month = oct, URL = "http://ic2.epfl.ch/publications/documents/IC_TECH_REPORT_200363.pdf", abstract = "Serialization is the process that transforms the state of a software object into a sequence of bytes. Serialization is useful, for example, to store the value of an object in persistent memory or to send it through a network channel. Ada provides object serialization by means of the Streams package. However, default Ada serialization does not address the problem of serializing dynamic structures automatically. The streaming of an access variable in Ada flattens the value of the access variable itself and not the value of the object referenced by it. It is the responsibility of the programmer to write custom serialization routines for the lists, trees, stacks or any other dynamic structure requiring serialization. In this paper, we present an algorithm for the automatic generation of serialization subprograms for dynamic structures in Ada. We will use ASIS for analyzing the structure of the types to be serialized.", } @InProceedings{garcia:2004:IKS, author = "Rodrigo Garc{\'i}a Garc{\'i}a and Esther Gelle", booktitle = "Proceedings of the International Conference on Intelligent Knowledge Systems, Robotics and Automation, August 16-20, Assos, Turkey", title = "Modelling Industrial Plant Automation Systems Using {IEC} 61346", year = "2004", URL = "http://www.ikss.org/lecture_notes/index_lecture_note_iks-2004.htm", abstract = "The IEC 61346 standard establishes general principles for structuring the information of technical systems. This paper discusses the ideas shown in the Standard emphasizing the fact that some parts of it are ambiguous and can lead to different interpretations of the basic concepts. Consequently, we derive a concrete interpretation of the standard that tries to remove the ambiguities. By removing ambiguities the Standard can be used as the basis for developing an industrial Software platform. Automation applications built on the platform benefit from a consistent data model, which can be used to query the application and exchange data with other applications.", } @InProceedings{garcia:2004:SVG, author = "Rodrigo Garc{\'i}a Garc{\'i}a and Esther Gelle and Alfred Strohmeier", booktitle = "Proceedings of the 3rd Annual Conference on Scalable Vector Graphics, September 7-10, Tokyo, Japan", title = "{SVG} for {SCADA} Applications", year = "2004", URL = "http://www.svgopen.org/2004/papers/SVGforSCADA", abstract = "In this paper, we study the applicability of SVG to SCADA (Supervisory Control and Data Acquisition) systems. One of the main purposes of a SCADA application is to provide an operator with the graphical interface needed to monitor and control the production processes in an industrial plant. Currently, most SCADA systems are based on bitmap graphics or proprietary vector formats to build the operator's interface. We investigate here the advantages and some of the emerging technical challenges of using a web standard such as SVG for developing the graphical components of a SCADA system and how to connect these components to the data sources that determine their appearance.", } @Article{Gauthier92, author = "Michel Gauthier", journal = "SIGPLAN Notices", month = apr, number = "4", pages = "37--40", title = "Noised or filtered programming ? (about enumerated types)", volume = "27", year = "1992", } @Article{Gauthier92a, author = "Michel Gauthier", journal = "AdaUser", month = mar, number = "1", pages = "34--43", title = "Predefined types considered harmful", volume = "XIII", year = "1992", } @InProceedings{Genillard86, author = "Christian Genillard and Norbert Ebel", booktitle = "Ada, Managing the Transition", editor = "Wallis P. J. L.", pages = "125--135", publisher = "Cambridge University Press", title = "Reusability of Software Components in the building of Syntax-Driven Software Tools written in Ada", year = "1986", keywords = "Ada", } @InProceedings{Genillard88, author = "Christian Genillard and Alfred Strohmeier", booktitle = "SIGPLAN Notices", number = "10", pages = "103--122", title = "Gramol: {A} grammar Description Language for Lexical and Syntactic Parsers", volume = "23", year = "1988", keywords = "Ada", } @InProceedings{Genillard89, author = "Christian Genillard and Norbert Ebel and Alfred Strohmeier", booktitle = "AdaLetters", number = "2", pages = "62--71", title = "Rationale for the Design of Reusable Abstract Data Types implemented in Ada", volume = "9", year = "1989", keywords = "Ada", abstract = "Reusable abstract data types may be implemented in Ada as generic packages. First we will state some design goals, then outline our solution, address its rationale and show why alternatives have to be rejected. The presented design rules have already been applied successfully for implementing a rather wide set of abstract data types.", } @Article{Genillard91, author = "Christian Genillard", journal = "AdaLetters", month = feb, number = "1", pages = "52--69", title = "Syntax_Analyser_{G}: {A} Multi-Language Syntax Analysis Package", volume = "XI", year = "1991", keywords = "Ada", } @InProceedings{Grize84, author = "Fran{\,c}ois Grize and Alfred Strohmeier", booktitle = "Operational Research'84, North-Holland", pages = "891--900", title = "{SARTEX}: {A} Graph Manipulation Language", year = "1984", } @TechReport{Guelfi95, author = "Nicolas Guelfi", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", month = jan, number = "DI/95/99", title = "Hierarchical Algebraic Nets", year = "1995", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/guelfiReport95-99.ps.gz", abstract = "Hierarchical Algebraic Nets (HANs ) presented here introduce a new algebraic net class which inherits from a five years experience on algebraic nets corresponding to the work done on the specification formalism CO-OPN [BG 91a]. These works has led to a complete specification formalim supported by a software environnement called SANDS [BFR 93] but who makes obsolete the initial theoretical work done in [BG 91a]. The hierarchical algebraic nets are defined : to answer to the major critics which can be made on CO-OPN and to introduce a specification formalism as a new structured algebraic net class. New features such as the recursive calls of methods or the local association of the data structures specification are some of the major new concepts. The paper essentially defines the syntax and the semantics of the hierarchical algebraic nets in a similar way as it is done for hierachical algebraic specifications which simplify the whole complexity of the formalism. The last part shows how HANs can be used in order to cover the lack of formal semantics to SANDS specifications and what can be the possible evolutions or use of such formalism. For example, HANs have shown their semantical utility through their use to give a formal semantics to a purely Object Oriented evolution of CO-OPN [BB 94a].
Keywords : Higher-level net models, specification, structured specification, semantics, algebraic abstract data types.", } @InProceedings{Guelfi96, author = "Nicolas Guelfi and Fabrice Mourlin", booktitle = "Colloquium FORMAL METHODS FOR CONCURRENCY, Muenchen, Germany, July 5 1996", editor = "Gesellschaft fuer Informatik", organization = "Institut fuer Informatik, Ludwig-Maximilians-Universitaet", title = "Formal Treatment of Data Structures in Concurrency Models", year = "1996", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/guelfiFMFC_96.ps.gz", abstract = "The problem of real size system modelling with basic concurrency models like transition systems, Petri nets or process algebra is that there is no possibility to model easily the system data structures. Algebraic specification is a method well adapted to this last aspect and has been chosen to be mixed with the two major concurrency models which are process algebra and Petri nets. We present in this paper how the 'mixing' is done and what are the consequences concerning concurrency through the case of Lotos and Algebraic nets. Our approach is built on a simple case study which is given in several versions with both formalisms. The first one uses the basic models without algebraic specifications to highlight the data structures modelling problem. The second one is used to present how algebraic specifications are integrated in each concurrency model and the last one focuses on the concurrency aspects. Several propositions are then given in order to enhance the mixing of algebraic specifications and Petri nets or process algebra.
Keywords : Petri net, process algebra, data types, algebraic specification, algebraic net, Lotos.", } @Article{Guelfi:97:COOFM, author = "N. Guelfi and O. Biberstein and D. Buchs and E. Canver and M-C. Gaudel and F. von Henke and D. Schwier", address = "Department of Computing Science", booktitle = "Technical Report of the Esprit Long Term Research Project 20072 ``Design For Validation''", institution = "University of Newcastle Upon Tyne", title = "Comparison of Object-Oriented Formal Methods", year = "1997", URL = "http://lgl.epfl.ch/pub/Papers/guelfi_coofm.ps.gz", } @Article{Guelfi:97:HAN, author = "Nicolas Guelfi", journal = "IEEE International Conference on Systems, Man and Cybernetics", month = oct, note = "Orlando-Florida", pages = "1722--1728", title = "Hierarchical Algebraic Nets", year = "1997", URL = "http://lgl.epfl.ch/pub/Papers/guelfi-smc97.ps", abstract = "This paper presents a specifications formalism, Hierarchical Algebraic Nets (HAN), which allows the specification and design of heterogeneous concurrent distributed systems using hierarchical descriptions based on algebraic specifications and Petri nets. A simple example is firstly given in order to present the graphical representation associated to HAN, then the abstract syntax and formal semantics are described. The interesting aspects of HAN for reactive distributed systems development are listed and the link between the HAN model to the SANDS development environment is summarised.", } @InProceedings{Haden88, author = "Steven Haden", booktitle = "Conf{\'e}rence Internationale Francophone Ada, Bruxelles, December 13-14 1988", editor = "AFCET", pages = "1--9", title = "Lexical_Analyser_{G}: Un paquetage d'analyse lexicale multi-langages", year = "1988", keywords = "Ada", ISBN = "2-90367753-0", } @Article{Haden90, author = "Steven Haden", journal = "AdaLetters", month = feb, number = "1", pages = "131--139", title = "Lexical_Analyser_{G}: {A} Multi-Language Lexical Analysis Package", volume = "X", year = "1990", keywords = "Ada", } @InProceedings{Harbour:98:PAIR, author = "M. Gonz{\'a}lez Harbour and R. G{\'o}mez Somarriba and A. Strohmeier and J. Jacot", booktitle = "International Conference on Reliable Software Technologies - Ada-Europe'98, Uppsala, Sweden, June 2-8 1998", editor = "Lars Asplund", note = "Also available as Technical Report EPFL-DI No 98/269", pages = "151--162", publisher = "Springer Verlag", series = "LNCS (Lecture Notes in Computer Science)", volume = "1411", title = "{PINROB}: {A} Portable {API} for Industrial Robots", year = "1998", keywords = "Ada, Testing, ASISRobot, Manufacturing Cell, Production Cell, Robot", URL = "http://lgl.epfl.ch/pub/Papers/gonz-pinrob98.ps", abstract = "This paper describes a software architecture for industrial robots used in manufacturing equipment. In order to achieve software portability, the application software is dissociated from the low-level robot controller software. The interaction between these two pieces of software is achieved by a portable application programming interface (API) for industrial robots. We discuss the requirements for such an API, and propose a design called PINROB.", } @InProceedings{Harbour:98:PS, author = "M. Gonz{\'a}lez Harbour and A. Strohmeier", booktitle = "Internal report", month = feb, title = "{PINROB} Specification. Version 2.1", year = "1998", } @InProceedings{Harbour:98:RPAIR, author = "M. Gonz{\'a}lez Harbour and A. Strohmeier", booktitle = "Internal report", month = feb, title = "Requirements for a Portable {API} for Industrial Robots. Version 2.1", year = "1998", } %% @INPROCEEDINGS{Hurzeler:01:ECDSMEVCC, %% AUTHOR = {David Hurzeler and Didier Buchs}, %% TITLE = {An Example in COOPN of Dependable System Modelling for Easier Verification : The Crossroad Controller}, %% BOOKTITLE = {Intl. Workshop on Concurrency in Dependable Computing, Newcastle}, %% PAGES = {69 - 78}, %% MONTH = {June}, %% YEAR = {2001}, %% } } @InProceedings{Hurzeler:02:COFNSR, author = "David Hurzeler and Didier Buchs", booktitle = "Ph.D. Workshop at FMOODS (CD-ROM)", title = "A Component-Oriented Formalism for new Subtype Relations", month = mar, year = "2002", keywords = "Conform", } @PhdThesis{Hurzeler:04:PHD, author = "David Hurzeler", school = "School of Computer \& Communications Sciences, Ecole Polytechnique F{\'e}d{\'e}rale de Lausanne (EPFL), Switzerland", number = "3131", title = "Flexible subtyping relations for component-oriented formalisms and their verification", year = "2004", keywords = "OOMethod, Conform, PhD", } @TechReport{Hulaas95, author = "Jarle G. Hulaas", institution = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", number = "DI/95/155", title = "Introduction to Object-Oriented Mixed Prototyping with Algebraic Specifications", year = "1995", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/hulaas-Intro-OOMP.ps", abstract = "Automatic implementations of abstract data types (ADT) from algebraic specifications are currently all done in either functional, logical or purely imperative languages. In this paper we show how object-oriented languages naturally facilitate this job, and why they provide better flexibility in the process of progressively replacing the automatically generated code by more efficient hand-written code, a process we call object-oriented mixed prototyping (OOMP).", } @InProceedings{Hulaas:01:FDMACAPN, author = "Jarle G. Hulaas and Alex Villaz{\'{o}}n and Didier Buchs", title = "Formal Development of Mobile Agents with Coordinated Algebraic Petri Nets", booktitle = "SCI'01 session on Formal Modeling of Agents, Orlando, Florida, USA", publisher = "IEEE Computer Society Press", pages = "3235--3247", month = jul, year = "2001", } @InProceedings{Hulaas:01:ECAPNFMMA, author = "Jarle G. Hulaas and Didier Buchs", title = "An Experiment with Coordinated Algebraic Petri Nets as Formalism for Modeling Mobile Agents", booktitle = "In Proceedings of the First Workshop on Modelling of Objects, Components, and Agents (MOCA'01), Aarhus, Denmark, August 27--28, 2001, Daniel Moldt (Ed.), DAIMI PB-553, Department of Computer Science, University of Aarhus", pages = "73--84", month = aug, year = "2001", ISSN = "0105-8517", } @InProceedings{Hulaas96a, author = "Jarle G. Hulaas", booktitle = "Modelling and Simulation 1996, Budapest, Hungary, June 2-6 1996", editor = "A. Javor and A. Lehmann and I. Molnar", organization = "10th European Simulation Multiconference ESM96", pages = "348--352", publisher = "Society for Computer Simulation International", title = "An Evolutive Distributed Algebraic Petri Nets Simulator", year = "1996", keywords = "Conform", URL = "http://lgl.epfl.ch/pub/Papers/hulaas-ESM96.ps", abstract = "This paper presents a new prototyping methodology for large concurrent systems modelled by the means of hierarchical algebraic Petri nets. First, the source specifications are automatically translated into a main-stream object-oriented language, thus providing a portable and high-level initial implementation. The generated class hierarchy is designed so that the developer may then independantly derive new sub-classes in order to make the simulator more efficient or to add functionalities that could not be specified with Petri nets. This prototyping process is performed incrementally in order to safely validate the modifications against the semantics of the specification. The resulting simulator can finally be considered as the end-user implementation of the specified software system. The originality of our scheme is that we exploit object-oriented programming techniques in the implementation of formal specifications in order to gain flexibility in the development process, and simultaneously to harness this newly acquired freedom.", } @PhdThesis{Hulaas97, author = "Jarle G. Hulaas", address = "Departement d'Informatique, 1015 Lausanne, Switzerland", month = jun, school = "Ecole Polytechnique F\'ed\'erale de Lausanne", number = "1664", title = "An Incremental Prototyping Methodology for Distributed Systems Based on Formal Specifications", year = "1997", keywords = "Conform, OOMethod", URL = "http://lgl.epfl.ch/pub/Papers/hulaas-thesis.pdf", abstract = "This thesis presents a new incremental prototyping methodology for formally specified distributed systems. The objective of this methodology is to fill the gap which currently exists between the phase where a specification is simulated, generally using some sequential logical inference tool, and the phase where the modeled system has a reliable, efficient and maintainable distributed implementation in a main-stream object-oriented programming language. This objective is realized by application of a methodology we call Mixed Prototyping with Object-Orientation (in short, OOMP). This is an extension of an existing approach, namely Mixed Prototyping, that we have adapted to the object-oriented paradigm, of which we exploit the flexibility and inherent capability of modeling abstract entities.
The OOMP process proceeds as follows. First, the source specifications are automatically translated into a class-based object-oriented language, thus providing a portable and high-level initial implementation. The generated class hierarchy is designed so that the developer may independently derive new sub-classes in order to make the prototype more efficient or to add functionalities that could not be specified with the given formalism. This prototyping process is performed incrementally in order to safely validate the modifications against the semantics of the specification. The resulting prototype can finally be considered as the end-user implementation of the specified software.
The originality of our approach is that we exploit object-oriented programming techniques in the implementation of formal specifications in order to gain flexibility in the development process. Simultaneously, the object paradigm gives the means to harness this newly acquired freedom by allowing automatic generation of test routines which verify the conformance of the hand-written code with respect to the specifications.
We demonstrate the generality of our prototyping scheme by applying it to a distributed collaborative diary program within the frame of CO-OPN (Concurrent Object-Oriented Petri Nets), a very powerful specification formalism which allows expressing concurrent and non-deterministic behaviours, and which provides structuring facilities such as modularity, encapsulation and genericity.
An important effort has also been accomplished in the development or adaptation of distributed algorithms for cooperative symbolic resolution. These algorithms are used in the run-time support of the generated prototypes.", } @InProceedings{Hulaas:2003:HP, author = "Jarle G. Hulaas and Dimitri Kalas", booktitle = "HP OpenView University Association 10th Workshop, University of Geneva, Switzerland, July 6-9", year = "2003", title = "Monitoring of Resource Consumption in Java-based Application Servers", keywords = "ResMan, JRAF2, J-RAF2, Java", URL = "http://lgl.epfl.ch/pub/Papers/hulaas-hpovua2003.pdf", abstract = "To realize dependable and profitable information and communication systems, computing resources (CPU, memory, network bandwidth) should be taken into account to a much wider extent than they are today. E-commerce infrastructure, such as application servers, are especially concerned by this issue. This paper shows how an existing Java-based code transformation framework was extended to enable transparent monitoring of resource consumption within the open source Apache Tomcat servlet engine.", } @InProceedings{Hulaas:2004:PEPM, title = "Program Transformations for Portable {CPU} Accounting and Control in {Java}", author = "Jarle Hulaas and Walter Binder", booktitle = "Proceedings of PEPM'04 (2004 ACM SIGPLAN Symposium on Partial Evaluation \& Program Manipulation)", pages = "169--177", address = "Verona, Italy", year = "2004", month = aug # " 24--25", keywords = "ResMan, JRAF2, J-RAF2, Java", URL = "http://www.jraf2.org/", } @InProceedings{Hulaas:2004:GridSecurity, title = "Enhancing {J}ava Grid Computing Security with Resource Control", author = "Jarle Hulaas and Walter Binder and Giovanna Di Marzo Serugendo", booktitle = "International Conference on Grid Services Engineering and Management (GSEM 2004)", address = "Erfurt, Germany", year = "2004", month = sep, keywords = "ResMan, JRAF2, J-RAF2, Java", URL = "http://www.jraf2.org/", } @Article{Jean90, author = "Catherine Jean and Alfred Strohmeier", journal = "Software Engineering Notes", month = oct, number = "5", pages = "44--49", title = "An experience in teaching {OOD} for Ada Software", volume = "15", year = "1990", keywords = "Ada,OOMethod", abstract = "This report relates an experience in teaching an object-oriented method for designing software implemented in Ada.", } @InProceedings{Jean93, author = "Catherine Jean-Pousin and St{\'e}phane Barbey", booktitle = "Software Engineering & its Applications 1993, Paris, France, November 15-19 1993", note = "Also available as Technical Report EPFL-DI No 93/31", organization = "EC2", pages = "149--158", title = "Implementing Associations with {A}da", year = "1993", keywords = "Paper, Ada", URL = "http://lgl.epfl.ch/pub/Papers/jean-implementing_associations-TR93-31.ps", ISBN = "2-910085-00-7", abstract = "Object-oriented programming is a mechanism used to construct modular systems made of reusable components. These systems would be of little use if the objects were all unrelated. This is the reason why the relationships between the objects are one of the major factors in the development of software. Unfortunately, of all the relationships between the objects, the associations are often left aside. Therefore, we investigated a way to implement associations, using a language that does not provide a built-in construct for that purpose.
We first give a definition of the associations and then an implementation-oriented taxonomy of the different kinds of associations. Then, according to this taxonomy, we propose a way to implement the associations using Ada 83. We also show, for a particular case, how Ada 9X can be used. The solutions proposed allow to translate all the semantics attached to associations while preserving the integrity of the system to develop.", } @PhdThesis{Jean93a, author = "Catherine Jean-Pousin", month = jun, school = "Ecole polytechnique f{\'e}d{\'e}rale de Lausanne", number = "1154", title = "Contribution {\`a} une m{\'e}thode de conception par objets pour des logiciels Ada", year = "1993", keywords = "Ada,OOMethod", abstract = "This work proposes an object oriented design method for Ada software. The mehod is mainly intended for software engineers who are not experts in object oriented design, in the context of a course as well as in the context of a firm wanting to acquire experience in object oriented design. To meet this objective, the method is simple and easy to learn. It also minimizes the risks of errors and it is possible to use it without resorting to complex tools in order to easily develop a small application.
We will start by giving the basic concepts used in the method. Then we will describe the phases of the method. Finally, we will apply the method on a small example: a search tool for documents.
The first phase is the software requirements phase in which the functions offered by the software are analysed and described in a software requirements specification. The second phase is the architectural design in which the components of the architecture are identified. The components identified are the objects and classes of the application, their structures, the associations between them, their attributes and the services they export. These components are described in an architectural design document.
The third phase is the detailed design phase in which the components identified during the architectural design phase are described in detail. Among other things, the Ada mechanisms used to code the components are given. The results of this phase are a detailed design document and the Ada specifications of the objects and classes. Finally, the last phase is the implementation phase whose results are the listings of the code implementing objects and classes identified during the second phase.", } @Article{Jean95, author = "Catherine Jean and Fr{\'e}d{\'e}ric Pousin", journal = "Revue des Sciences et Techniques de la Conception - Journal of Design Sciences and Technology", number = "2", pages = "35--52", title = "Objets informatiques et conception architecturale", volume = "4", year = "1995", ISSN = "1270-0517", } @InProceedings{Kande:2000:TUPSA, author = "Mohamed Mancona Kand{\'e} and Alfred Strohmeier", booktitle = "{UML'2000} - The {U}nified {M}odeling {L}anguage: Advancing the Standard, Third International Conference, York, UK, October 2-6, 2000", editor = "Stuart Kent and Andy Evans", note = "Also available as Technical Report EPFL-DI No 00/332", volume = "1939", pages = "513--527", series = "LNCS (Lecture Notes in Computer Science)", title = "Towards a {UML} Profile for Software Architecture", year = "2000", URL = "http://lgl.epfl.ch/pub/Papers/kande-2000-tupsa.pdf", abstract = "To formally describe architectures of software systems, specific languages called Architecture Description Languages (ADLs) have been developed by academic institutions and research labs. However, more and more research and industrial projects are using the standard Unified Modeling Language (UML) for representing software architectures of systems. In this paper, we focus on how to extend the UML by incorporating some key abstractions found in current ADLs, such as connectors, components and configurations, and how the UML can be used for modeling architectural viewpoints. Our approach is demonstrated by the software architecture of a video surveillance system. It is therefore the purpose of the paper to show that a UML profile for software architecture is needed.", } @InProceedings{Kande:2000:ORMSCSA, author = "Mohamed Mancona Kand{\'e} and Alfred Strohmeier", title = "On The Role of Multi-Dimensional Separation of Concerns in Software Architecture", URL = "http://lgl.epfl.ch/pub/Papers/kande-2000-ormscsa.pdf", booktitle = "OOPSLA'2000 Workshop on Advanced Separation of Concerns in Object-Oriented Systems, Minneapolis, Minnesota, USA, October 2000", note = "Also available as Technical Report EPFL-DI No 00/345", year = "2000", abstract = "In this paper we study the need for multidimensional separation of concerns in architecture representations, including architecture-centered software development. We present a case study of a simple video surveillance system, describe its software architecture using an ADL called Wright, and we discuss the pragmatics and problems in the use of ADLs in general, compared to a concern-based approach to software architecture description. Our position is that current ADLs provide architectural abstractions that need to be extended to achieve the major goals of software architecture. Furthermore, in order to cover all concerns of importance in a software architecture description, software architects must be able to separate various dimensions of concern and consider the system from multiple perspectives simultaneously.", } @InProceedings{Kande:2001:MCCUSC, author = "Mohamed Mancona Kand{\'e} and Alfred Strohmeier", title = "Modeling Crosscutting Concerns using Software Connectors", URL = "http://lgl.epfl.ch/pub/Papers/kande-2001-mccusc.pdf", booktitle = "OOPSLA'2001 Workshop on Advanced Separation of Concerns, Tampa, Florida, USA, October 2001", year = "2001", } @InProceedings{Kande:2002:FATUABUA, author = "Mohamed Mancona Kand{\'e} and J{\"o}rg Kienzle and Alfred Strohmeier", title = "From {AOP} to {UML} - {A} Bottom-Up Approach", URL = "http://lgl.epfl.ch/pub/Papers/kande-2002-fatu.pdf", booktitle = "AOSD'2002 Workshop on Aspect-Oriented Modeling with UML, Enschede, The Netherlands, April 2002", year = "2002", abstract = "This position paper takes a bottom-up approach that analyzes the suitability of UML for modeling aspect-oriented software, and compares it with the UML support for modeling object-oriented software. We first introduce the basic concepts of AspectJ, a state-of-the-art aspect-oriented programming language, and then take a na{\"i}ve approach using standard UML, as it is, for modeling these concepts. As the limitations of current UML become apparent, we propose some extensions to UML to overcome these limitations.", } @Article{Kande:2002:BGBIADLU, author = "Mohamed M. Kand{\'e} and Valentin Crettaz and Alfred Strohmeier and Shane Sendall", title = "Bridging the Gap between {IEEE} 1471, Architecture Description Languages and {UML}", journal = "Journal on Software and Systems Modeling", editor = "Robert France and Bernhard Rumpe", publisher = "Springer Verlag", volume = "1", number = "2", pages = "113--129", ISSN = "1619-1366 (Printed version)", year = "2002", note = "ISSN: 1619-1374 (Electronic version). Also available as Technical Report IC/2002/59, Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", URL = "http://ic2.epfl.ch/publications/documents/IC_TECH_REPORT_200259.pdf", } @InProceedings{Kande:2002:FATUTAOAMA, author = "Mohamed Mancona Kand{\'e} and J{\"o}rg Kienzle and Alfred Strohmeier", title = "From {AOP} to {UML}: Towards an Aspect-Oriented Architectural Modeling Approach", booktitle = "the Second International Workshop on Aspect-Oriented Modeling with UML, in conjunction with the Fifth International Conference on the Unified Modeling Language - the Language and its Applications (UML2002), September 30 - October 4, 2002, Dresden, Germany", year = "2002", note = "Also available as Technical Report IC/2002/58, Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL), School of Computer and Communication Sciences", URL = "http://ic2.epfl.ch/publications/documents/IC_TECH_REPORT_200258.pdf", abstract = "Capturing concerns that crosscut the boundaries of multiple components in software architecture descriptions is problematic. Standard description languages, such as UML, do not provide adequate means to understand and modularize such concerns, but aspect-oriented programming techniques do. This paper explores and analyzes the suitability of UML for aspect-oriented architectural modeling. It takes a bottom-up approach, starting from the code level to the level of software architecture description, via aspect-oriented design, using standard UML.", } @PhdThesis{Kande03, author = "Mohamed M. Kand{\'e}", school = "Ecole polytechnique f{\'e}d{\'e}rale de Lausanne", number = "2796", title = "A Concern-Oriented Approach to Software Architecture", year = "2003", URL = "http://lgl.epfl.ch/pub/Papers/kande-thesis.pdf", abstract = "A major cause of many complications in the field of software architectures is the lack of appropriate abstractions for separating, combining and encapsulating concerns of various kinds in architectural descriptions.
Architectures of most complex software-intensive systems involve concerns that inherently crosscut the natural boundaries of the elements composing the architecture descriptions. Crosscutting concerns intersect the common modularity of systems as prescribed by their architecture descriptions, by traversing both the components and connectors, i.e., the relationships among the components. Crosscutting concerns are critical aspects of many architectural problems. However, architectural descriptions written in special-purpose languages (ADLs) like Wright, Darwin, Rapide and Acme should support descriptions of multiple structures, which include diagrams, models and views, that intentionally address different kinds of concerns. ADLs should show how various concerns affect each other in architectural designs; they should also allow one to identify, analyze and elaborate architectural concerns that cut across several software components, such as transactions, security, load balancing, synchronization, reuse, customization, scalability, etc.; they should, but they do not.
This dissertation presents a new approach to software architecture that is suitable for supporting concern-oriented development and documentation of architectures for software-intensive systems. This approach allows for creating and documenting a multidimensional software structure that is referred to as concern-oriented software architecture; it provides new mechanisms for encapsulating individual concerns into independent architectural constructs. The ultimate goal of this new approach is to provide support for achieving design by concerns all through the development and description of software architectures. Moving towards this goal, we present a particular concern-oriented architectural framework called Perspectival Concern-Spaces (PCS). The PCS Framework offers a flexible and extensible means a) for supporting advanced separation of concerns in architectural design, and in the construction and evolution of software-intensive systems; and b) for filling the gap between architectural descriptions and modern software development artifacts.
To show the feasibility of the proposed approach, we provide new modeling techniques that are used to describe and apply an aspect-oriented architectural pattern, called the On-demand Remodularization pattern. We give several examples of how the PCS Framework can be used to integrate concern-oriented architectural documentations with mainstream software development artifacts.", } @InProceedings{Kempe94, author = "Magnus Kempe and St{\'e}phane Barbey and Alfred Strohmeier", booktitle = "TRI-Ada'94 Tutorials, Baltimore, Maryland, USA, 1994", note = "Also available as Technical Report EPFL-DI No 96/175", pages = "373--467", publisher = "ACM Press", title = "Advanced Object-Oriented Programming with {A}da 9{X}", year = "1994", keywords = "Tutorial, Ada", abstract = "Ada 9X -the revised definition of the Ada programming language- provides support for object-oriented programming. This course offers a comprehensive view of object-oriented programming with Ada; it is divided in four parts. First, we examine the object-oriented features of the language, their use, and how they fit into Ada's strong type system and genericity mechanisms. Basic object-oriented mechanisms are covered: extension, inheritance, and polymorphism. Second, we show how to integrate these mechanisms into good programming practices; topics include incremental programming, heterogeneous data structures, mixin and sibling inheritance. We then give a complete application to demonstrate the proper use of these features in order to design for reuse, and to transition smoothly from Ada 83 to Ada 9X. Finally, we compare standard object-oriented idioms in Ada vs. major object-oriented languages (e.g. C++, Smalltalk, Eiffel).", } @InProceedings{Kempe94a, author = "Magnus Kempe", booktitle = "TRI-Ada'94, Baltimore, Maryland, USA, 1994", editor = "B. Charles and Jr. Engle", note = "Also available as Technical Report EPFL-DI No 94/66", pages = "141--152", publisher = "ACM Press", title = "Abstract Data Types Are Under Full Control with Ada 9{X}", year = "1994", keywords = "Ada", URL = "http://lgl.epfl.ch/pub/Papers/kempe-ADT_Control-TR94-66.ps", abstract = "Ada 83 did not provide enough control on the creation, assignment, and destruction of objects of user-defined types. This lack of control restricted type composition and prevented the full exercise of information hiding on Abstract Data Types. Ada 9X brings new mechanisms supporting the full control of Abstract Data Types, powerful type composition, and more extensive information hiding. With better control of Abstract Data Types, Ada code will be easier to write, understand, and reuse. Thus, applications written in Ada 9X will be safer.
Keywords: Abstract data types, Information hiding, Ada 9X, Object initialization, User-defined Assignment, Object finalization, Memory Reclamation, Reference counting, Type composition.", } @InProceedings{Kempe94b, author = "Magnus Kempe", booktitle = "TRI-Ada'94 Tutorial {"}Advanced Object-Oriented Programming with Ada 9X{"}, Baltimore, Maryland, USA, 1994", publisher = "ACM Press", title = "A Framework for The Blackboard Model", year = "1994", keywords = "Ada", URL = "http://lgl.epfl.ch/pub/Papers/kempe-Blackboard-Overview.ps", abstract = "The blackboard model is a flexible problem-solving approach where the data and knowledge rules are strictly separated. The data generated during a problem resolution, from a problem statement to a solution through various stages of inferences, is centrally stored in many forms of objects. The knowledge rules are divided into independent experts; each expert contributes to the resolution with its knowledge of how to search for a (partial) solution of (parts of) the problem.
A blackboard system is composed of three main components: the blackboard, which is a database containing data and hypotheses; knowledge sources, which examine the state of the blackboard and create new data or hypotheses; and a control mechanism, which regulates the incremental hypothesizing and testing.
A blackboard application is a particular
problem-solving system developed on top of a blackboard
framework. A blackboard framework is an architecture,
or skeleton, embodying a blackboard model. This paper
describes the architecture of a blackboard framework
(or {"}pattern{"}), in order to illustrate advanced
object-oriented concepts in Ada 95.",
}
@InProceedings{Kempe95,
author = "Magnus Kempe",
booktitle = "TRI-Ada'95, Anaheim, California, USA, 1995",
publisher = "ACM Press",
title = "The Composition of Abstractions: Evolution of Software
Component Design with Ada 95",
year = "1995",
keywords = "Ada",
}
@InProceedings{Kempe95a,
author = "Magnus Kempe",
booktitle = "Ada-Europe'95, Frankfurt, Germany, October 2-6 1995",
editor = "Toussaint",
pages = "71--80",
publisher = "Springer Verlag",
series = "LNCS (Lecture Notes in Computer Science)",
volume = "1031",
title = "Heterogeneous Data Structures and Cross-Classification
of Objects with Ada 95",
year = "1995",
keywords = "Ada",
}
@PhdThesis{kienzle:2001:OMTTMOOP,
author = "J{\"o}rg Kienzle",
address = "Software Engineering Laboratory, Computer Science
Departement, EPFL, 1015 Lausanne, Switzerland",
school = "Ecole Polytechnique F\'ed\'erale de Lausanne (EPFL),
School of Computer and Communication Sciences",
number = "2393",
title = "Open Multithreaded Transactions: {A} Transaction Model
for Concurrent Object-Oriented Programming",
year = "2001",
keywords = "Concurrency, Fault Tolerance, Exceptions, Optima,
PhD",
URL = "http://lgl.epfl.ch/pub/Papers/kienzle-thesis.pdf",
abstract = "To read the abstract, please go to my
PhD home page.",
keywords = "omtt, fault tolerance, exceptions, optima, framework,
ada, auction",
URL = "http://lgl.epfl.ch/pub/Papers/kienzle-thesis.pdf",
}
@Article{Kienzle:02:FBDPPPOOPL,
author = "J{\"o}rg Kienzle and Alexander Romanovsky and Alfred
Strohmeier",
title = "A Framework Based on Design Patterns for Providing
Persistence in Object-Oriented Programming Languages",
year = "2002",
journal = "IEE Software Engineering Journal",
volume = "149",
number = "3",
pages = "77--85",
}
@InProceedings{Rybin:2002:ADBPPA,
author = "Sergey Rybin and Alfred Strohmeier",
booktitle = "Reliable Software Technologies - Ada-Europe 2002",
series = "LNCS (Lecture Notes in Computer Science)",
volume = "2361",
publisher = "Springer Verlag",
pages = "257--268",
editor = "Johann Blieberger and Alfred Strohmeier",
year = "2002",
title = "About the Difficulties of Building a Pretty-Printer
for Ada",
}
@Article{Kienzle:99:IOOPPOA,
author = "Andy J. Wellings and Bob Johnson and Bo Sanden and
J{\"o}rg Kienzle and Thomas Wolf and Stephen Michell",
title = "Integrating Object-Oriented Programming and Protected
Objects in Ada 95",
year = "2000",
journal = "ACM Transactions On Programming Languages and
Systems",
publisher = "ACM Press",
volume = "22",
number = "3",
pages = "506--539",
note = "Also available as Technical Report EPFL-DI No 99/321",
URL = "http://lgl.epfl.ch/pub/Papers/kienzle-Toplas.pdf",
abstract = "Integrating concurrent and object-oriented programming
as been an active research topic since the late 1980s.
There is now a plethora of methods for achieving this
integration. The majority of approaches have taken a
sequential object-oriented language and made it
concurrent. A few approaches have taken a concurrent
language and made it object-oriented. The most
important of this latter case is the Ada 95 language
which is an extension to the object-based concurrent
programming language Ada 83. Arguably, Ada 95 does not
fully integrate its models of concurrency and
object-oriented programming. For example. neither tasks
nor protected objects are extensible. This paper
discusses ways in which protected objects can be made
more extensible.",
}
@InProceedings{kienzle:2000:OMTKTEC,
author = "J{\"o}rg Kienzle and Alexander Romanovsky and Alfred
Strohmeier",
booktitle = "6th International Workshop on Object-Oriented
Real-Time Dependable Systems, Roma, Italy, 8 - 10
January, 2001",
publisher = "IEEE Computer Society Press",
pages = "197--205",
address = "Los Alamitos, California, USA",
year = "2001",
title = "Open Multithreaded Transactions: Keeping Threads and
Exceptions under Control",
note = "Also available as Technical Report EPFL 2001/357",
URL = "http://lgl.epfl.ch/pub/Papers/kienzle-WORDS01.pdf",
abstract = "Although transactional models have proved to be very
useful for numerous applications, the development of
new models to reflect the ever-increasing complexity
and diversity of modern applications is a very active
area of research. Analysis of the existing models of
multithreaded transactions shows that they either give
too much freedom to threads and do not control their
participation in transactions, or unnecessarily
restrict the computational model by assuming that only
one thread can enter a transaction. Another important
issue, which many models do not address properly, is
providing adequate exception handling features. In this
paper a new model of multithreaded transactions is
proposed. Its detailed description is given, including
rules of thread behaviour when transactions start,
commit and abort, and rules of exception raising,
propagation and handling. This model is supported by
enhanced error detection techniques to allow for
earlier error detection and for localised recovery.
General approaches to implementing transaction support
are discussed and a detailed description of an Ada
implementation is given. Special attention is paid to
outlining typical applications for which this model is
suitable and to comparing it with several known
approaches (Coordinated Atomic actions, CORBA, and
Argus).",
keywords = "omtt, fault tolerance, transactions, multithreaded,
exceptions",
}
@InProceedings{kienzle:2002:AOPDIMS,
author = "J{\"o}rg Kienzle and Rachid Guerraoui",
booktitle = "Proceedings of the 16th European Conference on
Object-Oriented Programming (ECOOP