TY - JOUR
T1 - Core Hybrid Event-B II
T2 - Multiple cooperating Hybrid Event-B machines
AU - Banach, Richard
AU - Butler, Michael
AU - Qin, Shengchao
AU - Zhu, Huibiao
PY - 2017/6/1
Y1 - 2017/6/1
N2 - Hybrid Event-B, initially introduced for single machines to add continuously varying behaviour to discrete change of state in Event-B, is extended to cater for multiple cooperating machines. Multiple machine working is mediated by INTERFACE and PROJECT constructs. The former encapsulates a set of variables, their invariants and initialisations, in a form that several machines can exploit simultaneously. The latter organises the set of cooperating machines and interfaces into a coherent system. Machine instantiation and composition via interfaces are discussed. Machine decomposition is explored in this framework. Multi-machine refinement is described. A hypergraph project architecture is proposed. Two small case studies, on power switching and on the European Train Control System (the latter treated earlier within the single machine formalism), illustrate these mechanisms. The semantics of interacting multi-machine systems is described, and proof obligations that ensure correctness are covered.
AB - Hybrid Event-B, initially introduced for single machines to add continuously varying behaviour to discrete change of state in Event-B, is extended to cater for multiple cooperating machines. Multiple machine working is mediated by INTERFACE and PROJECT constructs. The former encapsulates a set of variables, their invariants and initialisations, in a form that several machines can exploit simultaneously. The latter organises the set of cooperating machines and interfaces into a coherent system. Machine instantiation and composition via interfaces are discussed. Machine decomposition is explored in this framework. Multi-machine refinement is described. A hypergraph project architecture is proposed. Two small case studies, on power switching and on the European Train Control System (the latter treated earlier within the single machine formalism), illustrate these mechanisms. The semantics of interacting multi-machine systems is described, and proof obligations that ensure correctness are covered.
UR - http://www.scopus.com/inward/record.url?scp=85013371885&partnerID=8YFLogxK
U2 - 10.1016/j.scico.2016.12.003
DO - 10.1016/j.scico.2016.12.003
M3 - Article
AN - SCOPUS:85013371885
SN - 0167-6423
VL - 139
SP - 1
EP - 35
JO - Science of Computer Programming
JF - Science of Computer Programming
ER -