Showing 1–2 of 2 results for author: Wahls, T

Formal Semantics and Soundness of a Translation from Event-B Actions to SQL Statements

Authors: Tim Wahls

Abstract: The EventB2SQL tool translates Event-B models to persistent Java applications that store the state of the model in a relational database. Most Event-B assignments are translated directly to SQL database modification statements, which can then be executed against the database. In this work, we present a formal semantics for and prove the soundness of the translation of sets of assignment statements… ▽ More The EventB2SQL tool translates Event-B models to persistent Java applications that store the state of the model in a relational database. Most Event-B assignments are translated directly to SQL database modification statements, which can then be executed against the database. In this work, we present a formal semantics for and prove the soundness of the translation of sets of assignment statements representing the actions of an Event-B event. This allows the generated code to be used with confidence in its correctness. △ Less

Submitted 8 June, 2016; originally announced June 2016.

A Machine-Checked Proof for a Translation of Event-B Machines to JML

Authors: Néstor Cataño, Camilo Rueda, Tim Wahls

Abstract: We present a machine-checked soundness proof of a translation of Event-B to the Java Modeling Language (JML). The translation is based on an operator EventB2Jml that maps Evnet-B events to JML method specifications, and deterministic and non-deterministic assignments to JML method post-conditions. This translation has previously been implemented as the EventB2Jml tool. We adopted a taking our own… ▽ More We present a machine-checked soundness proof of a translation of Event-B to the Java Modeling Language (JML). The translation is based on an operator EventB2Jml that maps Evnet-B events to JML method specifications, and deterministic and non-deterministic assignments to JML method post-conditions. This translation has previously been implemented as the EventB2Jml tool. We adopted a taking our own medicine approach in the formalisation of our proof so that Event-B as well as JML are formalised in Event-B and the proof is discharged with the Rodin platform. Hence, for any Event-B substitution (whether an event or an assignment) and for the JML method specification obtained by applying EventB2Jml to the substitution, we prove that the semantics of the JML method specification is simulated by the semantics of the substitution. Therefore, the JML specification obtained as translation from the Event-B substitution is a refinement of the substitution. Our proof includes invariants and the standard Event-B initialising event, but it does not include full machines or Event-B contexts. We assume that the semantics of JML and Event-B operate both on the same initial and final states, and we justify our assumption. △ Less

Submitted 9 September, 2013; originally announced September 2013.

Comments: 26 pages