Skip to main content
Springer Nature Link
Log in

UTP, Circus, and Isabelle

  • Chapter
  • First Online:
Theories of Programming and Formal Methods

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14080))

Abstract

We dedicate this paper with great respect and friendship to He Jifeng on the occasion of his 80th birthday. Our research group owes much to him. The authors have over 150 publications on unifying theories of programming (UTP), a research topic Jifeng created with Tony Hoare. Our objective is to recount the history of Circus (a combination of Z, CSP, Dijkstra’s guarded command language, and Morgan’s refinement calculus) and the development of Isabelle/UTP. Our paper is in two parts. (1) We first discuss the activities needed to model systems: we need to formalise data models and their behaviours. We survey our work on these two aspects in the context of Circus. (2) Secondly, we describe our practical implementation of UTP in Isabelle/HOL. Mechanising UTP theories is the basis of novel verification tools. We also discuss ongoing and future work related to (1) and (2). Many colleagues have contributed to these works, and we acknowledge their support.

F. Zeyda—Independent Researcher.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Isabelle/UTP Website: http://isabelle-utp.york.ac.uk.

  2. 2.

    Comprehensive Modelling for Advanced Systems of Systems, EU FP7 Project 287829.

References

  1. Abrial, J.-R.: Steam-boiler control specification problem. In: Abrial, J.-R., Börger, E., Langmaack, H. (eds.) Formal Methods for Industrial Applications. LNCS, vol. 1165, pp. 500–509. Springer, Heidelberg (1996). https://doi.org/10.1007/BFb0027252

    Chapter  Google Scholar 

  2. Abrial, J.-R., Börger, E., Langmaack, H. (eds.): Formal Methods for Industrial Applications: Specifying and Programming the Steam Boiler Control. LNCS, vol. 1165. Springer, Heidelberg (1996). https://doi.org/10.1007/BFb0027227

    Book  MATH  Google Scholar 

  3. Althoff, M.: An introduction to CORA 2015. In: Frehse, G., Althoff, M. (eds.) 1st and 2nd International Workshop on Applied Verification for Continuous and Hybrid Systems. EPiC Series in Computing, vol. 34, pp. 120–151. EasyChair (2015)

    Google Scholar 

  4. Arthan, R.: ProofPower. Lemma 1 Ltd. (2017). https://www.lemma-one.com/ProofPower/index/

  5. Atiya, D.M., King, S.: A compliance notation for verifying concurrent systems. In: Proceedings of the 24th International Conference on Software Engineering, ICSE 2002, pp. 731–732. Association for Computing Machinery (2002). https://doi.org/10.1145/581339.581475

  6. Atiya, D.-A., King, S., Woodcock, J.C.P.: A Circus semantics for Ravenscar protected objects. In: Araki, K., Gnesi, S., Mandrioli, D. (eds.) FME 2003. LNCS, vol. 2805, pp. 617–635. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45236-2_34

    Chapter  Google Scholar 

  7. Back, R.J.R., Wright, J.: Refinement Calculus: A Systematic Introduction. Graduate Texts in Computer Science, Springer, New York (1998). https://doi.org/10.1007/978-1-4612-1674-2

    Book  MATH  Google Scholar 

  8. Back, R., Kurki-Suonio, R.: Decentralization of process nets with centralized control. Distrib. Comput. 3(2), 73–87 (1989). https://doi.org/10.1007/BF01558665

    Article  Google Scholar 

  9. Baltag, A., Moss, L.S., Solecki, S.: The logic of public announcements and common knowledge and private suspicions. In: Gilboa, I. (ed.) Proceedings of the 7th Conference on Theoretical Aspects of Rationality and Knowledge (TARK-1998), Evanston, IL, USA, 22–24 July 1998, pp. 43–56. Morgan Kaufmann (1998)

    Google Scholar 

  10. Barnes, J.: Programming in ADA 95, 2nd edn. Addison-Wesley (1998)

    Google Scholar 

  11. Barrocas, S.L.M., Oliveira, M.V.M.: JCircus 2.0: an extension of an automatic translator from Circus to Java. In: Welch, P.H., Barnes, F.R.M., Chalmers, K., Pedersen, J.B., Sampson, A.T. (eds.) 34th Communicating Process Architectures, CPA 2012, Organised Under the Auspices of WoTUG, Dundee, Scotland, UK, 26 August 2012, pp. 15–36. Open Channel Publishing Ltd. (2012)

    Google Scholar 

  12. Bauer, J.C.: Specification for a software program for a boiler water content monitor and control system. Technical report, Institute of Risk Research, University of Waterloo (1993)

    Google Scholar 

  13. Behrmann, G., et al.: UPPAAL 4.0. In: 3rd International Conference on the Quantitative Evaluation of Systems, pp. 125–126. IEEE Computer Society (2006)

    Google Scholar 

  14. Burns, A., Dobbing, B., Romanski, G.: The Ravenscar tasking profile for high integrity real-time programs. In: Asplund, L. (ed.) Ada-Europe 1998. LNCS, vol. 1411, pp. 263–275. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0055011

    Chapter  Google Scholar 

  15. Butterfield, A., Gancarski, P., Woodcock, J.C.P.: State visibility and communication in unifying theories of programming. In: Chin, W.N., Qin, S. (eds.) 3rd IEEE International Symposium on Theoretical Aspects of Software Engineering, pp. 47–54. IEEE Computer Society (2009)

    Google Scholar 

  16. Butterfield, A., Sherif, A., Woodcock, J.: Slotted-Circus. In: Davies, J., Gibbons, J. (eds.) IFM 2007. LNCS, vol. 4591, pp. 75–97. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-73210-5_5

    Chapter  Google Scholar 

  17. Butterfield, A., Woodcock, J.: Semantic domains for Handel-C. In: Flynn, S., et al. (eds.) Second Irish Conference on the Mathematical Foundations of Computer Science and Information Technology, MFCSIT 2002. Electronic Notes in Theoretical Computer Science, Galway, Ireland, 18–19 July 2002, vol. 74, pp. 1–20. Elsevier (2002). https://doi.org/10.1016/S1571-0661(04)80762-X

  18. Butterfield, A., Woodcock, J.: prialt in Handel-C: an operational semantics. Int. J. Softw. Tools Technol. Transf. 7(3), 248–267 (2005). https://doi.org/10.1007/s10009-004-0181-6

    Article  Google Scholar 

  19. Canham, S., Woodcock, J.: Three approaches to timed external choice in UTP. In: Naumann, D. (ed.) UTP 2014. LNCS, vol. 8963, pp. 1–20. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-14806-9_1

    Chapter  Google Scholar 

  20. Cavalcanti, A., et al.: RoboStar technology: a roboticist’s toolbox for combined proof, simulation, and testing. In: Cavalcanti, A., Dongol, B., Hierons, R., Timmis, J., Woodcock, J. (eds.) Software Engineering for Robotics, pp. 249–293. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-66494-7_9

    Chapter  Google Scholar 

  21. Cavalcanti, A., Baxter, J., Carvalho, G.: RoboWorld: where can my robot work? In: Calinescu, R., Păsăreanu, C.S. (eds.) SEFM 2021. LNCS, vol. 13085, pp. 3–22. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-92124-8_1

    Chapter  Google Scholar 

  22. Cavalcanti, A.L.C., Gaudel, M.C.: Testing for refinement in Circus. Acta Informatica 48(2), 97–147 (2011). https://doi.org/10.1007/s00236-011-0133-z

    Article  MathSciNet  MATH  Google Scholar 

  23. Cavalcanti, A.L.C., Sampaio, A.C.A., Woodcock, J.C.P.: A refinement strategy for Circus. Formal Aspects Comput. 15(2–3), 146–181 (2003). https://doi.org/10.1007/s00165-003-0006-5

    Article  MATH  Google Scholar 

  24. Cavalcanti, A., Woodcock, J.: A tutorial introduction to CSP in Unifying Theories of Programming. In: Cavalcanti, A., Sampaio, A., Woodcock, J. (eds.) PSSE 2004. LNCS, vol. 3167, pp. 220–268. Springer, Heidelberg (2006). https://doi.org/10.1007/11889229_6

    Chapter  Google Scholar 

  25. Cavalcanti, A.L.C., Woodcock, J.C.P., Dunne, S.: Angelic nondeterminism in the unifying theories of programming. Formal Aspects Comput. 18(3), 288–307 (2006). https://doi.org/10.1007/s00165-006-0001-8

    Article  MATH  Google Scholar 

  26. Cavalcanti, A., Sampaio, A., Woodcock, J.: Refinement of actions in Circus. In: Derrick, J., Boiten, E.A., Woodcock, J., von Wright, J. (eds.) BCS FACS Refinement Workshop 2002, Refine 2002, Satellite Event of FLoC 2002. Electronic Notes in Theoretical Computer Science, Copenhagen, Denmark, 20–21 July 2002, vol. 70, pp. 132–162. Elsevier (2002). https://doi.org/10.1016/S1571-0661(05)80489-X

  27. Cavalcanti, A., Sampaio, A., Woodcock, J.: A refinement strategy for Circus. Formal Aspects Comput. 15(2–3), 146–181 (2003). https://doi.org/10.1007/s00165-003-0006-5

    Article  MATH  Google Scholar 

  28. Cavalcanti, A., Woodcock, J.: ZRC – a refinement calculus for Z. Formal Aspects Comput. 10(3), 267–289 (1998). https://doi.org/10.1007/s001650050016

    Article  MATH  Google Scholar 

  29. Cavalcanti, A., Woodcock, J.: Predicate transformers in the semantics of Circus. IEE Proc. Softw. 150(2), 85–94 (2003). https://doi.org/10.1049/ip-sen:20030131

    Article  Google Scholar 

  30. Copilot: Your AI pair programmer. GitHub. https://copilot.github.com. Accessed 18 June 2023

  31. Dijkstra, E.W.: A Discipline of Programming. Prentice Hall (1976). https://www.worldcat.org/oclc/01958445l

  32. Feliachi, A., Gaudel, M.-C., Wolff, B.: Unifying theories in Isabelle/HOL. In: Qin, S. (ed.) UTP 2010. LNCS, vol. 6445, pp. 188–206. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16690-7_9

    Chapter  MATH  Google Scholar 

  33. Feliachi, A., Gaudel, M.C., Wolff, B.: Exhaustive testing in HOL-Testgen/CirTa – a case study. Technical report 1562, LRI, July 2013

    Google Scholar 

  34. Feliachi, A.: Semantics-based testing for Circus. (Test basé sur la sémantique pour Circus). Ph.D. thesis, University of Paris-Sud, Orsay, France (2012). https://theses.hal.science/tel-00821836

  35. Feliachi, A., Gaudel, M.-C., Wenzel, M., Wolff, B.: The Circus testing theory revisited in Isabelle/HOL. In: Groves, L., Sun, J. (eds.) ICFEM 2013. LNCS, vol. 8144, pp. 131–147. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-41202-8_10

    Chapter  Google Scholar 

  36. Feliachi, A., Gaudel, M.-C., Wolff, B.: Isabelle/Circus: a process specification and verification environment. In: Joshi, R., Müller, P., Podelski, A. (eds.) VSTTE 2012. LNCS, vol. 7152, pp. 243–260. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27705-4_20

    Chapter  Google Scholar 

  37. Feliachi, A., Wolff, B., Gaudel, M.: Isabelle/Circus. Arch. Formal Proofs 2012 (2012). https://www.isa-afp.org/entries/Circus.shtml

  38. Fischer, C.: How to combine Z with a process algebra. In: Bowen, J.P., Fett, A., Hinchey, M.G. (eds.) ZUM 1998. LNCS, vol. 1493, pp. 5–23. Springer, Heidelberg (1998). https://doi.org/10.1007/978-3-540-49676-2_2

    Chapter  Google Scholar 

  39. Fischer, C., Wehrheim, H.: Failure-divergence semantics as a formal basis for an object-oriented integrated formal method. Bull. EATCS 71, 92–101 (2000)

    MATH  Google Scholar 

  40. Foster, J.: Bidirectional programming languages. Ph.D. thesis, University of Pennsylvania (2009)

    Google Scholar 

  41. Foster, S.: Hybrid relations in Isabelle/UTP. In: Ribeiro, P., Sampaio, A. (eds.) UTP 2019. LNCS, vol. 11885, pp. 130–153. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-31038-7_7

    Chapter  Google Scholar 

  42. Foster, S., Cavalcanti, A.L.C., Canham, S., Woodcock, J.C.P., Zeyda, F.: Unifying theories of reactive design contracts. Theor. Comput. Sci. 802, 105–140 (2020). https://doi.org/10.1016/j.tcs.2019.09.017

    Article  MathSciNet  MATH  Google Scholar 

  43. Foster, S., Cavalcanti, A.L.C., Woodcock, J.C.P., Zeyda, F.: Unifying theories of time with generalised reactive processes. Inf. Process. Lett. 135, 47–52 (2018). https://doi.org/10.1016/j.ipl.2018.02.017

    Article  MathSciNet  MATH  Google Scholar 

  44. Foster, S., Ye, K., Cavalcanti, A.L.C., Woodcock, J.C.P.: Automated verification of reactive and concurrent programs by calculation. J. Log. Algebraic Methods Program. 121, 100681 (2021). https://doi.org/10.1016/j.jlamp.2021.100681

    Article  MathSciNet  MATH  Google Scholar 

  45. Foster, S., Zeyda, F., Woodcock, J.: Isabelle/UTP: a mechanised theory engineering framework. In: Naumann, D. (ed.) UTP 2014. LNCS, vol. 8963, pp. 21–41. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-14806-9_2

    Chapter  Google Scholar 

  46. Foster, S., Baxter, J., Cavalcanti, A., Woodcock, J., Zeyda, F.: Unifying semantic foundations for automated verification tools in Isabelle/UTP. Sci. Comput. Program. 197, 102510 (2020). https://doi.org/10.1016/j.scico.2020.102510

    Article  Google Scholar 

  47. Foster, S., Hur, C., Woodcock, J.: Formally verified simulations of state-rich processes using interaction trees in Isabelle/HOL. In: Haddad, S., Varacca, D. (eds.) 32nd International Conference on Concurrency Theory, CONCUR 2021. LIPIcs, 24–27 August 2021, Virtual Conference, vol. 203, pp. 20:1–20:18. Schloss Dagstuhl - Leibniz-Zentrum für Informatik (2021). https://doi.org/10.4230/LIPIcs.CONCUR.2021.20

  48. Foster, S., Huerta y Munive, J.J., Gleirscher, M., Struth, G.: Hybrid systems verification with Isabelle/HOL: simpler syntax, better models, faster proofs. In: Huisman, M., Păsăreanu, C., Zhan, N. (eds.) FM 2021. LNCS, vol. 13047, pp. 367–386. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-90870-6_20

    Chapter  Google Scholar 

  49. Foster, S., Zeyda, F., Woodcock, J.: Unifying heterogeneous state-spaces with lenses. In: Sampaio, A., Wang, F. (eds.) ICTAC 2016. LNCS, vol. 9965, pp. 295–314. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46750-4_17

    Chapter  Google Scholar 

  50. Freitas, A., Cavalcanti, A.: Automatic translation from Circus to Java. In: Misra, J., Nipkow, T., Sekerinski, E. (eds.) FM 2006. LNCS, vol. 4085, pp. 115–130. Springer, Heidelberg (2006). https://doi.org/10.1007/11813040_9

    Chapter  Google Scholar 

  51. Freitas, L.J.S.: Model checking Circus. Ph.D. thesis, University of York, Department of Computer Science (2006)

    Google Scholar 

  52. Freitas, L., McDermott, J.P.: Formal methods for security in the Xenon hypervisor. Int. J. Softw. Tools Technol. Transf. 13(5), 463–489 (2011). https://doi.org/10.1007/s10009-011-0195-9

    Article  Google Scholar 

  53. Gibson-Robinson, T., Armstrong, P.J., Boulgakov, A., Roscoe, A.W.: FDR3: a parallel refinement checker for CSP. Int. J. Softw. Tools Technol. Transf. 18(2), 149–167 (2016). https://doi.org/10.1007/s10009-015-0377-y

    Article  MATH  Google Scholar 

  54. Goguen, J.A., Meseguer, J.: Unwinding and inference control. In: Proceedings of the 1984 IEEE Symposium on Security and Privacy, Oakland, California, USA, 29 April–2 May 1984, pp. 75–87. IEEE Computer Society (1984). https://doi.org/10.1109/SP.1984.10019

  55. Guttman, W., Möller, B.: Normal design algebra. J. Log. Algebraic Program. 79(2), 144–173 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  56. Harwood, W., Cavalcanti, A., Woodcock, J.: A theory of pointers for the UTP. In: Fitzgerald, J.S., Haxthausen, A.E., Yenigun, H. (eds.) ICTAC 2008. LNCS, vol. 5160, pp. 141–155. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85762-4_10

    Chapter  MATH  Google Scholar 

  57. Henkin, L., Monk, J., Tarski, A.: Cylindric Algebras, Part I. North-Holland (1971)

    Google Scholar 

  58. Hoare, C.A.R.: Communicating Sequential Processes. International Series in Computer Science. Prentice Hall (1985)

    Google Scholar 

  59. Hoare, C.A.R., He, J.: Unifying Theories of Programming. Series in Computer Science. Prentice Hall (1998)

    Google Scholar 

  60. Jones, G., Goldsmith, M.: Programming in OCCAM 2. International Series in Computer Science. Prentice Hall (1985)

    Google Scholar 

  61. Kaelbling, L.P., Littman, M.L., Cassandra, A.R.: Planning and acting in partially observable stochastic domains. Artif. Intell. 101(1–2), 99–134 (1998). https://doi.org/10.1016/S0004-3702(98)00023-X

    Article  MathSciNet  MATH  Google Scholar 

  62. King, S., Sørensen, l.H., Woodcock, J.: Z, Grammar and Concrete and Abstract Syntaxes. Technical Monograph PRG-68. Oxford University Computing Laboratory, Programming Research Group (1988)

    Google Scholar 

  63. Liu, Z., Woodcock, J., Zhu, H. (eds.): ICTAC 2013. LNCS, vol. 8049. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39718-9

    Book  MATH  Google Scholar 

  64. Liu, Z., Woodcock, J., Zhu, H. (eds.): Theories of Programming and Formal Methods: Essays Dedicated to Jifeng He on the Occasion of His 70th Birthday. LNCS, vol. 8051. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39698-4

    Book  MATH  Google Scholar 

  65. Liu, Z., Woodcock, J., Zhu, H. (eds.): Unifying Theories of Programming and Formal Engineering Methods. LNCS, vol. 8050. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39721-9

    Book  Google Scholar 

  66. Locke, D., et al.: Safety-Critical Java Technology Specification, Public Draft. Java Community Process (2011)

    Google Scholar 

  67. Celoxica Ltd.: DK3: Handel-C Language Reference Manual (2002)

    Google Scholar 

  68. Lundqvist, K., Asplund, L., Michell, S.: A formal model of the Ada Ravenscar tasking profile; protected objects. In: González Harbour, M., de la Puente, J.A. (eds.) Ada-Europe 1999. LNCS, vol. 1622, pp. 12–25. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48753-0_2

    Chapter  Google Scholar 

  69. McDermott, J.P., Freitas, L.: Using formal methods for security in the Xenon project. In: Sheldon, F.T., Prowell, S.J., Abercrombie, R.K., Krings, A.W. (eds.) Proceedings of the 6th Cyber Security and Information Intelligence Research Workshop, CSIIRW 2010, Oak Ridge, TN, USA, 21–23 April 2010, p. 67. ACM (2010). https://doi.org/10.1145/1852666.1852742

  70. McDermott, J.P., Kirby, J., Montrose, B.E., Johnson, T., Kang, M.H.: Re-engineering Xen internals for higher-assurance security. Inf. Secur. Tech. Rep. 13(1), 17–24 (2008). https://doi.org/10.1016/j.istr.2008.01.001

    Article  Google Scholar 

  71. Miyazawa, A., Ribeiro, P., Li, W., Cavalcanti, A.L.C., Timmis, J., Woodcock, J.C.P.: RoboChart: modelling and verification of the functional behaviour of robotic applications. Softw. Syst. Model. 18(5), 3097–3149 (2019). https://doi.org/10.1007/s10270-018-00710-z

    Article  Google Scholar 

  72. Miyazawa, A., Cavalcanti, A., Wellings, A.J.: SCJ-Circus: specification and refinement of safety-critical Java programs. Sci. Comput. Program. 181, 140–176 (2019). https://doi.org/10.1016/j.scico.2019.01.002

    Article  Google Scholar 

  73. Morgan, C.: Data refinement by miracles. Inf. Process. Lett. 26(5), 243–246 (1988). https://doi.org/10.1016/0020-0190(88)90147-0

    Article  MathSciNet  Google Scholar 

  74. Morgan, C.: Of wp and CSP. In: Feijen, W.H.J., van Gasteren, A.J.M., Gries, D., Misra, J. (eds.) Beauty Is Our Business. MCS, pp. 319–326. Springer, New York (1990). https://doi.org/10.1007/978-1-4612-4476-9_37

    Chapter  Google Scholar 

  75. Morgan, C.: Programming from Specifications. International Series in Computer Science, 2nd edn. Prentice Hall (1994)

    Google Scholar 

  76. Morris, J.M.: A theoretical basis for stepwise refinement and the programming calculus. Sci. Comput. Program. 9(3), 287–306 (1987). https://doi.org/10.1016/0167-6423(87)90011-6

    Article  MathSciNet  MATH  Google Scholar 

  77. Foster, S., Huerta y Munive, J.J., Struth, G.: Differential Hoare logics and refinement calculi for hybrid systems with Isabelle/HOL. In: Fahrenberg, U., Jipsen, P., Winter, M. (eds.) RAMiCS 2020. LNCS, vol. 12062, pp. 169–186. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-43520-2_11

    Chapter  MATH  Google Scholar 

  78. O’Halloran, C.: Identifying critical requirements. Technical report, Systems Assurance Group, QinetiQ Malvern (2002)

    Google Scholar 

  79. Oliveira, M.V.M.: Formal derivation of state-rich reactive programs using Circus. Ph.D. thesis, University of York, UK (2005). https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.428459

  80. Oliveira, M.V.M., Cavalcanti, A.L.C., Woodcock, J.C.P.: Refining industrial scale systems in Circus. In: East, I., Martin, J., Welch, P., Duce, D., Green, M. (eds.) Communicating Process Architectures. Concurrent Systems Engineering Series, vol. 62, pp. 281–309. IOS Press (2004)

    Google Scholar 

  81. Oliveira, M.V.M., Cavalcanti, A.L.C., Woodcock, J.C.P.: Formal development of industrial-scale systems in Circus. Innov. Syst. Softw. Eng. 1(2), 125–146 (2005). https://doi.org/10.1007/s11334-005-0014-0

    Article  Google Scholar 

  82. Oliveira, M.V.M., Cavalcanti, A.L.C., Woodcock, J.C.P.: A denotational semantics for Circus. In: Aichernig, B.K., Boiten, E.A., Derrick, J., Groves, L. (eds.) Proceedings of the 11th Refinement Workshop, Refine@ICFEM 2006. Electronic Notes in Theoretical Computer Science, Macao, 31 October 2006, vol. 187, pp. 107–123. Elsevier (2006). https://doi.org/10.1016/j.entcs.2006.08.047

  83. Oliveira, M.V.M., Cavalcanti, A.L.C., Woodcock, J.C.P.: A UTP semantics for Circus. Formal Aspects Comput. 21(1–2), 3–32 (2009). https://doi.org/10.1007/s00165-007-0052-5

    Article  MATH  Google Scholar 

  84. Oliveira, M.V.M., Cavalcanti, A.L.C., Woodcock, J.C.P.: Unifying theories in ProofPower-Z. Formal Aspects Comput. 25(1), 133–158 (2013). https://doi.org/10.1007/s00165-007-0044-5

    Article  MathSciNet  MATH  Google Scholar 

  85. Ribeiro, P., Cavalcanti, A.L.C.: Designs with angelic nondeterminism. In: 7th International Symposium on Theoretical Aspects of Software Engineering, pp. 71–78. IEEE (2013). https://doi.org/10.1109/TASE.2013.18

  86. Ribeiro, P., Cavalcanti, A.: Angelicism in the theory of reactive processes. In: Naumann, D. (ed.) UTP 2014. LNCS, vol. 8963, pp. 42–61. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-14806-9_3

    Chapter  MATH  Google Scholar 

  87. Ribeiro, P., Cavalcanti, A.L.C.: Angelic processes for CSP via the UTP. Theor. Comput. Sci. 756, 19–63 (2019). https://doi.org/10.1016/j.tcs.2018.10.008

    Article  MathSciNet  MATH  Google Scholar 

  88. Ribeiro, P.: A unary semigroup trace algebra. In: Fahrenberg, U., Jipsen, P., Winter, M. (eds.) RAMiCS 2020. LNCS, vol. 12062, pp. 270–285. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-43520-2_17

    Chapter  Google Scholar 

  89. Roscoe, A.W.: Denotational semantics for occam. In: Brookes, S.D., Roscoe, A.W., Winskel, G. (eds.) CONCURRENCY 1984. LNCS, vol. 197, pp. 306–329. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-15670-4_15

    Chapter  Google Scholar 

  90. Roscoe, A.W.: The Theory and Practice of Concurrency. Series in Computer Science. Prentice Hall (1997)

    Google Scholar 

  91. Roscoe, A.W.: Understanding Concurrent Systems. Texts in Computer Science, Springer, London (2010). https://doi.org/10.1007/978-1-84882-258-0

    Book  MATH  Google Scholar 

  92. Roscoe, A.W., Hoare, C.A.R.: The laws of OCCAM programming. Theor. Comput. Sci. 60, 177–229 (1988). https://doi.org/10.1016/0304-3975(88)90049-7

    Article  MathSciNet  MATH  Google Scholar 

  93. Roscoe, A.W., Woodcock, J.C.P., Wulf, L.: Non-interference through determinism. In: Gollmann, D. (ed.) ESORICS 1994. LNCS, vol. 875, pp. 31–53. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-58618-0_55

    Chapter  Google Scholar 

  94. Sampaio, A., Woodcock, J., Cavalcanti, A.: Refinement in Circus. In: Eriksson, L.-H., Lindsay, P.A. (eds.) FME 2002. LNCS, vol. 2391, pp. 451–470. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45614-7_26

    Chapter  Google Scholar 

  95. Schneider, S.A., Treharne, H.: CSP theorems for communicating B machines. Formal Aspects Comput. 17(4), 390–422 (2005). https://doi.org/10.1007/s00165-005-0076-7

    Article  MATH  Google Scholar 

  96. Sherif, A., Jifeng, H.: Towards a time model for Circus. In: George, C., Miao, H. (eds.) ICFEM 2002. LNCS, vol. 2495, pp. 613–624. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36103-0_62

    Chapter  Google Scholar 

  97. Sherif, A., Jifeng, H., Cavalcanti, A., Sampaio, A.: A framework for specification and validation of real-time systems using Circus actions. In: Liu, Z., Araki, K. (eds.) ICTAC 2004. LNCS, vol. 3407, pp. 478–493. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-31862-0_34

    Chapter  MATH  Google Scholar 

  98. Shilov, N.V., Garanina, N.O.: Combining knowledge and fixpoints. Technical report preprint 98, A.P. Ershov Institute of Informatics Systems, Novosibirsk (2002). https://www.iis.nsk.su/files/preprints/098.pdf

  99. Smith, G.: A semantic integration of object-Z and CSP for the specification of concurrent systems. In: Fitzgerald, J., Jones, C.B., Lucas, P. (eds.) FME 1997. LNCS, vol. 1313, pp. 62–81. Springer, Heidelberg (1997). https://doi.org/10.1007/3-540-63533-5_4

    Chapter  Google Scholar 

  100. Spivey, J.M.: Z Notation – A Reference Manual. International Series in Computer Science, 2nd edn. Prentice Hall (1992)

    Google Scholar 

  101. Tafliovich, A., Hehner, E.C.R.: Quantum predicative programming. In: Uustalu, T. (ed.) MPC 2006. LNCS, vol. 4014, pp. 433–454. Springer, Heidelberg (2006). https://doi.org/10.1007/11783596_25

    Chapter  Google Scholar 

  102. Thrun, S., Burgard, W., Fox, D.: Probabilistic Robotics. Intelligent Robotics and Autonomous Agents. MIT Press, Cambridge (2005)

    MATH  Google Scholar 

  103. Wei, K., Woodcock, J., Burns, A.: A timed model of Circus with the reactive design miracle. In: Fiadeiro, J.L., Gnesi, S., Maggiolo-Schettini, A. (eds.) 8th IEEE International Conference on Software Engineering and Formal Methods, SEFM 2010, Pisa, Italy, 13–18 September 2010, pp. 315–319. IEEE Computer Society (2010). https://doi.org/10.1109/SEFM.2010.40

  104. Wei, K., Woodcock, J., Burns, A.: Timed Circus: timed CSP with the miracle. In: Perseil, I., Breitman, K.K., Sterritt, R. (eds.) 16th IEEE International Conference on Engineering of Complex Computer Systems, ICECCS 2011, Las Vegas, Nevada, USA, 27–29 April 2011, pp. 55–64. IEEE Computer Society (2011). https://doi.org/10.1109/ICECCS.2011.13

  105. Welch, P.: Process oriented design for Java: concurrency for all. In: Sloot, P.M.A., Hoekstra, A.G., Tan, C.J.K., Dongarra, J.J. (eds.) ICCS 2002. LNCS, vol. 2330, pp. 687–687. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-46080-2_72

    Chapter  Google Scholar 

  106. Welch, P.H., Aldous, J.R., Foster, J.: CSP networking for Java (JCSP.net). In: Sloot, P.M.A., Hoekstra, A.G., Tan, C.J.K., Dongarra, J.J. (eds.) ICCS 2002. LNCS, vol. 2330, pp. 695–708. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-46080-2_74

    Chapter  Google Scholar 

  107. Woodcock, J.C.P.: Properties of Z specifications. ACM SIGSOFT Softw. Eng. Notes 14(5), 43–54 (1989). https://doi.org/10.1145/71633.71634

    Article  Google Scholar 

  108. Woodcock, J.C.P., Cavalcanti, A.L.C.: Circus: a concurrent refinement language. Technical report, Oxford University Computing Laboratory (2001)

    Google Scholar 

  109. Woodcock, J., Cavalcanti, A., Foster, S., Mota, A., Ye, K.: Probabilistic semantics for RoboChart. In: Ribeiro, P., Sampaio, A. (eds.) UTP 2019. LNCS, vol. 11885, pp. 80–105. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-31038-7_5

    Chapter  Google Scholar 

  110. Woodcock, J.C.P., Davies, J.: Using Z - Specification, Refinement, and Proof. International Series in Computer Science. Prentice Hall (1996)

    Google Scholar 

  111. Woodcock, J.: Using Circus for safety-critical applications. In: Cavalcanti, A., Machado, P.D.L. (eds.) Proceedings of the 6th Brazilian Workshop on Formal Methods, WMF 2003. Electronic Notes in Theoretical Computer Science, Campina Grande, Brazil, 12–14 October 2003, vol. 95, pp. 3–22. Elsevier (2003). https://doi.org/10.1016/j.entcs.2004.04.003

  112. Woodcock, J.: The miracle of reactive programming. In: Butterfield, A. (ed.) UTP 2008. LNCS, vol. 5713, pp. 202–217. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14521-6_12

    Chapter  MATH  Google Scholar 

  113. Woodcock, J.: Hoare and He’s unifying theories of programming. In: Jones, C.B., Misra, J. (eds.) Theories of Programming: The Life and Works of Tony Hoare, pp. 285–316. ACM/Morgan & Claypool (2021). https://doi.org/10.1145/3477355.3477369

  114. Woodcock, J., Cavalcanti, A.: A concurrent language for refinement. In: Butterfield, A., Strong, G., Pahl, C. (eds.) 5th Irish Workshop on Formal Methods, IWFM 2001, Dublin, Ireland, 16–17 July 2001. Workshops in Computing, BCS (2001). https://doi.org/10.14236/ewic/IWFM2001.7

  115. Woodcock, J., Cavalcanti, A.: The steam boiler in a unified theory of Z and CSP. In: 8th Asia-Pacific Software Engineering Conference (APSEC 2001), Macau, China, 4–7 December 2001, pp. 291–298. IEEE Computer Society (2001). https://doi.org/10.1109/APSEC.2001.991490

  116. Woodcock, J., Cavalcanti, A.: The semantics of Circus. In: Bert, D., Bowen, J.P., Henson, M.C., Robinson, K. (eds.) ZB 2002. LNCS, vol. 2272, pp. 184–203. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45648-1_10

    Chapter  Google Scholar 

  117. Woodcock, J., Cavalcanti, A.: A tutorial introduction to designs in unifying theories of programming. In: Boiten, E.A., Derrick, J., Smith, G. (eds.) IFM 2004. LNCS, vol. 2999, pp. 40–66. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24756-2_4

    Chapter  Google Scholar 

  118. Woodcock, J., Cavalcanti, A., Freitas, L.: Operational semantics for model checking Circus. In: Fitzgerald, J., Hayes, I.J., Tarlecki, A. (eds.) FM 2005. LNCS, vol. 3582, pp. 237–252. Springer, Heidelberg (2005). https://doi.org/10.1007/11526841_17

    Chapter  Google Scholar 

  119. Woodcock, J., Davies, J., Bolton, C.: Abstract data types and processes. In: Roscoe, A.W., Davies, J., Woodcock, J. (eds.) Proceedings of the 1999 Oxford-Microsoft Symposium in Honour of Sir Tony Hoare. Millennial Perspectives in Computer Science, pp. 391–405. Palgrave (2000)

    Google Scholar 

  120. Woodcock, J.C.P., Morgan, C.: Refinement of state-based concurrent systems. In: Bjørner, D., Hoare, C.A.R., Langmaack, H. (eds.) VDM 1990. LNCS, vol. 428, pp. 340–351. Springer, Heidelberg (1990). https://doi.org/10.1007/3-540-52513-0_18

    Chapter  Google Scholar 

  121. Yan, F., Foster, S., Habli, I.: Automated compositional verification for robotic state machines using Isabelle/HOL. In: 27th International Conference on Engineering of Complex Computer Systems (ICECCS). IEEE (2023)

    Google Scholar 

  122. Ye, K., Foster, S., Woodcock, J.: Formally verified animation for RoboChart using interaction trees. In: Riesco, A., Zhang, M. (eds.) ICFEM 2022. LNCS, vol. 13478, pp. 404–420. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-17244-1_24

    Chapter  Google Scholar 

  123. Zeyda, F., Cavalcanti, A.L.C.: Circus model for the SCJ framework. Technical report, University of York, Department of Computer Science, York, UK (2012)

    Google Scholar 

  124. Zeyda, F., Foster, S., Freitas, L.: An axiomatic value model for Isabelle/UTP. In: Bowen, J.P., Zhu, H. (eds.) UTP 2016. LNCS, vol. 10134, pp. 155–175. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-52228-9_8

    Chapter  Google Scholar 

Download references

Acknowledgements

We gratefully acknowledge all our UTP-based research collaborators, co-authors, and students. Thanks to all of you. This work has recently been funded by the UK EPSRC Grants EP/M025756/1, EP/R025479/1, EP/V026801/2, EP/S001190/1, and by the Royal Academy of Engineering Grant No CiET1718/45. Over the years, many other funding sources have been available to us, as detailed in the cited papers. Thank you.

Author information

Authors and Affiliations

  1. The University of York, York, UK

    Jim Woodcock, Ana Cavalcanti & Simon Foster

  2. Universidade Federal de Pernambuco, Recife, Brazil

    Augusto Sampaio

  3. Universidade Federal do Rio Grande do Norte, Natal, Brazil

    Marcel Oliveira

  4. Guadalajara, Mexico

    Frank Zeyda

Authors
  1. Jim Woodcock
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ana Cavalcanti
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Simon Foster
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Marcel Oliveira
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Augusto Sampaio
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Frank Zeyda
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jim Woodcock .

Editor information

Editors and Affiliations

  1. London South Bank University, London, UK

    Jonathan P. Bowen

  2. East China Normal University, Shanghai, China

    Qin Li

  3. University of Macau, Macau, China

    Qiwen Xu

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Woodcock, J., Cavalcanti, A., Foster, S., Oliveira, M., Sampaio, A., Zeyda, F. (2023). UTP, Circus, and Isabelle. In: Bowen, J.P., Li, Q., Xu, Q. (eds) Theories of Programming and Formal Methods. Lecture Notes in Computer Science, vol 14080. Springer, Cham. https://doi.org/10.1007/978-3-031-40436-8_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-40436-8_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-40435-1

  • Online ISBN: 978-3-031-40436-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics