Proof of Correctness of Object Representations 3

1.1 Introduction This paper presents an algebraic account of implementation that is applicable to the object paradigm. The key to its applicability is the notion of state: objects have local states that are observable only through their outputs. That is, objects may be viewed as abstract machines with hidden local state (as in 9]). Consequently, a correct implementation need only have the required visible behaviour. We use hidden order sorted algebra to formalise the object paradigm 4, 5, 8]. Advantages of an algebraic approach include a high level of intellectual rigour, a large body of supporting mathematics, and simple, eecient proofs using only equa-tional logic. A wide variety of extensions to equational logic have been developed to treat various programming features, while preserving its essential simplicity. For example, order sorted equational logic uses a notion of subsort to treat computations that may raise exceptions or fail to terminate. Hidden sorted logic extends standard equational logic to capture an important distinction between immutable data types, such as booleans and integers, and mu-table objects, such as program variables and database entities. The terms abstract data types and abstract object classes refer to these two kinds of entity. The former represent`visible' data values; the latter represent data stored in a hidden state. In hidden sorted equational logic, an equation of hidden sort need not be satissed in the usual sense, but only up to observability, in that only its visible consequences need hold. Thus, hidden sorted logic allows greater freedom in implementations. The simplicity of the underlying logic is important, because we want a tractable approach in which implementations are as easily expressible and provable as possible. A speciication is just a set of sentences in some logical system: that is, a theory. An algebraic speciication is then a set of equations. An implementation is expressed by a theory morphism, which says how to interpret a theory into its implementation in such a way that each model of the concrete theory gives a model of the abstract theory. In this respect, our approach is similar to the seminal work of 1