Software engineering, like any other engineering field, needs to use formal methods to prove the reliability of its products and optimise their production and maintenance. In order to do that, software specification needs to be expressed in a language whose vocabulary, syntax and semantics are formally defined. These languages can be a federating formalism in information systems for data struct...

This paper introduces a new notation called S which is based on higher order logic. It has been developed specifically to support the practical application of formal methods in industrial scale projects. The development of S has occurred in the context of an investigation into the possibility of using formal specification techniques in the development of a $400 million air traffic control syste...

This paper introduces a new notation called S which is based on higher order logic. It has been developed specifically to support the practical application of formal methods in industrial scale projects. The development of S has occurred in the context of an investigation into the possibility of using formal specification techniques in the development of a $400 million air traffic control syste...

Anycast RP relaxes an important constraint in PIM-SM, namely, that there can be only one group to RP mapping can be active at any time. The single mapping property has several implications, including traffic concentration, lack of scalable register decapsulation (when using the shared tree), slow convergence when an active RP fails, possible sub-optimal forwarding of multicast packets, and dist...

Diverse programming is a recommended approach in the preparation of logic used to drive railway control systems, whereby different representations and processes are used to configure and validate the logic. This paper describes how two formal specifications have been used for the construction of a precise model of the logic, alternative to those represented using the user and machine notations,...

We propose a formal account of XACML, an OASIS standard adhering to the Policy Based Access Control model for the specification and enforcement of access control policies. To clarify all ambiguous and intricate aspects of XACML, we provide it with a more manageable alternative syntax and with a solid semantic ground. This lays the basis for developing tools and methodologies which allow softwar...

Median networks have been proposed as an improvement over trees in phylogenetic analysis. This paper argues that concept lattices represent essentially the same information as median networks but with the advantage that there is a larger FCA research community and a variety of available software tools. Therefore evolutionary analysis is an interesting new application domain for FCA.

We briefly present a software methodology for safety-critical software, developed over many years to cope with industrial safety-critical applications in the Canadian nuclear industry. Following this we present discussion on software tools that have been used to support this methodology, and software tools that could be used, but have not been used for a variety of reasons. Based on our experie...

In this paper we develop methods for analyzing key management and authentication protocols using techniques developed for the solutions of equations in a term rewriting system. In particular, we describe a model of a class of protocols and possible attacks on those protocols as term rewriting systems, and we also describe a software tool based on a narrowing algorithm that can be used in the an...

Event-B is a formal method which is widely used in modelling safety critical systems. So far, the main properties of interest in Event-B are safety related. Even though some liveness properties, e,g, termination, are already within the scope of Event-B, more general liveness properties, e.g. progress or persistence, are currently unsupported. We present in this paper proof rules to reason about...