Jonathan Bowen | London South Bank University (original) (raw)

Uploads

Papers by Jonathan Bowen

This paper extends a companion paper on compilation for target platforms with hidden deterministi... more This paper extends a companion paper on compilation for target platforms with hidden deterministic hardware aliasing to generate aliasing as well as compensate for it, in so-called 'chaotic' compilation. That may be applied in encrypted computing to statistically hide any information inadvertently introduced by a human programmer. A prototype compiler implementing the technology currently covers all of ANSI C except longjmp/setjmp, and this paper sketches a proof that it protects against polynomial complexity attacks on runtime data.

IACR Cryptology ePrint Archive, 2016

BCS Learning & Development, 2012

Electronic Workshops in Computing

arXiv (Cornell University), Nov 29, 2018

Electronic Workshops in Computing

$Research paper thumbnail of Visualising Virtual Communities: From Erd\H{o}s to the Arts$

arXiv: Computers and Society, 2012

Monitoring communities has become increasingly easy on the web as the number of visualisation too... more Monitoring communities has become increasingly easy on the web as the number of visualisation tools and amount of data available about communities increase. It is possible to visualise connections on social and professional networks such as Facebook in the form of mathematical graphs. It is also possible to visualise connections between authors of papers. In particular, Microsoft Academic Search now has a large corpus of information on publications, together with author and citation information, that can be visualised in a number of ways. In mathematical circles, the concept of the "Erd\H{o}s number" has been introduced, in honour of the Hungarian mathematician Paul Erd\H{o}s, measuring the "collaborative distance" of a person away from Erd\H{o}s through links by co-author. Similar metrics have been proposed in other fields, including acting. The possibility of exploring and visualising such links in arts fields is proposed in this paper.

Electronic Workshops in Computing, 2021

2017 International Carnahan Conference on Security Technology (ICCST), 2017

Over the past few years we have articulated theory that describes ‘encrypted computing’, in which... more Over the past few years we have articulated theory that describes ‘encrypted computing’, in which data remains in encrypted form while being worked on inside a processor, by virtue of a modified arithmetic. The last two years have seen research and development on a standards-compliant processor that shows that near-conventional speeds are attainable via this approach. Benchmark performance with the US AES-128 flagship encryption and a 1GHz clock is now equivalent to a 433MHz classic Pentium, and most block encryptions fit in AES's place. This summary article details how user data is protected by a system based on the processor from being read or interfered with by the computer operator, for those computing paradigms that entail trust in data-oriented computation in remote locations where it may be accessible to powerful and dishonest insiders. We combine: (i) the processor that runs encrypted; (ii) a slightly modified conventional machine code instruction set architecture with w...

Electronic Workshops in Computing, 2021

Formal Aspects of Computing, 2020

The hardware description language Verilog has been standardized and widely used in industry. Mult... more The hardware description language Verilog has been standardized and widely used in industry. Multithreaded Discrete Event Simulation Language (MDESL) is a Verilog-like language and it contains a rich variety of interesting features such as the event-driven computation and shared-variable concurrency as well as the realtime feature. In this paper, we present the denotational semantics for MDESL based on UTP. First a discrete time semantic model is proposed to describe the observation-oriented semantics for MDESL. The observations record the change of variables of atomic actions over time. Then the healthy formulae are defined to denote all different behaviors of programs and the semantics of programs is expressed in terms of healthy formulae. In addition, we demonstrate some interesting properties about the MDESL programs expressing as algebraic laws and their proofs are supported by our formalized denotational semantics. Our theoretical approach is complemented by a practical one, w...

Electronic Workshops in Computing, 2009

Electronic Workshops in Computing, 2010

Electronic Workshops in Computing, 2013

Electronic Workshops in Computing, 2019

Electronic Workshops in Computing, 2015

Electronic Workshops in Computing, 2006

Electronic Workshops in Computing, 2007

IACR Cryptology ePrint Archive, 2016

BCS Learning & Development, 2012

Electronic Workshops in Computing

arXiv (Cornell University), Nov 29, 2018

Electronic Workshops in Computing

$Research paper thumbnail of Visualising Virtual Communities: From Erd\H{o}s to the Arts$

arXiv: Computers and Society, 2012

Electronic Workshops in Computing, 2021

2017 International Carnahan Conference on Security Technology (ICCST), 2017

Electronic Workshops in Computing, 2021

Formal Aspects of Computing, 2020

Electronic Workshops in Computing, 2009

Electronic Workshops in Computing, 2010

Electronic Workshops in Computing, 2013

Electronic Workshops in Computing, 2019

Electronic Workshops in Computing, 2015

Electronic Workshops in Computing, 2006

Electronic Workshops in Computing, 2007

Google, Inc. (search), Subscribe (Full Service), Register (Limited Service, Free), Login. Search:... more Google, Inc. (search), Subscribe (Full Service), Register (Limited Service, Free), Login. Search: The ACM Digital Library The Guide. ...

The REDO Compendium: Reverse Engineering for Software Maintenance, 1993

"The Dictionary of Computing gives the following (abridged) defi nitions for a compiler and decom... more "The Dictionary of Computing gives the following (abridged) defi nitions for a compiler and decompiler (or reverse compiler):

compiler A program that translates high-level language into absolute code . . .

decompiler A program that attempts to . . . translate back from machine code to something resembling the source language. The task is difficult and not often attempted.

The following sections are intended to show how a decompiler may be constructed given only a knowledge of or access to the speci fication for a forward compiler, and some facility with Prolog or other high-level languages. It is easy to do and
should be attempted more often.

Decompilation is only useful, of course, if the object code is available and it is
required to reproduce the higher level `original' as an intermediate stage to aid understanding
or restructuring. The decompiled code can then be abstracted to a speci fication
by other techniques developed by the REDO project,"

The Scientists: An Epic of Discovery, 2012

Alan Turing has a rightful claim to the title of father of modern computing. He laid the theoreti... more Alan Turing has a rightful claim to the title of father of modern computing. He laid the theoretical groundwork for a universal machine that models a computer in its most general form before World War II. During the war, Turing was instrumental in developing and influencing actual computing devices that have been said to have shortened the war by up to two years by decoding encrypted enemy messages that were believed by others to be unbreakable. Unlike some theoreticians, he was willing to be involved with practical aspects, and was as happy to wield a soldering iron as he was to wrestle with a mathematical problem, normally from a unique angle compared to others.

Conquering Complexity, 2012

How have the formal methods commandments fared over the past decade? Are they still valid in the ... more How have the formal methods commandments fared over the past decade? Are they still valid in the current industrial setting, and have attitudes toward formal methods improved? The authors revisit their ten maxims to answer these questions.

Virtual Communities: Concepts, Methodologies, Tools and Applications, 2011

This chapter introduces the concept of a Virtual Organization (VO), using the Internet to link ge... more This chapter introduces the concept of a Virtual Organization (VO), using the Internet to link geographically separated participants in an efficient and novel manner. In particular, the chapter contrasts the attributes of Project VOs and Community VOs. The former tend to be more formal and arise for a particular collaborative goal with a limited lifetime. The latter are less formal and more open-ended, with a less specific purpose, largely aimed at developing an online community as an end in itself. The features of Project and Community VOs are compared and the various technologies are discussed. Two case studies are presented as examples. This is a rapidly changing area with new technologies becoming rapidly available, but the underlying concepts and reasons for the existence of VOs in the support of virtual collaborative practice remain more stable.

Digital Technologies and the Museum Experience: Handheld Guides and Other Media, 2008

In the past decade, museums have experienced a revolution with the arrival of new technologies, c... more In the past decade, museums have experienced a revolution with the arrival of new technologies, capable of enhancing their visitors’ experiences by introducing multimedia content. Amid these new technologies, website and computer-based interactives in the gallery have augmented exhibitions to provide additional educational material. However, the web is mainly suitable for access to information before, after or often even instead of visiting an exhibition or museum. A kiosk provides a physically fixed facility that can be used during a visit to an exhibition, but only for part of it generally. In contrast, a multimedia tour delivered through a handheld device allows the visitor to gain information at any point during the visit and in any order, without interfering with the aesthetics of the gallery. This means it has some unique properties that could be beneficial, if used suitably.

http://www.readinglists.manchester.ac.uk/items/19385D8F-E893-267A-33DD-20742D8A4F8B.html

Global Information Technologies: Concepts, Methodologies, Tools, and Applications, 2008

We consider the design and provision of websites with respect to gender issues from various persp... more We consider the design and provision of websites with respect to gender issues from various perspectives. A general view of the field is given and educational issues are specifically considered in relation to gender differences in the use of IT as an effective educational aid, especially by children. Human-Computer Interaction (HCI) models at different levels of abstraction are presented, together with how gender issues could impinge at each of these levels. A number of examples, both from the commercial and cultural fields, are discussed as design case studies of home pages for websites that exhibit gender-related orientation. Finally, looking to the future, online gaming is discussed in the context of usage. It is hoped that the guidance provided here will help minimize any gender discrimination on websites with respect to their interfaces, increasing general accessibility in the process.

The Computer Science and Engineering Handbook, Jan 1, 1997

ZUM'97: The Z Formal Specification Notation, Jan 1, 1997

This appendix provides some details on how to access information on Z, particularly electronicall... more This appendix provides some details on how to access information on Z, particularly electronically. It has been generated from a message that is updated and sent out monthly on international computer networks. This on-line information is available on-line on the following World Wide Web (WWW) hypertext page where it is split into convenient sections and updated each month:
http://www.faqs.org/faqs/z-faq/

""Electronic Visualisation in Arts and Culture explores a variety of new theory and technologies,... more ""Electronic Visualisation in Arts and Culture explores a variety of new theory and technologies, including devices and techniques for motion capture for music and performance, advanced photographic techniques, computer generated images derived from different sources, game engine software, airflow to capture the motions of bird flight and low-altitude imagery from airborne devices.

The international authors of this book are practising experts from universities, art practices and organisations, research centres and independent research. They describe electronic visualisation used for such diverse aspects of culture as airborne imagery, computer generated art based on the autoimmune system, motion capture for music and for sign language, the visualisation of time and the long term preservation of these materials. Selected from the EVA London conferences from 2009-2012, held in association with the Computer Arts Society of the British Computer Society, the authors have reviewed, extended and fully updated their work for this state-of-the-art volume.
""

The last decade has witnessed a modest but sustained increase in researching and applying formal ... more The last decade has witnessed a modest but sustained increase in researching and applying formal methods. A number of well cited success stories are now available and provide strong evidence that formal methods can be effective and deployed in industrial-scale applications.

Through fundamental contributions from leading researchers, this book provides further evidence of the use of formal methods in the areas of requirements, design, modelling and implementation, verification and validation. The self-contained chapters are views from experts in these areas, providing readers with rich background information and a diverse breadth of specialist material.

This authoritative collection of views provides a snapshot of the field and will be of considerable interest to researchers and professionals seeking a perspective on fundamental underpinnings of formal methods and current hot topics in the field.

The website www.fmsand.info is a useful resource, providing material associated with the book and links to further related information.

Content Level » Research

Keywords » Formal Methods - Formal Specification - Refinement - Semantics - Z Notation

Related subjects » Software Engineering - Theoretical Computer Science

TABLE OF CONTENTS

Domain Engineering.- Program Verification and System Dependability.- The Abstract State Machines Method for High-Level System Design and Analysis.- Applications and Methodology of vZ.- The Computer Ate my Vote.- Formal Methods for Biomechanical Signalling Pathways.- Separation Logic and Concurrency.- Programming Language Description Languages.

An Outcome of the FORTEST Network. Revised Selected Papers, 2008

This book constitutes the thoroughly refereed and peer-reviewed outcome of the Formal Methods and... more This book constitutes the thoroughly refereed and peer-reviewed outcome of the Formal Methods and Testing (FORTEST) network - formed as a network established under UK EPSRC funding that investigated the relationships between formal (and semi-formal) methods and software testing - now being a subject group of two BCS Special Interest Groups: Formal Aspects of Computing Science (BCS FACS) and Special Interest Group in Software Testing (BCS SIGIST).

Each of the 12 chapters in this book describes a way in which the study of formal methods and software testing can be combined in a manner that brings the benefits of formal methods (e.g., precision, clarity, provability) with the advantages of testing (e.g., scalability, generality, applicability).

FACIT series, 1999

This unique book concentrates specifically on industrial applications. The authors provide hands-... more This unique book concentrates specifically on industrial applications. The authors provide hands-on experience and guidance for those who need to apply formal methods successfully in this context. Each chapter is written by an expert in software engineering or formal methods, and contains background information, introductions to the techniques being used, actual fragments of formalized components, details of results and an analysis of the overall approach. It provides specific details on how to produce high-quality software that comes in on time and within budget.

FACIT series, May 28, 1999

This volume provides the reader with a comprehensive introduction to system specification an d de... more This volume provides the reader with a comprehensive introduction to system specification an d design methods, with particular emphasis on structured and formal methods, method integration, concurrency and safety-critical systems. It contains new material by Jonathan Bowen and Michael Hinchey, along with reprints of classic articles on high-integrity systems which have never bef ore appeared in a single volume. Among these classic articles are contributions from such leading names as Leslie Lamport, Nancy Leveson and C.A.R. Hoare.
High-Integrity System Specification and Design provides practitioners and researchers with convenient access to a range of essential essays — both classic and state-of-the-art — in a single volume. It will provide them with details of specification and design approaches for this type of system, an overview of the development process, and evidence of how various classes of high-integrity system may be approached and developed successfully.

The volume is also available from the IEEE Computer Society Press.

Jonathan P. Bowen and Mike Hinchey (University of Nebraska at Omaha). Springer-Verlag, London, FACIT series, April 1999. ISBN 3-540-76226-4. (xix+701 pages) Co-author of the following reprinted papers:Seven More Myths of Formal Methods, Jonathan P. Bowen and Mike Hinchey, pages 153-165.Ten Commandments of Formal Methods, Jonathan P. Bowen and Mike Hinchey, pages 217-230.Safety-Critical Systems, Formal Methods and Standards, Jonathan P. Bowen and Victoria Stavridou, pages 485-528.
Table of contents
Preface
Parts:
Specification and Design
Structured Methods
Formal Methods
Object-Orientation
Concurrent and Distributed Systems
Real-Time and Safety-Critical Systems
Integrating Methods
Implementation
CASE
Glossary
Bibliography
Index
List of reprints

The following papers are included:

Grady Booch. Object-Oriented Development. IEEE Transactions on Software Engineering, 12(2):211–221, February 1986.Jonathan P. Bowen and Michael G. Hinchey. Ten Commandments of Formal Methods. IEEE Computer, 28(4):56–63, April 1995.
Jonathan P. Bowen and Michael G. Hinchey. Seven More Myths of Formal Methods. IEEE Software, 12(7):34–41, July 1995.
Jonathan P. Bowen and Victoria Stavridou. Formal Methods, Safety-Critical Systems and Standards. Software Engineering Journal, 8(4):189–209, July 1993.
Frederick P. Brooks, Jr. No Silver Bullet: Essence and Accidents of Software Engineering. IEEE Computer, 20(4):10–19, April 1987. First published in H.-J. Kugler (ed.), Information Processing '86, Elsevier Science Publishers B.V. (North-Holland).John R. Cameron. An Overview of JSD. IEEE Transactions on Software Engineering, 12(2):222–240, February 1986.
Eliott J. Chikofsky and B.L. Rubenstein. CASE: Reliability Engineering for Information Systems. IEEE Software, 5(2):11–16, March 1988.
Robert G. Fichman and Chris F. Kemerer. Object-Oriented and Conventional Analysis and Design Methodologies. IEEE Computer, 25(10):22–39, October 1992.
Norbert E. Fuchs. Specifications are (Preferably) Executable. Software Engineering Journal, 7(5):323–334, September 1992.
Susan Gerhart, Dan Craigen and Ted Ralston. Experience with Formal Methods in Critical Systems. IEEE Software, 11(1):21–28, January 1994.
Susan Gerhart, Dan Craigen and Ted Ralston. Regulatory Case Studies. IEEE Software, 11(1):30–39, January 1994.J. Anthony Hall. Seven Myths of Formal Methods. IEEE Software, 7(5):11–19, September 1990.
David Harel. On Visual Formalisms. Communications of the ACM, 31(5):514–530, May 1988.
David Harel. Biting the Silver Bullet: Toward a Brighter Future for System Development. IEEE Computer, 25(1):8–20, January 1992.Ian J. Hayes and Cliff B. Jones. Specifications are not (Necessarily) Executable. Software Engineering Journal, 4(6):330–338, 1989.
C.A.R. Hoare. Communicating Sequential Processes. Communications of the ACM, 21(8):666–677, August 1978.
C.A.R. Hoare. An Overview of some Formal Methods for Program Design. IEEE Computer, 20(9):85–91, September 1987.
Leslie Lamport. A Simple Approach to Specifying Concurrent Systems. Communications of the ACM, 32(1):32–45, January 1989.
Nancy G. Leveson. Medical Devices: The Therac-25 Story. In Safeware: System Safety and Computers, Addison-Wesley Publishing Company, Appendix A, pages 515–553, 1995. Based on Nancy G. Leveson and Clark S. Turner. An Investigation of the Therac-25 Accidents. IEEE Computer, 26(7):18–41, July 1993.
Ken Orr, Chris Gane, Edward Yourdon, Peter P. Chen and Larry L. Constantine. Methodology: The Experts Speak. BYTE, 14(4):221–233, April 1989.Jonathan S. Ostroff. Formal Methods for the Specification and Design of Real-Time Safety Critical Systems. Journal of Systems and Software, pp 33–60, April 1992.
Lesley T. Semmens, Robert B. France and Tom W.G. Docker. Integrated Structured Analysis and Formal Specification Techniques. The Computer Journal, 35(6):600–610, 1992.
Jeannette M. Wing. A Specifier's Introduction to Formal Methods. IEEE Computer, 23(9):8–24, September 1990.

International Thomson Computer Press, 1996

Formal methods are becoming more accepted in both academia and industry as one possible way in wh... more Formal methods are becoming more accepted in both academia and industry as one possible way in which to help improve the quality of both software and hardware systems. It should be remembered however that they are not a panacea, but rather one
more weapon in the armoury against making design mistakes. To quote from Prof. Tony Hoare:

"Of course, there is no fool-proof methodology or magic formula that will ensure a good, efficient, or even feasible design. For that, the designer needs experience, insight, flair, judgement, invention. Formal methods can only stimulate, guide, and
discipline our human inspiration, clarify design alternatives, assist in exploring their consequences, formalize and communicate design decisions, and help to ensure that they are correctly carried out." - C.A.R. Hoare, 1988

Thus we should not expect too much from formal methods, but rather use them to advantage where appropriate.

Even within the formal methods community, there are many camps: for example, those that believe that a formally correct system must be proved correct mechanically, one small step at a time, and those who use the term formal to mean mathematical, using high-level pencil-and-paper style proofs to verify a design is ‘correct’ with respect to its specification. Sometimes the latter method is known as ‘rigorous’ to differentiate it from the former; and of course there are positions between these two extremes.

Even if a system is proved correct, there are still many assumptions which may be invalid. The specification must be ‘obviously right.’ There is no way that this can be formally verified to be what is wanted. It must be simple enough to be understandable and should be acceptable to both the designer and the customer.

This book presents an even more pragmatic view of the use of formal methods than that held by some academics: that is that formal specification alone can still be beneficial (and is much more cost effective in general) than attempting proofs in many cases. While the cost of proving a system correct may be justified in safety-critical systems where lives are at risk, many systems are less critical, but could still benefit from formalization earlier on in the design process than is normally the case in much industrial practice.

Ultimately the computer system will be communicating with the outside world. In a control system, we will probably be dealing with physical laws, continuous mathematics (e.g., differential equations), etc. This will have to be converted into digital values and approximations will have to be made. In many cases, a Human-Computer Interface will be involved. Great engineering skill will be needed to ensure that any assumptions made are correct and will not invalidate any formally verified design. It is very important to apportion responsibility between the engineers associated with each design task. Mutually agreed interfaces must be drawn up. Ideally these should be formalized to reduce the risk of ambiguity and misunderstanding on each side of the interfaces.

This book presents the use of one notation in the accumulation of available mathematical techniques to help ensure the correctness of computer-based systems, namely the Z notation (pronounced ‘zed’), intended for the specification of such systems. The formal notation Z is based on set theory and predicate calculus, and has been developed at the Oxford University Computing Laboratory since the late 1970’s.

The use of a formal notation early on in the design process helps to remove many errors that would not otherwise be discovered until a later stage. The book includes specification of a number of digital systems in a variety of areas to help demonstrate the scope of the notation. Most of the specifications are of real systems that have been built, either commercially or experimentally. It is hoped that the variety of examples in this book will encourage more developers to attempt to specify their systems in a more formal manner before they attempt the development or programming stage.

In Part I, the first two chapters give an introduction to formal specification, using Z in particular, and also to the issues concerning the practical take-up and use of formal methods in industry. Chapter 2 gives an overview of some industrial issues, for those contemplating the use of formal methods as part of the software development process. Some guidelines to help with successful use are given. Finally a brief tutorial is given in Chapter 3, which introduces Z for those who have not seen the notation before, but who wish to tackle the rest of the book. However, it should be noted that this is not a substitute for a fuller treatment, which if required should be sought from one of the numerous Z textbooks now available.

Z has been designed to be read by (suitably trained) humans, rather than by computers, and as such may be included in manuals documenting computer-based systems. Part II gives some examples, using network services designed and built at Oxford University. Two types of manual have been developed, one of the user of a service, giving an idealized external abstract view, and one for potential implementors, giving more details of the suggested internal structure of the service.

In Part III, Chapter 6 details the specification of a text formatting tool designed for using under the UNIX operating system. The structure of UNIX files is discussed in this context. A specification of a mouse-based input system for UNIX workstations is also presented in Chapter 7.

Although Z has mainly been applied to software systems, it is also applicable to hardware. In Part IV, a number of aspects important in the specification of machine instruction sets are discussed. Chapter 8 formally defines some concepts which are useful in the specification of any microprocessor. Building of this, a part of a specific instruction set, namely that of the Transputer, is then presented in Chapter 9.

Part V details some graphical concepts. Chapter 10 introduces general concepts useful for specifying pixel maps and window systems. Chapter 11 defines the rasterop function which is fundamental to many graphics operations.

Window systems are now one of the most popular interfaces for computers. Part VI builds on the ideas presented in Part V and gives details of three window systems, including the highly successful XWindow System. Chapter 15 remarks on experience
gained by formally specifying the three window systems and other case studies.

Appendix A gives some indications on how to obtain further up-to-date information on Z. A glossary of the Z notation may be found in Appendix B. A literature guide in Appendix C together with a substantial bibliography at the end of the book are included to allow readers to follow up on another aspect of Z and formal methods that are of special interest. Finally an index, particularly of names of definitions in the specifications presented in the book, will aid the reader in navigating the text, especially the formal parts.

It is hoped that the specifications presented here will help students and industrial practitioners alike to produce better specifications of their designs, be they large or small. Even if no proofs or refinement of a system are attempted, mere formalization early on in the design process will help to clarify a designer’s thoughts (especially when undertaken as part of a team) and remove many errors before they become implemented,
and therefore much more difficult and expensive to rectify.
For further on-line information related to this book, held as part of the distributed World Wide Web (WWW) Virtual Library, the reader is referred to the following URL
(Uniform Resource Locator):
http://http://formalmethods.wikia.com/zbook

J.P.B.
June 1995

Interest in formal methods continues to grow; unfortunately myths and misconceptions regarding th... more Interest in formal methods continues to grow; unfortunately myths and misconceptions regarding their benefits and application continue to grow also. Applications of Formal Methods is a collection of articles by internationally renowned contributors from both academia and industry which will dispel many of these myths. Each of these essays illustrates the application of formal methods to realistic problems, each with an industrial relevance, in various application domains, describing how they can be scaled to large-scale problems, and providing an evaluation of methods, tools, and validation and verification techniques. Key features include: Foreword by C.A.R. Hoare; Describes real-life examples of the application of formal methods, including descriptions of the methods used, and fragments of specifications which can be used in coursework; Provides statistical evidence of the benefits of formal methods; Discusses techniques for scaling formal methods for use at an industrial scale, and means of overcoming technology transfer problems; Emphasizes tool support and the use of validation and verification techniques. Applications of Formal Methods is essential reading for all students of formal methods and system development, as well as project managers considering the introduction of formal methods, and researchers in the field wishing to know more about industrial application and wishing to learn from the experiences of others.

Real-Time Safety Critical Systems series, 1994

As the complexity of embedded computer-controlled systems increases, the present industrial pract... more As the complexity of embedded computer-controlled systems increases, the present industrial practice for their development gives cause for concern, especially for safety-critical applications where human lives are at stake. The use of software in such systems has increased enormously in the last decade. Formal methods, based on rm mathematical foundations, provide one means to help with reducing the risk of introducing errors during
speci cation and development. There is currently much interest in both academic and industrial circles concerning the issues involved, but the techniques still need further investigation and promulgation to make their widespread use a reality.

This book presents some results of research into techniques to aid the formal veri cation of mixed hardware/software systems. Aspects of system speci cation and veri cation from requirements down to the underlying hardware are addressed, with particular regard to real-time issues. The work presented is largely based around the Occam programming language and Transputer microprocessor paradigm. The HOL theorem prover, based on higher order logic, has mainly been used in the application of machine-checked proofs.

The book describes research work undertaken on the collaborative UK DTI/SERC funded Information Engineering Directorate SAFEMOS project. The partners were Inmos
Ltd, Cambridge SRI, the Oxford University Computing Laboratory and the University of Cambridge Computer Laboratory, who investigated the problems of formally verifying embedded systems. The most important results of the project are presented in the form of a series of interrelated chapters by project members and associated personnel. In addition, overviews of two other ventures with similar objectives are included as appendices.

The material in this book is intended for computing science researchers and advanced industrial practitioners interested in the application of formal methods to real-time safety-critical systems at all levels of abstraction from requirements to hardware. In addition, Chapters 1 and 11 contain material of a more general nature which may be of interest to managers in charge of projects applying formal methods, especially for safety-critical systems, and others who are considering their use.

Book on the SAFEMOS project. Other contributors: Juanito Camilleri, Rachel Cardell-Oliver, Mike Gordon, Roger Hale, Hans Langmaack, C.A.R. Hoare, John Herbert, He Jifeng, Ian Page, Paritosh Pandya, Andrew Pitts, Anders Ravn, David Shepherd, Victoria Stavridou and Bill Young.

Lecture Notes in Computer Science, 2000

Lecture Notes in Computer Science, 2003

Series Editors Gerhard Goos, Karlsruhe University, Germany Juris Hartmanis, Cornell University, N... more Series Editors Gerhard Goos, Karlsruhe University, Germany Juris Hartmanis, Cornell University, NY, USA Jan van Leeuwen, Utrecht University, The Netherlands Volume Editors Didier Bert CNRS, Laboratoire LSR-IMAG 681, rue de la Passerelle, BP 72, 38402 ...

Lecture Notes in Computer Science, 2002

This book constitutes the refereed proceedings of the Second International Conference of B and Z ... more This book constitutes the refereed proceedings of the Second International Conference of B and Z Users, ZB 2002, held in Grenoble, France in January 2002. The 24 papers presented together with three invited contributions were carefully reviewed and selected for inclusion in the book. The book documents the recent advances for the Z formal specification notion and for the B method; the full scope is covered, ranging from foundational and theoretical issues to advanced applications, tools, and case studies.

Lecture Notes in Computer Science, 1997

This Z User Meeting (ZUM), was the tenth in the series originally started by Ib Sorensen in Decem... more This Z User Meeting (ZUM), was the tenth in the series originally started by Ib Sorensen in December 1986 at Oxford, under the auspices of the Oxford University Computing Laboratory. The first five meetings were all held in Oxford, initially at the Department of External Studies in Rewley House, and the last at one of the colleges, Lady Margaret Hall.

Lecture Notes in Computer Science, 1998

This book constitutes the refereed proceedings of the 11th International Conference of Z Users, Z... more This book constitutes the refereed proceedings of the 11th International Conference of Z Users, ZUM&#x27;98, held in Berlin, Germany, in September 1998. The 28 revised and invited papers presented were carefully reviewed and selected for inclusion in the book; also included is a comprehensive Z bibliography and a summary of the frequently asked questions at two Z Internet sites. The papers are organized in sections on industrial issues, concurrency, tools, Z and HOL, safety-critical and real-time systems, semantic theory, ...

Lecture Notes in Computer Science, 1995

Lecture Notes in Computer Science, 2008

Electronic Workshops in Computing (eWiC), Jul 2012

Electronic Visualisation and the Arts London 2012 (EVA London 2012) is co-sponsored by the Comput... more Electronic Visualisation and the Arts London 2012 (EVA London 2012) is co-sponsored by the Computer Arts Society and BCS, The Chartered Institute for IT, of which the CAS is a specialist group. Over almost two decades, the EVA conference has established itself as one of London’s most innovative and interdisciplinary conferences in the field of digital visualisation. The papers in this volume touch on museum studies, digital performance, augmented reality, simulation, 3D scanning, digital archaeology and many others. The latest research by established scholars, early career researchers and students may be found here.

For more information about EVA 2012 visit www.eva-london.org or search on Twitter for EVAlondonconf.

Electronic Workshops in Computing (eWiC), Jul 2011

Electronic Visualisation and the Arts 2011 (EVA 2011) is co-sponsored by the Computer Arts Societ... more Electronic Visualisation and the Arts 2011 (EVA 2011) is co-sponsored by the Computer Arts Society and BCS, the Chartered Institute for IT, of which the CAS is a specialist group. Over almost two decades, the EVA conference has established itself as one of London’s most innovative and interdisciplinary conferences in the field of digital visualisation. The papers in this volume touch on museum studies, semantic web, immersive environments, simulation, 3D scanning, haptics, digital archaeology and many others. The latest research by established scholars, early career researchers and students may be found here.

Electronic Visualisation and the Arts London 2010 (EVA 2010) is co-sponsored by the Computer Arts... more Electronic Visualisation and the Arts London 2010 (EVA 2010) is co-sponsored by the Computer Arts Society and BCS, The Chartered Institute for IT, of which the Computer Arts Society is a specialist group. Since 1992, the EVA conference series has established itself as a natural home from which to explore the richly interdisciplinary and constantly evolving world of digital visualisation. Nothing illustrates this more than the great scope, depth and diversity of the papers contained within this year's Proceedings.

The latest research in digital arts and new media are explored, with contributors ranging from established scholars to the new generation of research students who will lead the field tomorrow. Conference papers cover reconstructive archaeology, virtual museology, digital arts concepts and practice, immersive environments, and digital performance and music.

Electronic Visualisation and the Arts London 2009 (EVA 2009) is co-sponsored by the Computer Arts... more Electronic Visualisation and the Arts London 2009 (EVA 2009) is co-sponsored by the Computer Arts Society and the British Computer Society, of which the Computer Arts Society is a specialist group. Since 1992, the EVA conference series has established itself as a natural home from which to explore the richly interdisciplinary and constantly evolving world of digital visualisation. Nothing illustrates this more than the great scope, depth and diversity of the papers contained within this year's Proceedings.

First International Conference, ABZ 2008, London, UK, September 16-18, 2008. Proceedings, 2008

This book constitutes the refereed proceedings of the First International Conference of Abstract ... more This book constitutes the refereed proceedings of the First International Conference of Abstract State Machines, B and Z, ABZ 2008, held in London, UK, in September 2008. The conference simultaneously incorporated the 15th International ASM Workshop, the 17th International Conference of Z Users and the 8th International Conference on the B Method.

The 44 revised full papers presented together with 4 invited contributions were carefully reviewed and selected from numerous submissions. The conference fosters the cross-fertilization of three rigorous methods for the design and analysis of hardware and software systems - both in academia and industry - namely Abstract State Machines, B, and Z. Covering a wide range of research spanning from theoretical and methodological foundations to tool support and practical applications, the contributions are organized in topical sections on abstract state machines, B papers, Z papers, ABZ short papers, and the papers of the Verified Software Repository Network (VSR-net) workshop.

This Electronic Workshop in Computing (eWiC) proceedings contains selected papers from the worksh... more This Electronic Workshop in Computing (eWiC) proceedings contains selected papers from the workshop on Formal Methods in Industry, held in London, UK, and organised under the auspices of the BCS Formal Aspects of Computing Science (FACS) Specialist Group. The workshop, organised by Paul Boca, Jonathan Bowen and Peter Gorm Larsen, was inspired by the very successful and well-attended Industry Day event at the FM05 conference. The FACS workshop dovetails well with the subsequent Industry Day at FM08, which Peter Gorm Larsen is also co-chairing.

ZUM'98: The Z Formal Specification Notation, Sep 1998

In a number of recent presentations – most notably at FME’961 – one of the foremost scientists i... more In a number of recent presentations – most notably at FME’961
– one of the foremost scientists in the ﬁeld of formal methods, C.A.R. Hoare, has highlighted the fact that formal methods are not the only technique for producing reliable software. This seems to have caused some controversy, not least amongst formal
methods practitioners.

How can one of the founding fathers of formal methods seemingly denounce the ﬁeld of research after over a quarter of a century of support? This is a question that has been posed recently by some formal methods sceptics. However, Prof. Hoare has not abandoned formal methods. He is reiterating, albeit more radically, his 1987 view that more than one tool and notation will be
required in the practical, industrial development of large-scale complex computer systems; and not all of these tools and notations will be, or even need be, formal in nature.

Formal methods are not a solution, but rather one of a selection of techniques that have proven to be useful in the development of reliable complex systems, and to result in hardware and software systems that can be produced on-time and within a budget, while satisfying the stated requirements.

After almost three decades, the time has come to view formal methods in the context of overall industrial-scale system development, and their relationship to other techniques and methods. We should no longer consider the issue of whether
we are “pro-formal” or “anti-formal”, but rather the degree of formality (if any) that we need to support in system development. This is a goal of ZUM’98, the 11th International Conference of Z Users, held for the ﬁrst time within continental Europe in the city of Berlin, Germany.

Proceedings of the Eighth Z User Meeting, Jul 22, 1994

This volume contains papers from the Eighth Z User Meeting, to be held at the University of Cambr... more This volume contains papers from the Eighth Z User Meeting, to be held at the University of Cambridge from 29 - 30 June 1994. The papers cover a wide range of issues associated with Z and formal methods, with particular reference to practical application. These issues include education, standards, tool support, and interaction with other design paradigms such as consideration of real-time and object-oriented approaches to development. Among the actual topics covered are: the formal specification in Z of Defence Standard 00-56; formal specification of telephone features; specifying and interpreting class hierarchies in Z; and software quality assurance using the SAZ method. Z User Workshop, Cambridge 1994 provides an important overview of current research into industrial applications of Z, and will provide invaluable reading for researchers, postgraduate students and also potential industrial users of Z.

Abstract Z is one of the most widely used formal speci cation languages. However, traditionally i... more Abstract Z is one of the most widely used formal speci cation languages. However, traditionally it has lacked adequate tool support for use in an industrial setting. It has grown up from a mathematically based tradition of the use of formal methods, rather than being based on any particular tool. This paper presents a tool and, in particular, its associated machine-readable syntax description of Z that could be useful as a common front-end to a number of tools to aid the production of a Z speci cation.

Reading University Dept. Computing Technical Reports 1996, Aug 1996

This article presents a concrete grammar for the specification language Z, following as precisely... more This article presents a concrete grammar for the specification language Z, following as precisely as possible the BNF-like syntax description in the widely used Z Reference Manual. The grammar has been used as a starting point for several projects associated with Z. It is written in an extended BNF format for the public domain compiler-compiler PRECC. The grammar has also been used as a basis for grammars aimed at other compiler-compilers, including yacc and PCCTS. The important goal in publishing it here is to make the accepted ZRM grammar for Z publicly available in concrete form and thus to promote the production of Z-based utilities. The formalization has been tested by interpreting it standardly 1) in PRECC as a parse-tree builder, and, more abstractly, 2) as a generator of its valid phrases. In the non-standard configuration it has generated a suite of test expressions for the standard parser and some examples from that test suite are provided here. The 1st of these has a rigorous claim to the title of most trivial non-trivial Z specification possible, but all are good tests for any parser of Z.

Programming Research Group Technical Report, Dec 1991

This report gives an overview of the work performed by the Programming Research Group as part of ... more This report gives an overview of the work performed by the Programming Research Group as part of the European collaborative ESPRIT II REDO project (no. 2487). This work covered the areas of reverse-engineering: redocumentation and re-engineering; validation: post-hoc veri fication and generation of correct code from speci fications; maintenance: new languages and methods to support maintenance. Research in areas of concurrent programming and decompilation were also performed.

Technical Report SBU-CISM-01-03, 2001

Formal methods are usually used for computer system speciﬁcation, production and veriﬁcation. In ... more Formal methods are usually used for computer system speciﬁcation, production and veriﬁcation. In this paper, a new direction for the use of formal methods is proposed, namely formalization of the regulatory requirements for software
of safety-critical real-time control systems. Formal regulatory requirements, as opposed to formal speciﬁcations for a concrete system, have a generic nature, are applied for a wide range of safety-critical control systems, and are the basis for a
licensing process. The use of formal regulatory requirements could help to eliminate ambiguity or misunderstanding of informal deﬁnitions, to allow rigorous assessment of satisfaction with respect to requirements and ﬁnally to increase the safety level
of a system.

As a formal method for describing the regulatory requirements, the Z notation is proposed. To demonstrate the proposed approach, requirements for protection against common mode software failures and requirements for protection against unauthorized access are considered. Z schemas for these requirements are presented.

Technical Report SBU-CISM-01-01, Jan 2001

This paper describes an approach to formalization of criteria of complex computer systems softwar... more This paper describes an approach to formalization of criteria of complex computer systems software testing. A brief review of control-ﬂow criteria is introduced.As a formal language for describing the criteria, the Z notation is selected. Z schemas are presented for deﬁnitions of the following criteria: statement coverage, decision coverage, condition coverage, decision/condition coverage, full predicate coverage, modiﬁed condition/decision coverage, and multiple condition coverage. This characterization could help in the correct understanding of diﬀerent types of testing and also the correct application of a desired testing regime.

RUCS Technical Report, RUCS/1998/TR/010/A, Oct 1998

Compiler compilers are in widespread use, but decompiler compilers are a more novel concept. This... more Compiler compilers are in widespread use, but decompiler compilers are a more novel concept. This paper presents an approach for the decompilation of object code back to source code using a decompiler generator. An example decompilation is presented. Potential applications include reverse engineering, quality assessment, debugging and safety-critical code validation or veriﬁcation.

London South Bank University, 2013

CHM Reference number: X3698.2007, 2007

Oral History of Sir Antony Hoare. Interviewed by: Jonathan P. Bowen. Recorded: September 8, 200... more Oral History of Sir Antony Hoare.
Interviewed by: Jonathan P. Bowen.
Recorded: September 8, 2006, Cambridge, United Kingdom
CHM Reference number: X3698.2007.
© 2006 Computer History Museum, USA.

RUCS Technical Report RUCS/97/TR/062/A, 1997

The safety aspects of computer-based systems as increasingly important as the use of software esc... more The safety aspects of computer-based systems as increasingly important as the use of software escalates because of its convenience and flexibility. However the complexity of even modestly sized programs is such that the elimination of errors with a high degree of confidence is extremely difficult. There are a number of approaches to enhancing safety in safety-critical control systems. These are surveyed and compared with particular emphasis on systems with software in the controlling system. A glossary of terms and an extensive bibliography for further reading are included.

Technical Report PRG-TR-12-90, Jun 1990

This guide gives some information about Oxford, particularly for visitors to the Programming Rese... more This guide gives some information about Oxford, particularly for visitors to the Programming Research Group. It was originally written for two collaborative ESPRIT projects, so some parts are targeted in a European and research project context. However it should be of general interest, particularly to overseas visitors who are attempting to unravel the mystique of Oxford (although the authors are still trying to do likewise!).

Technical Monograph PRG-74, Jun 1989

Window management systems are now used extensively for user interfaces to computer systems. Part ... more Window management systems are now used extensively for user interfaces to computer systems. Part I of this monograph introduces some of the fundamental ideas in window systems using a formal notation. Part II outlines three real systems and attempts to capture the essence of each system using the same formal notation and ideas introduced in Part 1. Low-level detail is avoided to keep the length to a, manageable size. In Part I, chapter 1 introduces general concepts useful for specifying pixel maps and window systems. Chapter 2 defines the raster-op function which is fundamental to many graphics operations and chapter 3 introduces a simple example window system. In Part II, chapters 4-6 detail three particular window systems. Chapter 7 remarks on experience gained by formally specifying the three window systems. The formal notation used, Z, is based on set theory, and has been developed at the Programming Research Group in Oxford.

Technical Monograph PRG-60, Jan 1987

The specification language Z is used to define a microprocessor based system in a formal notation... more The specification language Z is used to define a microprocessor based system in a formal notation. The Motorola 6800 8-bit microprocessor is chosen as an example. Its simplicity allows the entire instruction set to be covered. Memory configuration and interrupts are also included. The use of a formal description language allows the possibility of verification of the instruction set. Additionally the use of Z combined with informal text is sufficiently readable for the specification to be used for documentation purposes.

Technical Report PRG-TR-5-89, Oct 1989

This report gives a survey of user interface languages and formal representations of user interfa... more This report gives a survey of user interface languages and formal representations of user interfaces. The following aspects of User Interface Languages are considered:

* expressiveness
* readability
* evaluation (is it possible to evaluate the ergonomic and functional quality of the user interface from the representation)
* manipulation
* compilation/interpretation
* possibility to include knowledge representation.

EVA London 2020, 2020

Slides for a talk on museums and the World Wide Web Virtual Library at the EVA London 2020 Confer... more Slides for a talk on museums and the World Wide Web Virtual Library at the EVA London 2020 Conference on Electronic Visualisation and the Arts.
The talk is available on YouTube:
https://www.youtube.com/watch?v=aatNVKHTUaw

"Formal methods aim to apply mathematically-based techniques to the development of computer-based... more "Formal methods aim to apply mathematically-based techniques to the development of computer-based systems, especially at the specification level, but also down to the implementation level. This aids early detection and avoidance of errors through increased understanding. It is also beneficial for more rigorous testing coverage. This talk presents the use of formal methods on a real project. The Z notation has been used to specify a large-scale high integrity system to aid in air traffic control. The system has been implemented directly from the Z specification using SPARK Ada, an annotated subset of the Ada programming language that includes assertions and tool support for proofs. The Z specification has been used to direct the testing of the software through additional test design documents using tables and fragments of Z. In addition, Mathematica has been used as a test oracle for algorithmic aspects of the system. In summary, formal methods can be used successfully in all phases of the lifecycle for a large software project with suitably trained engineers, despite limited tool support.
"

Scholarly advance depends on the interaction of researchers in a large number of overlapping comm... more Scholarly advance depends on the interaction of researchers in a large number of overlapping communities in different disciplines (mathematics, computer science, etc.) and fields within these disciplines (e.g., algebra, formal methods, etc.). Now that academic publications are largely accessible on the Internet, these connections are directly available through a number of resources and visualization tools that are available online. Academic links are typically in the form of co-authors, citations, supervisor/student, etc., forming different types of relations between pairs of researchers. This paper explores these links with some specific examples, including visualization of these relationships and their formalization using the Z notation.

Online communities have increased in size and importance dramatically over the last decade. The f... more Online communities have increased in size and importance dramatically over the last decade. The fact that many communities are online means that it is possible to extract information about these communities and the connections between their members much more easily using software tools, despite their potentially very large size. The links between members of the community can be presented visually and often this can make patterns in the structure of sub-communities immediately obvious. The links and structures of layered communities can also be formalized to gain a better understanding of their modelling. This paper explores these links with some specific examples, including visualization of these relationships and a formalized model of communities using the Z notation. It also considers the development of such communities within the Community of Practice social science framework. Such approaches may be applicable for communities associated with cybersecurity and could be combined for a better understanding of their development.

Computer science is a relative young science that also straddles technology and engineering, but ... more Computer science is a relative young science that also straddles technology and engineering, but is now taught in the vast majority of universities. The talk will explore overall trends in student numbers and profiles, curriculum content, etc., in the UK and elsewhere. The relationship with school-level education and industry will be covered and some possible solutions to key issues will be proposed.

A Body of Knowledge (BoK) is an ontology for a particular professional domain. A Community of Pra... more A Body of Knowledge (BoK) is an ontology for a particular professional domain. A Community of Practice (CoP) is the collection of people developing such knowledge. In the paper we explore these concepts in the context of the formal methods community in general and the Z notation community, as has been supported by the Z User Group, in particular. The existing SWEBOK Software Engineering Body of Knowledge is considered with respect to formal methods and a high-level model for the possible structure of of a BoK is provided using the Z notation.

Information and Software Technology, May 1995

Supplementary material, Jul 1998

Online material for a Z course based on the book by the author. This includes slides for some cha... more Online material for a Z course based on the book by the author. This includes slides for some chapters and the exercises. Updated in July 1998 with minor corrections and improved formatting.

PRECCX stands for PREttier Compiler Compiler (eXtended). PRECCX converts context-grammar definiti... more PRECCX stands for PREttier Compiler Compiler (eXtended). PRECCX converts context-grammar definition scripts (with a .y extension) into ANSI C code scripts (with a .c extension) that can in turn be compiled into working parsers, interpreters or compilers using a standard ANSI C compiler.

Did Alan Turing OBE FRS (23 June 1912 – 7 June 1954), the celebrated mathematician, codebreaker, ... more Did Alan Turing OBE FRS (23 June 1912 – 7 June 1954), the celebrated mathematician, codebreaker, and pioneer computer scientist, ever visit Oxford? He is well-known for his connections with the University of Cambridge, Bletchley Park, the National Physical Laboratory, and the University of Manchester, but there is no known written archival record of him ever visiting Oxford, despite it being the location of the University of Oxford, traditionally a rival of Cambridge. However, surely he must have done so.

A personal archive of material related to formal methods has been deposited at Swansea University... more A personal archive of material related to formal methods has been deposited at Swansea University by the author in 2018. This paper documents the contents of the archive and includes associated publications. The archival material forms part of a larger History of Computing Collection founded by Prof. John Tucker at Swansea in 2007 and held at the University. It is hoped that this paper can aid future archivists with placing the material in context.

Following a sequence of hardware designs for a fully homomorphic crypto-processor -- a general pu... more Following a sequence of hardware designs for a fully homomorphic crypto-processor -- a general purpose processor that natively runs encrypted machine code on encrypted data in registers and memory, resulting in encrypted machine states -- proposed by the authors in 2014, we discuss a working prototype of the first of those, a so-called `pseudo-homomorphic' design. This processor is in principle safe against physical or software-based attacks by the owner/operator of the processor on user processes running in it. The processor is intended as a more secure option for those emerging computing paradigms that require trust to be placed in computations carried out in remote locations or overseen by untrusted operators.

The prototype has a single-pipeline superscalar architecture that runs OpenRISC standard machine code in two distinct modes. The processor runs in the encrypted mode (the unprivileged, `user' mode, with a long pipeline) at 60-70\% of the speed in the unencrypted mode (the privileged, `supervisor' mode, with a short pipeline), emitting a completed encrypted instruction every 1.67-1.8 cycles on average in real trials.