| | |
Summary: Reactive Modules \Lambda
Rajeev Alur y Thomas A. Henzinger z
Abstract. We present a formal model for concurrent systems. The model represents
synchronous and asynchronous components in a uniform framework that supports com
positional (assumeguarantee) and hierarchical (stepwiserefinement) design and verifi
cation. While synchronous models are based on a notion of atomic computation step,
and asynchronous models remove that notion by introducing stuttering, our model is
based on a flexible notion of what constitutes a computation step: by applying an ab
straction operator to a system, arbitrarily many consecutive steps can be collapsed into
a single step. The abstraction operator, which may turn an asynchronous system into a
synchronous one, allows us to describe systems at various levels of temporal detail. For
describing systems at various levels of spatial detail, we use a hiding operator that may
turn a synchronous system into an asynchronous one. We illustrate the model with di
verse examples from synchronous circuits, asynchronous sharedmemory programs, and
synchronous messagepassing protocols.
1 Introduction
We introduce a new formal model for reactive computation. Our target application is hardware
software codesign and verification. This application requires (1) an ability to describe and compose
modules with different synchrony assumptions, (2) an ability to describe and compose modules at
different levels of abstraction, and (3) an ability to decompose verification tasks into subtasks of
|
