Formal modelling and analysis of an asynchronous communication mechanism
This thesis makes a contribution towards cutting the cost of development of real-time systems, The development of real-time systems is difficult: often errors in the specification are not identified until late in the development pro- cess, and there is a requirment to reduce the amount of rework to correct flaws introduced in the early stages of development, A Real-time network- Specification Language (RTN-SL) is being developed to allow the rigorous specification of functionality and timing properties of computations, The correct specification of end to end timing constraints, however requires an understanding of the timing properties of the communication between components. A theory of communication is therefore required to be used with the RTN-SL, to analyse timing properties of systems early in the development process. The work demonstrates how a tool set can be used to gain an under- standing of the behaviour of the system, to help to identify and correct ambiguities that arise in the early stages of development. An incremental development approach is recommended, Starting with an abstract model and exploring properties of increasingly realistic models of the implementa- tion, to gain confidence about the correctness of the implementation and an understanding of its behaviour, The strengths and weaknesses of a number of tools are discussed and it is shown that it is possibk to use a compositional rely-guaranteed method to verify properties of systems where the individual components give few or no guarantees about their behaviour. This rely guar- antee method makes it possible to record assumptions in the specification, to help ensure they are not overlooked and thereby introduce errors in the design and implementation, This approach can form the basis of a theory of communication, which can be used with the RTN-SL to reason about end to end timing properties of systems in the early stages of development.