Pub Date : 2026-01-01DOI: 10.1016/j.jlamp.2025.101108
Hongxia Sun , Zhiping Shi , Shanyan Chen , Guohui Wang , Ximeng Li , Yong Guan
As a basic quantum algorithm, the Bernstein-Vazirani algorithm is based on the principles of superposition in quantum mechanics, demonstrating superior efficiency over classical computation in finding hidden strings. Due to the high complexity of quantum mechanics, the correctness of quantum algorithms is difficult to guarantee through traditional simulation methods. By contrast, the Bernstein-Vazirani algorithm’s fundamental concepts and mathematical structures can be formalized into logical expressions and verified by higher-order logical reasoning. In this paper, we formally model and verify the Bernstein-Vazirani algorithm in the HOL Light theorem prover. Meanwhile, to indicate the practical significance of our work, we analyze two realistic scenarios, the error correction in quantum key distribution and image encryption and decryption.
{"title":"Formal reasoning about Bernstein-Vazirani algorithm","authors":"Hongxia Sun , Zhiping Shi , Shanyan Chen , Guohui Wang , Ximeng Li , Yong Guan","doi":"10.1016/j.jlamp.2025.101108","DOIUrl":"10.1016/j.jlamp.2025.101108","url":null,"abstract":"<div><div>As a basic quantum algorithm, the Bernstein-Vazirani algorithm is based on the principles of superposition in quantum mechanics, demonstrating superior efficiency over classical computation in finding hidden strings. Due to the high complexity of quantum mechanics, the correctness of quantum algorithms is difficult to guarantee through traditional simulation methods. By contrast, the Bernstein-Vazirani algorithm’s fundamental concepts and mathematical structures can be formalized into logical expressions and verified by higher-order logical reasoning. In this paper, we formally model and verify the Bernstein-Vazirani algorithm in the HOL Light theorem prover. Meanwhile, to indicate the practical significance of our work, we analyze two realistic scenarios, the error correction in quantum key distribution and image encryption and decryption.</div></div>","PeriodicalId":48797,"journal":{"name":"Journal of Logical and Algebraic Methods in Programming","volume":"149 ","pages":"Article 101108"},"PeriodicalIF":1.2,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145938365","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-12-02DOI: 10.1016/j.jlamp.2025.101107
Kyungmin Bae , Santiago Escobar , Raúl López-Rueda , José Meseguer , Julia Sapiña
We propose a new deductive model checking methodology where narrowing-based logical model checking of symbolic states specified as disjunctions of constrained patternsis combined with inductive theorem proving to discharge inductive verification conditions that ensure useful symbolic state space reductions. An obvious combination is to use an inductive theorem prover in automated mode as an oracle to help logical model checking reach a fixpoint. But this is not the only possible combination. In this paper we focus instead on a new deductive model checking methodology to verify invariants —including inductive invariants— of infinite-state systems, where logical model checking automates large parts of the verification effort with the help of an inductive theorem prover as an oracle. Inductive verification conditions not discharged automatically by the oracle are dealt with by commands that refine some constrained patterns by useful semantic equivalences, and by using an inductive theorem prover in interactive mode. This methodology is demonstrated by means of concurrent system examples using two Maude tools working in tandem: the DM-Check narrowing-based symbolic model checker, and the NuITP inductive theorem prover.
{"title":"DM-Check: Verifying invariants of concurrent systems by deductive model checking","authors":"Kyungmin Bae , Santiago Escobar , Raúl López-Rueda , José Meseguer , Julia Sapiña","doi":"10.1016/j.jlamp.2025.101107","DOIUrl":"10.1016/j.jlamp.2025.101107","url":null,"abstract":"<div><div>We propose a new <em>deductive model checking</em> methodology where narrowing-based logical model checking of symbolic states specified as disjunctions of <em>constrained patterns</em>is combined with inductive theorem proving to discharge inductive verification conditions that ensure useful symbolic state space reductions. An obvious combination is to use an inductive theorem prover in <em>automated mode</em> as an <em>oracle</em> to help logical model checking reach a fixpoint. But this is not the only possible combination. In this paper we focus instead on a new deductive model checking methodology to verify invariants —including inductive invariants— of infinite-state systems, where logical model checking automates large parts of the verification effort with the help of an inductive theorem prover as an <em>oracle</em>. Inductive verification conditions not discharged automatically by the oracle are dealt with by commands that refine some constrained patterns by useful semantic equivalences, and by using an inductive theorem prover in interactive mode. This methodology is demonstrated by means of concurrent system examples using two Maude tools working in tandem: the <span>DM-Check</span> narrowing-based symbolic model checker, and the <span>NuITP</span> inductive theorem prover.</div></div>","PeriodicalId":48797,"journal":{"name":"Journal of Logical and Algebraic Methods in Programming","volume":"149 ","pages":"Article 101107"},"PeriodicalIF":1.2,"publicationDate":"2025-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145797548","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-11-20DOI: 10.1016/j.jlamp.2025.101099
Didrik Lundberg , Roberto Guanciale , Andreas Lindner , Mads Dam
Enabling Hoare-style reasoning for low-level code is attractive since it opens the way to regain structure and modularity in a domain where structure is essentially absent. The field, however, has not yet arrived at a fully satisfactory solution, in the sense of avoiding restrictions on control flow (important for compiler optimization), controlling access to intermediate program points (important for modularity), and supporting total correctness. Proposals in the literature support some of these properties, but a solution that meets them all is yet to be found. We introduce the novel Hoare-style program logic , which interprets postconditions relative to program points when these are first encountered. The logic supports both partial and total correctness, derives contracts for arbitrary control flow, and allows one to freely choose decomposition strategy during verification while avoiding step-indexed approximations and global invariants. The logic can be instantiated for a variety of concrete instruction set architectures and intermediate languages. The rules of have been verified in the interactive theorem prover HOL4 and integrated with the toolbox HolBA for semi-automated program verification, which supports the ARMv6, ARMv8 and RISC-V instruction sets.
{"title":"Hoare-style logic for unstructured programs","authors":"Didrik Lundberg , Roberto Guanciale , Andreas Lindner , Mads Dam","doi":"10.1016/j.jlamp.2025.101099","DOIUrl":"10.1016/j.jlamp.2025.101099","url":null,"abstract":"<div><div>Enabling Hoare-style reasoning for low-level code is attractive since it opens the way to regain structure and modularity in a domain where structure is essentially absent. The field, however, has not yet arrived at a fully satisfactory solution, in the sense of avoiding restrictions on control flow (important for compiler optimization), controlling access to intermediate program points (important for modularity), and supporting total correctness. Proposals in the literature support some of these properties, but a solution that meets them all is yet to be found. We introduce the novel Hoare-style program logic <span><math><msub><mi>L</mi><mi>A</mi></msub></math></span>, which interprets postconditions relative to program points when these are first encountered. The logic supports both partial and total correctness, derives contracts for arbitrary control flow, and allows one to freely choose decomposition strategy during verification while avoiding step-indexed approximations and global invariants. The logic can be instantiated for a variety of concrete instruction set architectures and intermediate languages. The rules of <span><math><msub><mi>L</mi><mi>A</mi></msub></math></span> have been verified in the interactive theorem prover HOL4 and integrated with the toolbox HolBA for semi-automated program verification, which supports the ARMv6, ARMv8 and RISC-V instruction sets.</div></div>","PeriodicalId":48797,"journal":{"name":"Journal of Logical and Algebraic Methods in Programming","volume":"149 ","pages":"Article 101099"},"PeriodicalIF":1.2,"publicationDate":"2025-11-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145625365","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-11-18DOI: 10.1016/j.jlamp.2025.101100
Alexander Baumgartner , Daniele Nantes-Sobrinho
This paper investigates nominal anti-unification, i.e., the problem of computing least general generalizations of terms in the presence of binding structures and freshness constraints. We extend this problem to account for equational theories, specifically associativity (A), commutativity (C), and their combination (AC), yielding the notion of anti-unification modulo a theory E. Solutions in this setting, called E-generalizations, must consider both, the syntactic structure of nominal terms, and the algebraic properties imposed by E. In the general case, the problem has no solution due to the unbounded supply of atoms. To obtain a finitary setting, we fix a finite set of atoms A and introduce a rule-based algorithm for computing E-generalizations where only atoms from A are allowed to appear. The algorithm includes dedicated rules for reasoning modulo E and systematically explores permutations of subterms, which may lead to exponential blow-up in the number of generalizations. Although the computed set is not minimal, we describe heuristics that lead to computing promising E-generalizations in reasonable time. We also give an implementation of our algorithm which can be used to explore different optimization strategies that improve efficiency in practice, up to archiving tractability.
{"title":"Nominal anti-unification modulo equational theories","authors":"Alexander Baumgartner , Daniele Nantes-Sobrinho","doi":"10.1016/j.jlamp.2025.101100","DOIUrl":"10.1016/j.jlamp.2025.101100","url":null,"abstract":"<div><div>This paper investigates nominal anti-unification, i.e., the problem of computing least general generalizations of terms in the presence of binding structures and freshness constraints. We extend this problem to account for equational theories, specifically associativity (A), commutativity (C), and their combination (AC), yielding the notion of anti-unification modulo a theory <em>E</em>. Solutions in this setting, called <em>E</em>-generalizations, must consider both, the syntactic structure of nominal terms, and the algebraic properties imposed by <em>E</em>. In the general case, the problem has no solution due to the unbounded supply of atoms. To obtain a finitary setting, we fix a finite set of atoms <em>A</em> and introduce a rule-based algorithm for computing <em>E</em>-generalizations where only atoms from <em>A</em> are allowed to appear. The algorithm includes dedicated rules for reasoning modulo <em>E</em> and systematically explores permutations of subterms, which may lead to exponential blow-up in the number of generalizations. Although the computed set is not minimal, we describe heuristics that lead to computing promising <em>E</em>-generalizations in reasonable time. We also give an implementation of our algorithm which can be used to explore different optimization strategies that improve efficiency in practice, up to archiving tractability.</div></div>","PeriodicalId":48797,"journal":{"name":"Journal of Logical and Algebraic Methods in Programming","volume":"149 ","pages":"Article 101100"},"PeriodicalIF":1.2,"publicationDate":"2025-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145580383","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-11-04DOI: 10.1016/j.jlamp.2025.101097
Răzvan Diaconescu
We develop a generic computational model that can be used effectively for establishing the existence of winning strategies for concrete finite combinatorial games. Our modelling is (equational) logic-based involving advanced techniques from algebraic specification, and it can be executed by equational programming systems such as those from the OBJ-family. We show how this provides a form of experimental mathematics for strategy problems involving combinatorial games. We do this by defining general methods and by illustrating these with case studies.
{"title":"Computational modelling for combinatorial game strategies","authors":"Răzvan Diaconescu","doi":"10.1016/j.jlamp.2025.101097","DOIUrl":"10.1016/j.jlamp.2025.101097","url":null,"abstract":"<div><div>We develop a generic computational model that can be used effectively for establishing the existence of winning strategies for concrete finite combinatorial games. Our modelling is (equational) logic-based involving advanced techniques from algebraic specification, and it can be executed by equational programming systems such as those from the OBJ-family. We show how this provides a form of experimental mathematics for strategy problems involving combinatorial games. We do this by defining general methods and by illustrating these with case studies.</div></div>","PeriodicalId":48797,"journal":{"name":"Journal of Logical and Algebraic Methods in Programming","volume":"149 ","pages":"Article 101097"},"PeriodicalIF":1.2,"publicationDate":"2025-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145694225","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-10-17DOI: 10.1016/j.jlamp.2025.101096
Luis Eduardo Bueso de Barrio, Lars-Åke Fredlund, Ángel Herranz, Clara Benac-Earle, Julio Mariño
This article presents Makina, a library written in the Elixir programming language, and a domain specific language for writing property-based testing models for stateful programs. Models written in the domain specific language are translated into standard QuickCheck state machines. Our main goals with Makina are to facilitate the task of developing correct and maintainable models, and to encourage model reuse. To meet these goals, Makina provides a declarative syntax for defining model states and commands. In particular, Makina encourages the typing of specifications, and ensures that such type information can be used by Elixir type checking tools. Moreover, to promote model reuse, the domain specific language provides constructs that allow models to be defined in terms of collections of previously defined ones. To this end a number of operators for combining models have been defined and implemented in our library. A semantics for Makina models is presented in two steps. First, a novel operational semantics for standard QuickCheck state machine models is provided. Then, a translation from a Makina model to a standard QuickCheck state model is given.
{"title":"Makina: A QuickCheck state machine library","authors":"Luis Eduardo Bueso de Barrio, Lars-Åke Fredlund, Ángel Herranz, Clara Benac-Earle, Julio Mariño","doi":"10.1016/j.jlamp.2025.101096","DOIUrl":"10.1016/j.jlamp.2025.101096","url":null,"abstract":"<div><div>This article presents Makina, a library written in the Elixir programming language, and a domain specific language for writing property-based testing models for <em>stateful</em> programs. Models written in the domain specific language are translated into standard QuickCheck state machines. Our main goals with Makina are to facilitate the task of developing correct and maintainable models, and to encourage model reuse. To meet these goals, Makina provides a declarative syntax for defining model states and commands. In particular, Makina encourages the typing of specifications, and ensures that such type information can be used by Elixir type checking tools. Moreover, to promote model reuse, the domain specific language provides constructs that allow models to be defined in terms of collections of previously defined ones. To this end a number of operators for combining models have been defined and implemented in our library. A semantics for Makina models is presented in two steps. First, a novel operational semantics for standard QuickCheck state machine models is provided. Then, a translation from a Makina model to a standard QuickCheck state model is given.</div></div>","PeriodicalId":48797,"journal":{"name":"Journal of Logical and Algebraic Methods in Programming","volume":"148 ","pages":"Article 101096"},"PeriodicalIF":1.2,"publicationDate":"2025-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145361610","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-10-10DOI: 10.1016/j.jlamp.2025.101095
Carlos Olarte , Carlos Ramírez , Camilo Rocha , Frank Valencia
Processes of opinion formation rooted in social dynamics can significantly contribute to the polarization of social, political, and democratic interaction. Opinion dynamic models are essential for understanding the impact of specific social factors on the acceptance or rejection of opinions. This extended paper builds upon the conference presentation documented in [1], introducing improvements and new opinion models that explore biases and collective human behaviors. It presents a framework based on concurrent set relations that formalizes, simulates, and analyzes social interaction systems with dynamic opinion models. Within this framework, standard models for social learning are realized as specific instances. Implemented in the Maude system as a fully executable rewrite theory, the framework enables a detailed examination of how agents' opinions can be influenced within a system. The authors report on new formalization of several and existing social learning models, exploring their relationships with different concurrency models. New experimentation involving reachability analysis, probabilistic simulation, and statistical model checking has been conducted. These experiments are crucial for validating significant properties related to dynamic opinion models in Maude, offering new insights into the mechanisms of opinion shaping in social interaction.
{"title":"Unified opinion formation analysis in rewriting logic","authors":"Carlos Olarte , Carlos Ramírez , Camilo Rocha , Frank Valencia","doi":"10.1016/j.jlamp.2025.101095","DOIUrl":"10.1016/j.jlamp.2025.101095","url":null,"abstract":"<div><div>Processes of opinion formation rooted in social dynamics can significantly contribute to the polarization of social, political, and democratic interaction. Opinion dynamic models are essential for understanding the impact of specific social factors on the acceptance or rejection of opinions. This extended paper builds upon the conference presentation documented in <span><span>[1]</span></span>, introducing improvements and new opinion models that explore biases and collective human behaviors. It presents a framework based on concurrent set relations that formalizes, simulates, and analyzes social interaction systems with dynamic opinion models. Within this framework, standard models for social learning are realized as specific instances. Implemented in the Maude system as a fully executable rewrite theory, the framework enables a detailed examination of how agents' opinions can be influenced within a system. The authors report on new formalization of several and existing social learning models, exploring their relationships with different concurrency models. New experimentation involving reachability analysis, probabilistic simulation, and statistical model checking has been conducted. These experiments are crucial for validating significant properties related to dynamic opinion models in Maude, offering new insights into the mechanisms of opinion shaping in social interaction.</div></div>","PeriodicalId":48797,"journal":{"name":"Journal of Logical and Algebraic Methods in Programming","volume":"148 ","pages":"Article 101095"},"PeriodicalIF":1.2,"publicationDate":"2025-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145324333","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-10-09DOI: 10.1016/j.jlamp.2025.101094
Hitoshi Furusawa , Walter Guttmann , Georg Struth
Binary multirelations form a model of alternating nondeterminism useful for analysing games, interactions of computing systems with their environments or abstract interpretations of probabilistic programs. We investigate this alternating structure with inner or demonic and outer or angelic choices in a relation-algebraic language extended with specific operations on multirelations that relate to the inner layer of alternation.
{"title":"On the inner structure of multirelations","authors":"Hitoshi Furusawa , Walter Guttmann , Georg Struth","doi":"10.1016/j.jlamp.2025.101094","DOIUrl":"10.1016/j.jlamp.2025.101094","url":null,"abstract":"<div><div>Binary multirelations form a model of alternating nondeterminism useful for analysing games, interactions of computing systems with their environments or abstract interpretations of probabilistic programs. We investigate this alternating structure with inner or demonic and outer or angelic choices in a relation-algebraic language extended with specific operations on multirelations that relate to the inner layer of alternation.</div></div>","PeriodicalId":48797,"journal":{"name":"Journal of Logical and Algebraic Methods in Programming","volume":"148 ","pages":"Article 101094"},"PeriodicalIF":1.2,"publicationDate":"2025-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145265395","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-09-12DOI: 10.1016/j.jlamp.2025.101093
Seyed Hossein Haeri , Peter Van Roy , Heinrich Apfelmus , Peter W. Thompson , Neil J. Davies , Magne Haveraaen , Mikhail Barash , Kevin Hammond , James Chapman , Artjoms Šinkarovs
Designing distributed systems to have predictable performance under all loads is difficult because of resource exhaustion, nonlinearity, and stochastic behaviour. Timeliness, defined as delivering results (sufficiently often) within a specified delay distribution, is a central aspect of predictable performance. In this paper, we consider the ΔQ Systems Development paradigm (ΔQSD, developed by PNSol), which computes timeliness by modelling systems observationally using so-called outcome expressions. An outcome expression is a compositional definition of a system's observed behaviour that shows the causal connections between its basic operations. Given the ΔQSD operations, we use outcome expressions to compute the stochastic behaviour of the whole system including its timeliness.
This paper defines and proves algebraic equivalences of outcome expressions with respect to timeliness. We prove the correctness of previously-known equivalences. We also introduce new equivalences and prove their correctness for outcome expressions containing probabilistic choice, failure, synchronisation (first-to-finish and last-to-finish), and sequential composition operators. We show how to incorporate failure as a first-class citizen in outcome expressions by developing the relevant mathematics based on the use of improper random variables. The paper shows the practical usefulness of algebraic equivalences by studying the design of a memory system containing a local cache, a networked read with timeout, and the ability to retry. We compute the delay and failure behaviour of several versions of this system, using the equivalences to simplify computations. This work is part of an ongoing project to disseminate and build tool support for ΔQSD, to make it available to the wider community of system designers.
{"title":"Algebraic reasoning for timeliness-guided system design","authors":"Seyed Hossein Haeri , Peter Van Roy , Heinrich Apfelmus , Peter W. Thompson , Neil J. Davies , Magne Haveraaen , Mikhail Barash , Kevin Hammond , James Chapman , Artjoms Šinkarovs","doi":"10.1016/j.jlamp.2025.101093","DOIUrl":"10.1016/j.jlamp.2025.101093","url":null,"abstract":"<div><div>Designing distributed systems to have predictable performance under all loads is difficult because of resource exhaustion, nonlinearity, and stochastic behaviour. Timeliness, defined as delivering results (sufficiently often) within a specified delay distribution, is a central aspect of predictable performance. In this paper, we consider the ΔQ Systems Development paradigm (ΔQSD, developed by <span><span>PNSol</span><svg><path></path></svg></span>), which computes timeliness by modelling systems observationally using so-called <em>outcome expressions</em>. An outcome expression is a compositional definition of a system's observed behaviour that shows the causal connections between its basic operations. Given the ΔQSD operations, we use outcome expressions to compute the stochastic behaviour of the whole system including its timeliness.</div><div>This paper defines and proves algebraic equivalences of outcome expressions with respect to timeliness. We prove the correctness of previously-known equivalences. We also introduce new equivalences and prove their correctness for outcome expressions containing probabilistic choice, failure, synchronisation (first-to-finish and last-to-finish), and sequential composition operators. We show how to incorporate failure as a first-class citizen in outcome expressions by developing the relevant mathematics based on the use of improper random variables. The paper shows the practical usefulness of algebraic equivalences by studying the design of a memory system containing a local cache, a networked read with timeout, and the ability to retry. We compute the delay and failure behaviour of several versions of this system, using the equivalences to simplify computations. This work is part of an ongoing project to disseminate and build tool support for ΔQSD, to make it available to the wider community of system designers.</div></div>","PeriodicalId":48797,"journal":{"name":"Journal of Logical and Algebraic Methods in Programming","volume":"148 ","pages":"Article 101093"},"PeriodicalIF":1.2,"publicationDate":"2025-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145099626","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-09-02DOI: 10.1016/j.jlamp.2025.101092
Robert M. Hierons , Mercedes G. Merayo , Manuel Núñez
When testing a state-based system one might use a set of (negative) test cases in which each test case is a sequence of events that should not occur. Testing then involves executing the system under test (SUT) in order to check whether any of these disallowed sequences can occur. While testing using such sequences can be effective, they introduce a source of inefficiency: if a test case expects the SUT to produce output a after observing a sequence σ and the SUT instead produces a different output after σ then testing with that test case did not show an error, because the SUT can autonomously produce outputs, and terminates because the test case only makes sense if the exact sequence is observed. This is a source of inefficiency if there is another test case that starts with σ followed by : we could have continued evaluating whether the application of this second test case leads to an error. This paper considers scenarios in which events represent inputs, outputs, or the passing of discrete time. We show how a set of sequential test cases can be converted into an equivalent set of adaptive test cases, with adaptivity addressing the above source of inefficiency. The proposed approach has the potential to improve efficiency when using any test generation technique that returns negative sequential test cases.
{"title":"Combining sequential test cases into an equivalent set of adaptive test cases","authors":"Robert M. Hierons , Mercedes G. Merayo , Manuel Núñez","doi":"10.1016/j.jlamp.2025.101092","DOIUrl":"10.1016/j.jlamp.2025.101092","url":null,"abstract":"<div><div>When testing a state-based system one might use a set of (negative) test cases in which each test case is a sequence of events that should not occur. Testing then involves executing the system under test (SUT) in order to check whether any of these disallowed sequences can occur. While testing using such sequences can be effective, they introduce a source of inefficiency: if a test case expects the SUT to produce output <em>a</em> after observing a sequence <em>σ</em> and the SUT instead produces a different output <span><math><msup><mrow><mi>a</mi></mrow><mrow><mo>′</mo></mrow></msup></math></span> after <em>σ</em> then testing with that test case did not show an error, because the SUT can autonomously produce outputs, and terminates because the test case only makes sense if the exact sequence is observed. This is a source of inefficiency if there is another test case that starts with <em>σ</em> followed by <span><math><msup><mrow><mi>a</mi></mrow><mrow><mo>′</mo></mrow></msup></math></span>: we could have continued evaluating whether the application of this second test case leads to an error. This paper considers scenarios in which events represent inputs, outputs, or the passing of discrete time. We show how a set of sequential test cases can be converted into an equivalent set of adaptive test cases, with adaptivity addressing the above source of inefficiency. The proposed approach has the potential to improve efficiency when using any test generation technique that returns negative sequential test cases.</div></div>","PeriodicalId":48797,"journal":{"name":"Journal of Logical and Algebraic Methods in Programming","volume":"148 ","pages":"Article 101092"},"PeriodicalIF":1.2,"publicationDate":"2025-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144932761","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号