Skip to content
Snippets Groups Projects
Commit 01632242 authored by dgelessus's avatar dgelessus
Browse files

Remove OtherLanguages section whose content can be found on the wiki

parent 539f0cdc
Branches
No related tags found
No related merge requests found
Expand all Show whitespace changes
Inline Side-by-side
Showing
with 0 additions and 2094 deletions
src/docs/chapter/user/30_OtherLanguages/00_section_header.adoc deleted 100644 → 0
+ 0
4
View file @ 539f0cdc
[[other-languages]]
= Other languages
:leveloffset: +1
src/docs/chapter/user/30_OtherLanguages/01_Other_languages.adoc deleted 100644 → 0
+ 0
107
View file @ 539f0cdc
[[other-languages-overview]]
= Overview
Since version
1.2.7 of ProB (July 2008) you can also open Promela files with ProB.
This mode is still experimental but already very usable and provides
source-level highlighting during animation. The main purpose is to debug
and animate Promela specifications in a user-friendly way. We do not
plan to compete in terms of model checking speed with Spin (Spin
compiles Promela to C code, ProB uses a Prolog interpreter). To animate
a Promela model, simply open the file with the .pml or .prom extension
with the "File->Open..." command. You will have to choose "Other
Formalisms" or "All Files" in the filter pop-up-menu to be able to
select the file.
You can also use ProB to animate and model check other specification
languages by writing your own Prolog interpreter. To do this you should
create a Prolog file with the .P extension and which defines three
predicates:
* trans/3: this predicate should compute for every state (second
argument), the outgoing transitions (first argument), and the resulting
new states (third argument)
* prop/2: this predicate should compute the properties for the states of
your system
* start/1: this defines the initial states of your system
For example, the following defines a system with two states (a and b)
and two transitions (lock and unlock):
start(a). trans(lock,a,b). trans(unlock,b,a). prop(X,X).
These Prolog files can be loaded with ProB's open command (be sure to
use the .P extension and to either choose "All files" or "Other
Formalisms" in the file filtering menu).
Another simple example for a very basic process algebra is as follows:
....
% start(PossibleInitialState)
start(choice(pref(a,stop),intl(pref(b,pref(c,stop)),pref(d,stop)))).
% trans(Event, StateBefore, StateAfter)
trans(A,pref(A,P),P). % action prefix
trans(A,intl(P,Q),intl(P2,Q)) :- trans(A,P,P2). % interleave
trans(A,intl(P,Q),intl(P,Q2)) :- trans(A,Q,Q2).
trans(A,par(P,Q),par(P2,Q2)) :- trans(A,P,P2), trans(A,Q,Q2). % parallel composition
trans(A,choice(P,Q),P2) :- trans(A,P,P2). % choice
trans(A,choice(P,Q),Q2) :- trans(A,Q,Q2).`
% prop(State, PropertyOfState)
prop(pref(A,P),prefix).
prop(intl(P,Q),interleave).
prop(A,A).
....
If you have a working interpreter, you can also contact the ProB
developers in order for your interpreter to be included in the standard
ProB distribution (in the style of the CSP-M or Promela interpreters).
With this you can add syntax highlighting, error highlighting in the
source code, highlighting during animation, support for new LTL
properties,...
Another, slightly more elaborate example, is the following interpreter
for regular expressions:
....
/* A simple animator for regular expressions */
start('|'('.'('*'(a),b) , '.'('*'(b),a))).
trans(_,[],_) :- !,fail.
trans(X,X,[]) :- atomic(X),!.
trans(X,'|'(R1,R2),R) :-
trans(X,R1,R) ; trans(X,R2,R).
trans(X,'.'(R1,B),R) :- trans(X,R1,R2),
gen_concat(R2,B,R).
trans(X,'?'(R1),R) :-
trans(X,R1,R) ; (X=epsilon,R=[]).
trans(epsilon,'*'(_R1),[]).
trans(X,'*'(R1),R) :-
trans(X,R1,R2),
gen_concat(R2,'*'(R1),R).
trans(X,'+'(R1),R) :-
trans(X,R1,R2),
gen_concat(R2,'*'(R1),R).
gen_concat(R1,R2,R) :-
(R1=[] -> R = R2 ; R = '.'(R1,R2)).
prop(X,X).
....
Finally, a more complex example is <<rush-hour-xtl,an encoding of
the Rush Hour puzzle>> which also includes a graphical visualisation
(using the `animation_function_result` predicate recognised by ProB as
of version 1.4.0-rc3).
= Other recognised Prolog predicates
The following can be used to set up an animation image matrix with corresponding actions:
* animation_image(Nr,Path)
* animation_function_result(State,List) where List is a list of terms of the form ((Row,Col),Img)
where Img is either a declared animation_image number or another Prolog term
* animation_image_right_click_transition(Row,Col,TransitionTemplate)
* animation_image_click_transition(FromRow,FromCol,ToRow,ToCol,ListOfTransitionTemplates,ImageNr)
src/docs/chapter/user/30_OtherLanguages/Alloy.adoc deleted 100644 → 0
+ 0
420
View file @ 539f0cdc
[[alloy]]
= Alloy
As of version 1.8 ProB provides support to load
http://alloy.mit.edu/alloy/[Alloy] models. The Alloy models are
translated to B machines by a https://github.com/hhu-stups/alloy2b[Java
frontend].
This work and web page is still experimental.
The work is based on a translation of the specification language Alloy
to classical B. The translation allows us to load Alloy models into ProB
in order to find solutions to the model's constraints. The translation
is syntax-directed and closely follows the Alloy grammar. Each Alloy
construct is translated into a semantically equivalent component of the
B language. In addition to basic Alloy constructs, our approach supports
integers and orderings.
[[installation-alloy]]
== Installation
Alloy2B is included as of version 1.8.2 of ProB.
You can build Alloy2B yourself:
* Clone or download https://github.com/hhu-stups/alloy2b[Alloy2B project
on Github].
* Make jar file (gradle build) and
* put resulting alloy2b-*.jar file into ProB's lib folder.
[[examples-alloy]]
== Examples
[[n-queens-alloy]]
=== N-Queens
....
module queens
open util/integer
sig queen { x:Int, x':Int, y:Int } {
x >= 1
y >= 1
x <= #queen
y <= #queen
x' >=1
x' <= #queen
x' = minus[plus[#queen,1],x]
}
fact { all q:queen, q':(queen-q) {
! q.x = q'.x
! q.y = q'.y
! plus[q.x,q.y] = plus[q'.x,q'.y]
! plus[q.x',q.y] = plus[q'.x',q'.y]
}}
pred show {}
run show for exactly 4 queen, 5 int
....
This can be loaded in ProB, as shown in the following screenshot. To run
the "show" command you have to use "Find Sequence..." command for
"run_show" in the "Constraint-Based Checking" submenu of the
_Verify_ menu.
image::ProBAlloyQueens.png[800px|center]
Internally the Alloy model is translated to the following B model:
....
MACHINE alloytranslation
SETS /* deferred */
queen
CONCRETE_CONSTANTS
x,
x_,
y
/* PROMOTED OPERATIONS
run0 */
PROPERTIES
x : queen --> INTEGER
& x_ : queen --> INTEGER
& y : queen --> INTEGER
& !this.(this : queen => x(this) >= 1 & y(this) >= 1 & x(this) <= card(queen) & y(this) <=
card(queen) & x_(this) >= 1 & x_(this) <= card(queen) & x_(this) = (card(queen) + 1) - x(this)
)
& card(queen) = 4
& !(q,q_).(q_ : queen - {q} => not(x(q) = x(q_)) & not(y(q) = y(q_)) & not(x(q) + y(q) = x(
q_) + y(q_)) & not(x_(q) + y(q) = x_(q_) + y(q_)))
INITIALISATION
skip
OPERATIONS
run0 =
PRE
card(queen) = 4
& !(q,q_).(q_ : queen - {q} => not(x(q) = x(q_)) & not(y(q) = y(q_)) & not(x(q) + y(q)
= x(q_) + y(q_)) & not(x_(q) + y(q) = x_(q_) + y(q_)))
THEN
skip
END
/* DEFINITIONS
PREDICATE show; */
END
....
[[river-crossing-puzzle]]
=== River Crossing Puzzle
....
module river_crossing
open util/ordering[State]
abstract sig Object { eats: set Object }
one sig Farmer, Fox, Chicken, Grain extends Object {}
fact { eats = Fox->Chicken + Chicken->Grain}
sig State { near, far: set Object }
fact { first.near = Object && no first.far }
pred crossRiver [from, from', to, to': set Object] {
one x: from | {
from' = from - x - Farmer - from'.eats
to' = to + x + Farmer
}
}
fact {
all s: State, s': s.next {
Farmer in s.near =>
crossRiver [s.near, s'.near, s.far, s'.far]
else
crossRiver [s.far, s'.far, s.near, s'.near]
}
}
run { last.far=Object } for exactly 8 State
....
This can be loaded in ProB, as shown in the following screenshot. To run
the "show" command you have to use "Find Sequence..." command for
"run_show" in the "Constraint-Based Checking" submenu of the
_Verify_ menu (after enabling Kodkod in the _Preferences_ menu).
image::ProBAlloyRiver.png[]
Internally the Alloy model is translated to the following B model:
....
/*@ generated */
MACHINE river_crossing
SETS
Object_
CONSTANTS
Farmer_, Fox_, Chicken_, Grain_, eats_Object, near_State, far_State
DEFINITIONS
crossRiver_(from_,from__,to_,to__) == from_ <: Object_
& from__ <: Object_ & to_ <: Object_
& to__ <: Object_ & (card({x_ | {x_} <: from_
& (((from__ = (((from_ - {x_}) - {Farmer_}) - eats_Object[from__])))
& ((to__ = ((to_ \/ {x_}) \/ {Farmer_}))))}) = 1) ;
next_State_(s) == {x|x=s+1 & x:State_} ;
nexts_State_(s) == {x|x>s & x:State_} ;
prev_State_(s) == {x|x=s-1 & x:State_} ;
prevs_State_(s) == {x|x<s & x:State_} ;
State_ == 0..7
PROPERTIES
{Farmer_} <: Object_ &
{Fox_} <: Object_ &
{Chicken_} <: Object_ &
{Grain_} <: Object_ &
((eats_Object = (({Fox_} * {Chicken_}) \/ ({Chicken_} * {Grain_})))) &
(((near_State[{min(State_)}] = Object_) & far_State[{min(State_)}] = {})) &
(!(s_, s__).({s_} <: State_ & {s__} <: next_State_(s_) =>
((({Farmer_} <: near_State[{s_}]) =>
crossRiver_(near_State[{s_}], near_State[{s__}],
far_State[{s_}], far_State[{s__}]))
& (not(({Farmer_} <: near_State[{s_}])) =>
crossRiver_(far_State[{s_}], far_State[{s__}],
near_State[{s_}], near_State[{s__}]))))) &
Farmer_ /= Fox_ &
Farmer_ /= Chicken_ &
Farmer_ /= Grain_ &
Fox_ /= Chicken_ &
Fox_ /= Grain_ &
Chicken_ /= Grain_ &
{Farmer_} \/ {Fox_} \/ {Chicken_} \/ {Grain_} = Object_ &
eats_Object : Object_ <-> Object_ &
near_State : State_ <-> Object_ &
far_State : State_ <-> Object_
OPERATIONS
run_2 = PRE (far_State[{max(State_)}] = Object_) THEN skip END
END
....
[[proof-with-atelier-b-example]]
=== Proof with Atelier-B Example
....
sig Object {}
sig Vars {
src,dst : Object
}
pred move (v, v': Vars, n: Object) {
v.src+v.dst = Object
n in v.src
v'.src = v.src - n
v'.dst = v.dst + n
}
assert add_preserves_inv {
all v, v': Vars, n: Object |
move [v,v',n] implies v'.src+v'.dst = Object
}
check add_preserves_inv for 3
....
Note that our translation does not (yet) generate an idiomatic B
encoding, with `move` as B operation
and `src+dst=Object` as invariant: it generates a check operation encoding the predicate
`add_preserves_inv` with universal quantification.
Below we shoe the B machine we have input into AtelierB. It was obtained
by pretty-printing from `\prob`, and putting the negated guard
of `theadd_preserves_inv` into an assertion (so that AtelierB generates the desired proof obligation).
....
MACHINE alloytranslation
SETS /* deferred */
Object_; Vars_
CONCRETE_CONSTANTS
src_Vars, dst_Vars
PROPERTIES
src_Vars : Vars_ --> Object_
& dst_Vars : Vars_ --> Object_
ASSERTIONS
!(v_,v__,n_).(v_ : Vars_ & v__ : Vars_ & n_ : Object_
=>
(src_Vars[{v_}] \/ dst_Vars[{v_}] = Object_ &
v_ |-> n_ : src_Vars &
src_Vars[{v__}] = src_Vars[{v_}] - {n_} &
dst_Vars[{v__}] = dst_Vars[{v_}] \/ {n_}
=>
src_Vars[{v__}] \/ dst_Vars[{v__}] = Object_)
)
END
....
The following shows AtelierB proving the above assertion:
image::AlloyAtelierB.png[]
[[Alloy-Syntax]]
=== Alloy Syntax
....
Logical predicates:
-------------------
P and Q conjunction
P or Q disjunction
P implies Q implication
P iff Q equivalence
not P negation
Alternative syntax:
P && Q conjunction
P || Q disjunction
P => Q implication
P <=> Q equivalence
! P negation
Quantifiers:
-------------
all DECL | P universal quantification
some DECL | P existential quantification
one DECL | P existential quantification with exactly one solution
lone DECL | P quantification with one or zero solutions
where the DECL follow the following form:
x : S choose a singleton subset of S (like x : one S)
x : one S choose a singleton subset of S
x : S choose x to be any subset of S
x : some S choose x to be any non-empty subset of S
x : lone S choose x to be empty or a singleton subset of S
x : Rel where Rel is a cartesian product / relation: see multiplicity declarations x in Rel
x,y... : S, v,w,... : T means x:S and y : S and ... v:T and w:T and ...
disjoint x,y,... : S means x : S and y : S and ... and x,y,... are all pairwise distinct
Set Expressions:
----------------
univ all objects
none empty set
S + T set union
S & T set intersection
S - T set difference
# S cardinality of set
Set Predicates:
---------------
no S set S is empty
S in T R is subset of S
S = T set equality
S != T set inequality
some S set S is not empty
one S S is singleton set
lone S S is empty or a singleton
{x:S | P} set comprehension
{DECL | P} set comprehension, DECL has same format as for quantifiers
let s : S | P identifier definition
Relation Expressions:
----------------------
R -> S Cartesian product
R . S relational join
S <: R domain restriction of relation R for unary set S
R :> S range restriction of relation R for unary set S
R ++ Q override of relation R by relation Q
~R relational inverse
^R transitive closure of binary relation
*R reflexive and transitive closure
Multiplicity Declarations:
---------------------------
The following multiplicity annotations are supported for binary (sub)-relations:
f in S -> T f is any relation from S to T (subset of cartesian product)
f in S -> lone T f is a partial function from S to T
f in S -> one T f is a total function from S to T
f in S -> some T f is a total relation from S to T
f in S one -> one T f is a total bijection from S to T
f in S lone -> lone T f is a partial injection from S to T
f in S lone -> one T f is a total injection from S to T
f in S some -> lone T f is a partial surjection from S to T
f in S some -> one T f is a total surjection from S to T
f in S some -> T f is a surjective relation from S to T
f in S some -> some T f is a total surjective relation from S to T
Ordered Signatures:
-------------------
A signature S can be defined to be ordered:
open util/ordering [S] as s
s/first first element
s/last last element
s/max returns the largest element in s or the empty set
s/min returns the smallest element in s or the empty set
s/next[s2] element after s2
s/nexts[s2] all elements after s2
s/prev[s2] element before s2
s/prevs[s2] all elements before s2
s/smaller[e1,e2] return the element with the smaller index
s/larger[e1,e2] returns the element with the larger index
s/lt[e1,e2] true if index(e1) < index(e2)
s/lte[s2] true if index(e1) =< index(e2)
s/gt[s2] true if index(e1) > index(e2)
s/gte[s2] true if index(e1) >= index(e2)
Sequences:
----------
The longest allowed sequence length (maxseq) is set in the scope of a run or check command using the 'seq' keyword.
Otherwise, a default value is used.
The elements of a sequence s are enumerated from 0 to #s-1.
s : seq S ordered and indexed sequence
#s the cardinality of s
s.isEmpty true if s is empty
s.hasDups true if s contains duplicate elements
s.first head element
s.last last element
s.butlast s without its last element
s.rest tail of the sequence
s.inds the set {0,..,#s-1} if s is not empty, otherwise the empty set
s.lastIdx #s-1 if s is not empty, otherwise the empty set
s.afterLastIdx #s if s is smaller than maxseq, otherwise the empty set
s.idxOf [x] the first index of the occurence of x in s, the empty set if x does not occur in s
s.add[x] insert x at index position i
s.indsOf[i] the set of indices where x occurs in s, the empty set if x does not occur in s
s.delete[i] delete the element at index i
s.lastIdxOf[x] the last index of the occurence of x in s, the empty set if x does not occur in s
s.append[s2] concatenate s and s2, truncate the result if it contains more than maxseq elements
s.insert[i,x] insert x at index position i, remove the last element if #s = maxseq
s.setAt[i,x] replace the value at index position i with x
s.subseq[i,j] the subsequence of s from indices i to j inclusively
[see http://alloy.lcs.mit.edu/alloy/documentation/quickguide/seq.html]
Arithmetic Expressions and Predicates:
--------------------------------------
You need to open util/integer:
plus[X,Y] addition
minus[X,Y] subtraction
mul[X,Y] multiplication
div[X,Y] division
rem[X,Y] remainder
sum[S] sum of integers of set S
X < Y less
X = Y integer equality
X != Y integer inequality
X > Y greater
X =< Y less or equal
X >= Y greater or equal
Structuring:
------------
fact NAME { PRED }
fact NAME (x1,...,xk : Set) { PRED }
pred NAME { PRED }
pred NAME (x1,...,xk : Set) { PRED }
assert NAME { PRED }
fun NAME : Type { EXPR }
Commands:
---------
run NAME
check NAME
run NAME for x global scope of less or equal x
run NAME for exactly x1 but x2 S global scope of x1 but less or equal x2 S
run NAME for x1 S1,...,xk Sk individual scopes for signatures S1,..,Sk
run NAME for x Int specify the integer bitwidth (integer overflows might occur)
run NAME for x seq specify the longest allowed sequence length
....
src/docs/chapter/user/30_OtherLanguages/CSP/00_section_header.adoc deleted 100644 → 0
+ 0
4
View file @ 539f0cdc
[[csp]]
= CSP
:leveloffset: +1
src/docs/chapter/user/30_OtherLanguages/CSP/01_CSP-M.adoc deleted 100644 → 0
+ 0
115
View file @ 539f0cdc
[[csp-m]]
= CSP-M
ProB supports
machine readable CSPfootnote:[M. Butler and M. Leuschel: _Combining CSP
and B for specification and property verification_. FM 2005, LNCS 3582,
Springer-Verlag, 2005
https://www3.hhu.de/stups/downloads/pdf/LeBu05_1.pdf]
as supported by FDR and ProBE. CSP files can be animated and model
checked on their own simply by opening a file ending with ".csp".
You can also use a CSP file to guide a B machine by first opening the B
machine and then using the "Open Special" sub-menu of the File menu:
* use CSP file: uses the CSP file to control the current B machine (see
below)
* use default CSP file: trys to use a CSP with the same name as the
current B machine to control it
[[limitations-of-csp-m-support]]
== Limitations of CSP-M Support
ProB now supports FDR and ProBE compatible CSP-M syntax, with the
following outstanding issues
* currying and lambda expressions have only been partially tested
* extensions and productions are not yet supported (but \{| |} is)
* the priority of rename compared to external choice is unfortunately
different than in FDR; please use parentheses
* mixing of closure with other set operations (especially diff) is not
yet fully supported
* input patterns can only contain variables, tuples, integers and
constants (ch?(x,1) is ok, ch?(y+1,x) not). Also, for a record, all
arguments must be provided (e.g., for datatype r.Val.Val you have to
write r?x?y you cannot write r?xy). Finally, for the moment within "ch?
x.y:Set" the ":Set" associates only with y; if you want to check that
"x.y" is in Set you need to write: "ch?(x.y):Set.
* channel declarations can either use associative dot tuples or
non-associative tuples but not yet both. Also, sets of tuples as channel
types will not work the same way as in FDR. I.e., for channel a LinkData
you should not use LinkData = {0.0, 0.1, 1.0, 1.1} but rather nametype
LinkData = {0,1}.{0,1}.
Also, in the first phase we have striven for compatibility and coverage.
We still need to tune the animator and model checker for efficiency
(there are few known bottlenecks which will be improved, especially with
deeply nested CSP synchronization constructs).
[[guiding-b-machines-with-csp]]
== Guiding B Machines with CSP
To use this feature of ProB: first open a B Machine, then select "Use
CSP File to Guide B..." or "Use Default CSP File" in the "Open
Special" submenu of the File menu (you must be in normal user mode to
see it).
The CSP file should define a process called "MAIN". This process will
be executed in parallel with the B machine. The synchronization between
the B machine and the CSP specification is as follows:
* CSP events that have the same name as B Operations will synchronize
with B; CSP events that have the same name as a B Variable or Constant
can be used to inspect the current value of these, all other CSP events
can happen independently of B. In CSP terms the CSP and B are composed
as follows:
+
....
CSP [| {op1,...,opn} |] B
....
+
where op1,...,opn are the visible operations defined in the B machine.
* CSP events do not need to provide all arguments of B operations:
----
add!1 -> will match add(1,1) or add(1,2) or ...
(supposing add has 2 parameters in B)
add -> will match add(1,2), add(2,1), ...
add!1!2 -> will only match add(1,2)
----
* B Output arguments are specified at the end
+
....
lookup!X!2 will match lookup(X) --> 2
....
+
Note however, that for non-deterministic operations you generally should
only retrieve the output value using a `?` and not match against it using
a `!`. Otherwise, the non-determinism of the B operation will be treated
as an external choice for the CSP. So, if lookup is non-deterministic
then we should do `lookup!X?Res \-> Res=2 & Cont` rather than `lookup!X!2 \->
Cont`.
* If you have a variable called `vv`, then you can use `vv?VAL` to get the
value of `vv`. You can also use, for example, `vv!X` to check that the value
is equal to `X`.
If `vv` is a relation or function, then you can also use
two values on the channel to check for particular tuples in the
relation. For example, use `vv!3?Y` to check whether tuples `(3,Y)` are in
the relation `vv` (there will be one possible synchronization per such
value).
* see the file "bookstore_guide.csp" in the provided Machines
directory for an example.
For the syntax definition see <<csp-m-syntax,CSP-M Syntax>>
[[command-line-option-for-guided-cspb]]
Command Line option for guided CSP||B
From the command line, you can specify a CSP File that should be used to
guide the B machine with
`-csp-guide`
(This feature is included since version 1.3.5-beta7.)
src/docs/chapter/user/30_OtherLanguages/CSP/02_CSP-M_Syntax.adoc deleted 100644 → 0
+ 0
122
View file @ 539f0cdc
[[csp-m-syntax]]
= CSP-M Syntax
[[details-of-supported-csp-m-syntax]]
== Details of supported CSP-M syntax
Note: you can use the command "Summary of CSP syntax" in ProB's help
menu to get an up-to-date list of the supported syntax, along with
current limitations.
[[process-definitions]]
== PROCESS DEFINITIONS
* `Process = ProcessExpression`
[[process-expressions]]
== PROCESS EXPRESSIONS
* `STOP` deadlocking process
* `SKIP` terminating process
* `CHAOS(a)` a: set of channel expressions
* `ch\->P` simple action prefix where ch is a channel name possibly
followed by a sequence of outputs "!v" and input "?VAR", where v is
a value expression and VAR a variable identifier
* `ch?x:v\->P` action prefix with set of accepted values
* `P ; Q` sequential composition
* `P ||| Q` interleaving
* `P [] Q` external choice
* `P |~| Q` internal choice
* `P /\ Q` interrupt
* `p [> Q` untimed timeout
* `P [| a |] Q` parallel composition with synchronisation on set of
channel expressions a
* `P [ a || a' ] Q` alphabetised parallel
* `P [ c\<\->c' ] Q` linked parallel
* `P \ a` hiding of channel expressions in c
* `P [[c\<-c']]` renaming of channels c into c'
* `if B then P else Q`
* `b & P` guard using a boolean expression b
* `[]x:v@P` replicated external choice (x: variable, v: set value
expression)
* `|~|x:v@P` replicated internal choice (x: variable, v: set value
expression)
* `|||x:v@P` replicated interleave (x: variable, v: set value
expression)
* `;x:s@P` replicated sequential composition (s: sequence expression)
* `||x:v@[a']P` replicated alphabetised parallel
* `[| a |]x:s@P` replicated sharing
* `[c\<\->c']x:s@P` replicated linked parallel (sequence s must be non
empty)
* `let f1=E1 ... fk=Ek within P`
[[boolean-expressions]]
== BOOLEAN EXPRESSIONS
* `true`
* `false`
* `b1 and b2` (`b1 && b2` also accepted but not in CSP-M)
* `b1 or b2` (`b1 || b2` also accepted but not in CSP-M)
* `b1 \<\=> b2` equivalence
* `b1 \=> b2` implication
* `not b`
* `v==w` equality of values
* `v!=w` disequality of values
* `vw` strict ordering
* `v\<=w,v>=w` non-strict ordering (v=<w also accepted)
* `member(v,w)` set membership check
* `empty(a)` set emptiness check
* `null(s)` sequence emptiness check
* `elem(x,s)` sequence member check
[[value-expressions]]
== VALUE EXPRESSIONS
* `v+w`, `v-w` addition and subtraction
* `v*w` multiplication
* `v/w` integer division
* `v % w` division remainder
* `bool(b)` convert a boolean expression into a boolean value
* `\{v,w,...}` enumerated sets
* `\{m..n}` closed range
* `\{m..}` open range
* `union(v,w)` set union
* `inter(v,w)` set intersection
* `diff(v,w)` set difference
* `Union(A)` generalized union of a set of sets
* `Inter(A)` generalized intersection
* `card(a)` cardinality of a
* `\{x1,...,xn | x<-a,b}`
* `Events` all channel expressions on all declared channels
* `\{| ... |}` closure of set of channel expressions
* `Set(a)` all subsets of a
* `<>` empty sequence
* `<v,w,...>` explicit sequence
* `<m..n>` closed range sequence
* `<m..>` open range sequence
* `<....>^s` sequence concatenation (first or last arg has to be an
explicit sequence for patterns)
* `#s`, `length(s)`
* `head(s)`
* `tail(s)`
* `concat(s)`
* `set(s)` convert sequence into set
[[comments]]
== COMMENTS
* `-- comment until end of line`
* `\{- arbitrary comment -}`
[[pragmas]]
== PRAGMAS
* `transparent f` where f is a unary function which will then on be
ignored by ProB
* `\{-# assert_ltl "f" "comment" #-}` where _f_ is an LTL-formula
and _comment_ is an arbitrary comment, which is optional
* `\{-# assert_ctl "f" "comment" #-}` where _f_ is a CTL-formula and
_comment_ is an arbitrary comment, which is optional
src/docs/chapter/user/30_OtherLanguages/CSP/Tutorial_CSP_First_Step.adoc deleted 100644 → 0
+ 0
134
View file @ 539f0cdc
[[tutorial-csp-first-step]]
= Tutorial CSP First Step
[Category:User Manual]
[[startup]]
== Startup
Start off by installing the standalone Tcl/Tk version of ProB. Follow
the instructions in <<installation,Installation>>. Start ProB by
double-clicking on `ProBWin` (for Windows users), or by launching
`StartProB.sh` from a Terminal (for Linux and Mac users).
[[loading-a-first-csp-specification]]
== Loading a first CSP specification
Use the "Open..." command in the _File_ menu and then navigate to
the "Examples" directory that came with your ProB installation. Inside
the "CSP" subfolder, open the "buses.csp" specification. Your main
ProB window should now look as follows:
image::ProB_BusesAfterLoad.png[]
[[first-steps-in-animation-csp]]
== First Steps in Animation
We have now loaded a first simple CSP model. Let us look at the contents
of the ProB window (ignoring the menu bar).
* The upper half of the ProB window contains the source code of the CSP
specification.
* The lower half contains three panes.
** The "State Properties" pane contains information about the current
state of the specification. We will explain the contents of this pane in
more detail later.
** The Pane called "Enabled Operations" contains a list of events that
your CSP specification offers. At the very first step you have to choose
a process to animate. If your CSP specification contains a MAIN process
(as is the case in buses.csp), only this process will be shown.
** The "History" pane contains the list of operations you have
executed to reach the current state of the animator. Obviously, this
list is initially empty.
Now, double click on "`MAIN`" process in the "Enabled Operations"
Pane. This has the effect of computing the events offered by `MAIN`. The
ProB window should now look as follows (the upper half will remain
unchanged):
image::ProB_CSPAfterInit.png[]
In the "Enabled Operations" pane we can see that two tau events are
offered: `tau(int_choice_left)` and `tau(int_choice_right)`. The
"History" pane shows us that we have started the "`MAIN`" process to
reach the current state. By single-clicking on an event, we can see
which parts of the CSP specification contributed to the event. For
example, single clicking on the first tau event yields in the following
picture:
image::ProB_CSPAfterTauSingleClick.png[]
By repeatedly single clicking on the event you can cycle through the
various locations that contributed to the event. To execute an event,
simply double-click on it. Try this out for yourself: double-click on
`tau(int_choice_left)` and then single-click on the `board37` event
which is offered. This time the event is a synchronization of two
events(note that ProB uses a different colour for highlighting the
source locations). The source highlighting should look as follows:
image::ProB_CSPAfterBoardSingleClick.png[]
[[first-steps-in-model-checking]]
== First Steps in Model Checking
You can use the model checker to search for certain errors. Execute the
"Model Check..." command in the _Verify_ menu. The following dialog
box will appear:
image::ProB_CSPModelCheck.png[]
By default, ProB will search for deadlocks, illegal channel values and
events on the "error" channel. To turn the latter off, uncheck the
"Find Invariant Violation" check box. You can also search for events
on the "goal"channel, by checking the corresponding check box ("Find
event on goal CSP channel").
Now press the "Model Check" button. ProB should find a deadlock and
insert the counter-example into the history as follows:
image::ProB_CSPAfterModelCheck.png[]
[[error-highlighting]]
== Error Highlighting
Now edit the definition of the BUS37 process and add an illegal output
of value 1 on the alight37B channel:
`BUS37 = board37A -> (pay90 -> alight37B!1 -> STOP` +
`[] alight37A -> STOP)`
Now save and reload the specification and again choose the "Model
Check..." command in the _Verify_ menu. Now uncheck the "Find
Deadlocks" check-box and press "Model Check". ProB will report the
following error:
----
Mismatch in number of arguments for synchronisation on channel alight37B with extra argument(s):
1
### Line: 11, Column: 30
----
display the trace to the error in the History pane and highlight the
error location in the source as follows:
image::ProB_CSPAfterModelCheck2.png[]
[[other-features]]
== Other Features
You can check more sophisticated temporal properties using the LTL model
checker of ProB; see the <<ltl-model-checking,corresponding part of
the tutorial>>. For example, you can try and validate the following LTL
formula `G([board37A] \=> F [alight37B])`. ProB should respond:
`Formula TRUE. No counterexample found.` Similarly, you can check the
absence of divergence by checking the LTL formula `G not G [tau]`. It is
also possible to perform various refinement checks and other assertion
checks (see http://stups.hhu.de/ProB/w/Checking_CSP_Assertions[Checking
CSP Assertions' tutorial]). The state space visualization features of
ProB are also available for CSP; see <<state-space-visualization,the
corresponding part of the tutorial>>. For example, if you select the
command "Statespace" in the _Visualize_ menu (after having fully
explored the system), the following graph will be displayed:
image::ProB_CSPBusStatespace.png[]
src/docs/chapter/user/30_OtherLanguages/CSP/ZZ_section_footer.adoc deleted 100644 → 0
+ 0
2
View file @ 539f0cdc
:leveloffset: -1
src/docs/chapter/user/30_OtherLanguages/EventB/00_section_header.adoc deleted 100644 → 0
+ 0
4
View file @ 539f0cdc
[[eventb-and-rodin]]
= Event B and Rodin
:leveloffset: +1
src/docs/chapter/user/30_OtherLanguages/EventB/01_Event-B.adoc deleted 100644 → 0
+ 0
96
View file @ 539f0cdc
[[event-b]]
= Event-B
== Installation and General Information
ProB supports animation and model-checking for Event-B specifications.
[[installation-event-b]]
=== Installation
To install the ProB plugin for http://www.event-b.org[Rodin], open the
_Help_ menu in Rodin and click "Install new software".
You see a drop-down list titled "Work with:" at the top of the install
dialog. Choose the update site "ProB - ..." and click on "ProB for
rodin2" in the field below. Click on the "Next" button at the button
on the dialog and proceed with the installation as usual.
Alternativaly, one can use the Tcl/Tk version of ProB but Event-B models
must be exported to an .eventb file first (see below).
[[animation-and-modelchecking]]
=== Animation and Modelchecking
You can start animation of a model (machine or context) by
right-clicking on the model in the Event-B explorer. Choose "Start
Animation / Model Checking".
//*TODO:* Here we should add more details about the ProB perspective and views.
[[export-for-use-with-the-tcltk-version-of-prob]]
=== Export for use with the Tcl/Tk version of ProB
You can export a model (machine or context) to an .eventb - file by
right-clicking on the model in the Event-B explorer. You can find the
corresponding menu item right below the animation item.
Such a .eventb file can be opened by the command line and Tcl/Tk version
of ProB.
[[theories]]
=== Theories
ProB has (limited) support for theories.
Currently supported are (examples refer to the theory project below):
* recursive datatypes (e.g. the List datatype)
* operators defined by direct definitions (e.g. operators in the BoolOps
theory) or recursive definitions (e.g. operators in the List theory)
* special annotated operators (see below)
Axiomatically defined operators are not supported without additional
annotations.
[[tagging-operators-event-b]]
==== Tagging operators
ProB has some extra support for certain operators. ProB expects an
annotation to an operator that provides the information that it should
use a specific implementation for an operator. Such tags are given in a
.ptm file (**P**roB **T**heory **M**apping). The file must have the same
name as the theory.
For each annotated operator, the file contains a line of the form
`operator`**`Name`**`internal {`**`Tag`**`}`
where *Name* is the name of the operator in the theory and *Tag* is a
ProB internal name.
The use of these tags is usually for experts only. In the theory file
below, some of the theories are annotated.
Currently are the following tags supported:
[cols=",,",options="header",]
|===========================================
|Tag |Description |Expected type
|closure1 |the transitive closure |POW(T**T)
|SIGMA |the sum of a set |POW(T**INT)
|PI |the product of a set |POW(T**INT)
|mu
|choose
|mkinat(op1,op2)
|===========================================
//*TODO*: to be continued...
//[[download-theories]]
//=== Download Theories
//An example project with theories is in the theories2.zip file. TODO: Downloadlink
//*TODO*: A description of the supported parts.
src/docs/chapter/user/30_OtherLanguages/EventB/02_Event-B_Theories.adoc deleted 100644 → 0
+ 0
135
View file @ 539f0cdc
[[event-b-theories]]
= Event-B Theories
ProB has (limited) support for theories.
Currently supported are (examples refer to the theory project below):
* recursive datatypes (e.g. the List datatype)
* operators defined by direct definitions (e.g. operators in the BoolOps
theory) or recursive definitions (e.g. operators in the List theory)
* special annotated operators like transitive closure (see below)
Axiomatically defined operators are not supported without additional
annotations.
[[download-theories]]
== Download Theories
//An example project with theories: theories2.zip[] TODO: Downloadlink
The project contains the following theories:
SUMandPRODUCT::
Contains two operators SUM and PRODUCT which take a set of the type
POW(T**INT) as argument (with T being a type variable) and return the
sum (resp.) product of all element's integer value.
The operators are annotated such that ProB uses an extra implementation.
Seq::
The theory of sequences provides operators for sequences that are
defined by direct definitions, thus supported by ProB.
Real (unsupported)::
A theory of real numbers, currently unsupported by ProB.
Natural::
A theory of inductive naturals (defined by a constant zero and a
successor function).
+
The mkinat operator is annotated such that ProB uses an explicit
implementation.
List::
A theory of lists that are either empty or have a head and a tail
FixPoint (not really supported)::
The theory is defined by direct definitions but they usually get so
complex that ProB cannot cope with them.
closure::
The operator for transitive closure is supported by ProB.
+
The operator is annotated such that ProB uses the classical B
implementation.
Card (contains no operators or data types)::
Contains theorem about set cardinalities.
BoolOps::
Operators on Booleans (e.g. AND, OR) are defined by direct definitions
and as such supported by ProB.
BinaryTree::
Binary Trees are supported by ProB.
[[tagging-operators-event-b-theories]]
== Tagging operators
[IMPORTANT]
*Please note:*
The use of these tags is for experts only. Normally such
annotations are delivered with a theory. If you think ProB should
provide specific support for a theory, please contact us.
ProB has some extra support for certain operators. ProB expects an
annotation to an operator that provides the information that it should
use a specific implementation for an operator. Such tags are given in a
.ptm file (**P**roB **T**heory **M**apping). The file must have the same
name as the theory.
For each annotated operator, the file contains a line of the form
`operator`**`Name`**`internal {`**`Tag`**`}`
where *Name* is the name of the operator in the theory and *Tag* is a
ProB internal name.
Currently are the following tags supported (with T being an arbitrary
type):
[cols=",,,",options="header",]
|=======================================================================
|Tag |Description |Expected type |Return type
|closure1 |the transitive closure |POW(T**T) |POW(T**T)
|SIGMA |the sum of a set |POW(T**INT) |INT
|PI |the product of a set |POW(T**INT) |INT
|mu |returns the element of a singleton set |POW(T) |T
|choose |returns (deterministically) one element of a non-emtpy set
|POW(T) |T
|mkinat(zero,succ) |returns an inductive natural number where zero and
succ are the two operators of a natural number datatype with zero having
no args and succ having one arg (an inductive natural) |INT |Inductive
Nat
|=======================================================================
[[error-messages]]
=== Error Messages
In case the .ptm file is missing, you will get an error message such as
the following one:
`Axiomatic defined operator "SUM" not recognized.`
For reference, here are the contents of some of the .ptm files. In case
of an error message, you can copy these files into your Theory Projects
(e.g., using Drag & Drop) and then refresh (F5). After that animation
with ProB should work.
* SUMandPRODUCT.ptm
....
operator "SUM" internal {SIGMA}
operator "PRODUCT" internal {PI}
....
* closure.ptm
....
operator "cls" internal {closure1}
....
* Natural.ptm
....
operator "mk_iNAT" internal {mkinat}
....
src/docs/chapter/user/30_OtherLanguages/EventB/ProB_for_Event-B.adoc deleted 100644 → 0
+ 0
27
View file @ 539f0cdc
[[prob-for-event-b]]
= ProB for Event-B
In addition to classical B (aka B for software development), ProB also
supports Event-B and the Rodin platform. ProB can be installed as a
plugin for Rodin. Once installed, one can
<<tutorial-rodin-exporting,export contexts and models>> as *.eventb
files and use them within ProB Tcl/Tk and the command-line version
<<using-the-command-line-version-of-prob,probcli>>.
See the tutorial pages for more information about using ProB for
Event-B:
* <<tutorial-rodin-first-step,Starting ProB for Rodin and first
animation steps>>
* <<tutorial-rodin-parameters,Important Parameters of ProB for
Rodin>>
* <<tutorial-rodin-exporting,Exporting Rodin Models for ProB
Classic>>
* <<tutorial-symbolic-constants,Using the Symbolic Contants Plugin>>
* <<tutorial-disprover,Using the ProB (Dis-)Prover>>
* <<tutorial-ltl-counter-example-view,Visualization of LTL
Counter-examples in Rodin>>
The https://www3.hhu.de/stups/handbook/rodin/[Rodin handbook], also contains material
about ProB.
src/docs/chapter/user/30_OtherLanguages/EventB/ProB_for_Rodin.adoc deleted 100644 → 0
+ 0
62
View file @ 539f0cdc
[[prob-for-rodin]]
= ProB for Rodin
Currently there are two versions of ProB available for Rodin.
[[prob-1-for-rodin]]
== ProB (1) for Rodin
The first one is based on the old Java API and supports
http://wiki.event-b.org/index.php/Rodin_Platform_2.8_Release_Notes[Rodin
2.8] and
http://wiki.event-b.org/index.php/Rodin_Platform_3.3_Release_Notes[Rodin
3.3]. The update site comes built in into Rodin, see
<<tutorial-rodin-first-step,the tutorial on installing ProB for
Rodin>>. Nightly releases of this versions are also available on the
<<download,Download>> page.
[[prob-2.0-for-rodin]]
== ProB 2.0 for Rodin
The second, still experimental, one is based on the new
<<prob-java-api,ProB Java API>> (aka ProB 2.0). Because the UI
components provided by the <<prob-java-api,ProB Java API>> are based
on web technologies, we were able create a simple plugin for the Rodin 3
tool that provides the user with all of the functionality of ProB within
Rodin. The plugin uses views with embedded Eclipse SWT browsers to
access the user interface components that are shipped with the
<<prob-java-api,ProB Java API>> library. Details about nightly
releases of this versions is also available on the
<<download,Download>> page.
[[multi-simulation-for-rodin-based-on-prob]]
== Multi-Simulation for Rodin based on ProB
There is now also a
http://users.ecs.soton.ac.uk/vs2/ac.soton.multisim.updatesite/[Multi-Simulation
Plug-in] available for Rodin. It enables discrete/continuous
co-simulation.
[[other-plug-ins-for-rodin]]
== Other Plug-Ins for Rodin
[[prover-evaluation]]
=== Prover Evaluation
This Plug-in is available at the update site
http://nightly.cobra.cs.uni-duesseldorf.de/rodin_provereval/[http://nightly.cobra.cs.uni-duesseldorf.de/rodin_provereval/]
and is capable to evaluate a variety of provers or tactics on a
selection of proof obligations.
[[camille]]
=== Camille
We also develop the Camille text-editor for Rodin. A preliminary version
of Camille for Rodin 3.3 is available at the nightly update site:
http://nightly.cobra.cs.uni-duesseldorf.de/camille/[http://nightly.cobra.cs.uni-duesseldorf.de/camille/].
The regular update site
(https://www3.hhu.de/stups/rodin/camille/nightly/[camille nightly])
is preconfigured within Rodin. More information can be found on the
http://wiki.event-b.org/index.php/Camille_Editor[Camille site at
event-b.org].
src/docs/chapter/user/30_OtherLanguages/EventB/Tutorial_Disprover.adoc deleted 100644 → 0
+ 0
63
View file @ 539f0cdc
[[tutorial-disprover]]
= Tutorial Disprover
[[warning]]
== WARNING
We believe the Disprover to be useful. The disprover plugin is currently
still experimental when used as a prover. Please keep in mind, that you
might run into some rough edges or even get wrong results (please inform
us about any issues).
[[introduction-tutorial-disprover]]
== Introduction
The ProB Disprover plugin for RODIN utilizes the ProB animator and model
checker to automatically find counterexamples or proofs for a given
proof obligation.
An early version of the ProB Disprover is described in
http://www.stups.uni-duesseldorf.de/publications_detail.php?id=219[Debugging
Event-B Models using the ProB Disprover Plug-in], Ligot, Bendisposto,
Leuschel.
Recently, the Disprover has been extended to detect cases in which the
search for a counter-example was complete, yet there was no result. In
this cases, the absence of a counter-example will be reported as a
proof. See https://www3.hhu.de/stups/downloads/pdf/disprover_eval.pdf[the
paper describing the disprover as a prover] for more details.
[[installation-tutorial-disprover]]
== Installation
The ProB Disprover is currently only available through the ProB Nightly
Build Update Site
(http://nightly.cobra.cs.uni-duesseldorf.de/rodin/updatesite/).
[[how-to-use-it]]
== How to use it
image::Disprover-all.png[]
The proof obligation editor in Rodin presents the user with a number of Hypotheses and one
Goal, to be proved. If the Disprover is installed, it is available in
the tool bar alongside the other provers:
image::Disprover_proof_control.png[]
[[how-it-works]]
== How it works
Upon selecting the Disprover, it builds a formula from the Hypotheses
and the negated Goal. The ProB model checker then tries to find a model
for that formula. If that is possible, this model is a counter example
that will be presented back to the user in the proof tree. The disprover
also checks if there cannot be a model for the formula. If this is the
case it acts like a decision procedure, i.e., absence of a model is a
proof for the goal. This is shown in the proof tree as follows:
image::Disprover_proof.png[]
Unfortunately, sometimes neither a counter example nor a proof can be
found.
src/docs/chapter/user/30_OtherLanguages/EventB/Tutorial_Rodin_Exporting.adoc deleted 100644 → 0
+ 0
77
View file @ 539f0cdc
[[tutorial-rodin-exporting]]
= Tutorial Rodin Exporting
[[introduction-to-tutorial-rodin-exporting]]
== Introduction
Many features of ProB are currently only available in ProB Tcl/Tk or the
<<using-the-command-line-version-of-prob,probcli>> command-line
version]. Luckily you can export Rodin models for use with those tools.
Below we explain how.
[[exporting-for-prob-classic]]
== Exporting for ProB classic
Start by right clicking (control Click on the Mac) on the machine or
context in the "Event-B Explorer" view you wish to export and select
"ProB Classic.../Export for use in ProB Classic":
image::ProBRodinExport.png[]
Now a "File Save" dialog will pop up. Choose a location and name (the
default one will do) for the file. The file should have the extension
".eventb" (as suggested by default).
[[loading-an-event-b-project-into-prob-classic]]
== Loading an Event-B Project into ProB classic
You can now use the ".eventb" file directly for probcli. For example,
the following command will perform standard model checking on the file
(supposing it was named b_1_mch.eventb):
`probcli b_1_mch.eventb -mc 100000`
All options described in
<<using-the-command-line-version-of-prob,the manual page for
probcli>> for B models are also applicable to Event-B models.
Warning: the preferences for ProB are managed in different ways by the
different tools. For the command-line version, preference values have to
be passed explicitly using the -p switch (e.g, `-p MAXINT 2147483647`).
In ProB Tcl/Tk the preferences are managed from the _Preferences_ menu
(and current values are saved in a `ProB_Preferences.pl` file). The ProB
for Rodin preferences are currently not exported into the ".eventb"
file.
You can also load the Event-B models into the ProB Tcl/Tk version.
Simply choose the command "Open..." in the _File_ menu and select
the file you have exported above. (You may have to change the filename
filter pop-up menu at the bottom of the "Open..." dialog to also show
.eventb files.)
Again, all features applicable to B models also work with Event-B
models. The source frame of ProB will show an ASCII rendering of the
Event-B models. Note that all contexts and ancestor machines are merged
into a single ".eventb" project file.
image::ProBRodinLoadedInTclTk.png[]
[[starting-up-prob-classic-directly]]
== Starting up ProB Classic Directly
You can also start up ProB Classic (aka ProB Tcl/Tk) directly, without
first generating an ".eventb" file. For this, start by right clicking
(control Click on the Mac) on the machine or context in the "Event-B
Explorer" view you wish to validate and select "ProB Classic.../Open
in ProB classic":
image::ProBRodinExport.png[]
For this to work, you first need to open the ProB Classic preferences
and then click on "Browse" to locate your installation of ProB Classic
(which you can obtain from the
https://www3.hhu.de/stups/prob/index.php/Download[ProB
download site] (we usually recommend the nightly-build version).
image::ProBRodinClassicPreference.png[]
src/docs/chapter/user/30_OtherLanguages/EventB/Tutorial_Rodin_First_Step.adoc deleted 100644 → 0
+ 0
70
View file @ 539f0cdc
[[tutorial-rodin-first-step]]
= Tutorial Rodin First Step
[[installation-rodin]]
== Installation
First you need to download the Rodin platform (e.g,
http://sourceforge.net/projects/rodin-b-sharp/files/Core_Rodin_Platform/3.3/[Rodin
3.3],) if you have not already done so.
Continue by installing the ProB for Rodin Plugin by choosing "Install
new software..." in the _Help_ menu.
image::RodinInstallNewSoftware.png[]
In the dialog box you should then select the ProB for Rodin update site,
and then select the various components of ProB as shown below. (the
update site for Rodin 3.x is
https://www3.hhu.de/stups/rodin/prob1/release/3[Installing the ProB plug-ins]
for stable builds, and
https://www3.hhu.de/stups/rodin/prob1/nightly[https://www3.hhu.de/stups/rodin/prob1/nightly].
for nightly builds, in case you want to type it by hand).
image::ProBRodinUpdateDialog.png[]
After that, press the Next button and finish the installation.
A detailed
<<installation,screencast
of the installation is available here>>.
[[starting-prob-tutorial-rodin-first-step]]
== Starting ProB
Start by right clicking (control Click on the Mac) on the machine or
context you wish to animate and select "Start Animation/Model
Checking":
image::ProBRodinStart.png[]
Double-click on the `INITIALISATION` to initialize the machine:
image::ProBRodinInit.png[]
As you can see, the `changer` event is enabled, and there are two
distinct ways to choose the parameters of the event. Double-click on an
EVENT to execute it. If you want to control which parameters are used,
right click on the EVENT and choose the desired parameter values:
image::ProBRodinOpChoose.png[]
As you can see, the values of the variables have been updated. Values
that have changed are marked with a star. The history pane has also been
updated. You can click on an event in the history to return back to the
corresponding state. You can also click on the left arrow in the Events
pane to go back one step at a time (once you stepped back you can also
step forward again; this works just like in a web browser).
image::ProBRodinAfterOpChoose.png[]
Next Step:
* <<tutorial-rodin-parameters,Important Parameters of ProB for
Rodin>>
We also have a
http://cobra.cs.uni-duesseldorf.de/bmotionstudio/index.php/Tutorial[tutorial
for B Motion Studio], which allows you to generate custom graphical
visualisations of Event-B models.
src/docs/chapter/user/30_OtherLanguages/EventB/Tutorial_Rodin_Parameters.adoc deleted 100644 → 0
+ 0
94
View file @ 539f0cdc
[[tutorial-rodin-parameters]]
= Tutorial Rodin Parameters
[[preferences-tutorial-rodin-parameters]]
== Preferences
You can modify the most important parameters of ProB by going to the
Rodin preferences.
image::RodinPrefs.png[]
Now selecting the ProB pane inside the Rodin preferences. You see that a
relatively large list of preferences appears (the actual number and
denotation depends on the exact version of ProB you have installed):
image::ProBRodinPrefs.png[]
We explain the most important preferences below.
[[minint-and-maxint]]
== Minint and Maxint
We first explain the first two entries in the screenshot above. Within
classical B this provides the range for the implementable integer type.
In Rodin, there are only the mathematical integers, and there is no
MININT or MAXINT constant. However, this preference will be used by ProB
if it cannot determine the value of an integer variable in order to know
in which range it should be enumerated.
[[size-of-unspecified-sets-carrier-sets]]
== Size of unspecified sets (carrier sets)
This is the third entry in the screen shot above. ProB requires all
carrier sets to be finite and ProB has to know the cardinality before
starting the animation or model checking.
Some sets are explicitly enumerated, and thus finite. ProB will use this
to infer the correct cardinality.
For the other sets, ProB will try to chose a cardinality. If the axioms
of a context contain explicit predicates about the cardinality, such as
`card(S)=4`, then this value will be used. You can also use card(S) to
specify a maximum cardinality, or `card(S)>n` to specify a minimum
cardinality.
[[using-contexts-for-prob-animation]]
=== Using contexts for ProB animation
Note that you can create a new context with those axioms just for
animation or model checking with ProB. For this you can simply
right-click on the context and use the Rodin command "EXTEND". For
example, in Camille syntax such a context could look like:
----
context c1_prob extends c1
axioms
@prob_axm card(S) = 3
end
----
After that you can also refine the model you want to animate by
right-clicking on it and using the Rodin command "REFINE", and then
add the new context to the seen context list:
`machine m0_prob refines m0 sees c0 c1_prob`
Here the machine m0_prob and c1_prob play the role of configuration
files for the animation. You can also add additional axioms in c1_prob
to force ProB to use a specific valuation of your constants.
If ProB cannot infer the size of a carrier set; it will use the default
value provided in the "Size of unspecified sets" preference.
Note that for complicated machines it can be tricky to set up the
cardinalities of the carrier sets correctly. For example, if you have an
axiom `f : A -\->> B`, then the cardinality of `A` must be greater or
equal to the cardinality of `B`. We are working on an automated analysis
for detecting the correct cardinalities of the carrier sets
automatically.
==== Transforming deferred carrier sets into enumerated sets
Instead of providing a cardinality you can also transform a deferred set into
an enumerated set, i.e., provided an enumeration of all its elements.
Here is how you would instantiate S to be a set containing the three elements named a,b,c:
----
context c1_prob extends c1
constants a,b,c
axioms
@prob_axm partition(S,{a},{b},{c})
end
----
src/docs/chapter/user/30_OtherLanguages/EventB/Tutorial_Symbolic_Constants.adoc deleted 100644 → 0
+ 0
42
View file @ 539f0cdc
[[tutorial-symbolic-constants]]
= Tutorial Symbolic Constants
[[introduction-to-tutorial-symbolic-constants]]
== Introduction
ProB Tcl/Tk as well as the
<<using-the-command-line-version-of-prob,probcli command-line
version>> are able to store units symbolically (i.e. as a predicate)
instead of evaluating them. For constants that contain large sets or
relations, this might speed up computations or even facilitate more
complex ones.
Through a plugin, this behaviour is extended to ProB for Rodin.
[[installing-the-prob-symbolic-constants-plugin]]
== Installing the ProB Symbolic Constants Plugin
The plugin is available from the ProB for Rodin Updatesite. The package
is called "ProB for Rodin2 - Symbolic Constants Support". It is not
bundled with ProB for Rodin itself.
[[marking-constants-to-be-kept-symbolic]]
== Marking Constants to be kept symbolic
Once the plugin is installed, a toggle button "symbolic" / "not
symbolic" should appear next to each constant in the Rodin editor.
You can select between the two behaviours:
* symbolic, which will keep the constant stored as a predicate as long
as possible. Please note, that some operations might trigger a full
evaluation of the constant and thus discard the symbolic representation.
* not symbolic, which is the default setting. Please note that in
certain cases ProB might auto detect that a constant should be stored
symbolically (i.e. an infinite set). In this case the "not symbolic"
setting is overridden.
See
<<recursively-defined-functions,the
wiki page on infinite and recursive functions>> for more details.
src/docs/chapter/user/30_OtherLanguages/EventB/ZZ_section_footer.adoc deleted 100644 → 0
+ 0
2
View file @ 539f0cdc
:leveloffset: -1
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment