Revision as of 13:28, 9 August 2011

Objective

This page describes the design of the reasoner MembershipGoal and its associated tactic MembershipGoalTac.
This reasoner discharges sequent whose goal denotes a membership which can be inferred from hypotheses. Here an basic example of what it discharges :
$H,\quad x\in S,\quad S\subset T,\quad T\subseteq U \quad\vdash x\in U$

Analysis

Such sequent are proved by PP and ML. But, these provers have both drawbacks :

All the visible are added as needed hypotheses, which is most of the time not the case.
They take quite consequent time to prove it (even with the basic example given here above, the difference in time execution is noticeable).
If there are too many hypotheses, or if the expression of the $x$ is too complicated, they may not prove it.

This is particularly true when in the list of inclusion expressions of each side of the relation are not equal. For example : $H,\quad a\in S,\quad S\subset T_1\cap T_2,\quad T_1\cup T_3\subseteq U\quad\vdash a\in U$

Such a reasoner contributes to prove more Proof Obligations automatically, faster and with fewer needed hypotheses which makes proof rule more legible and proof replay less sensitive to modifications.

Design Decision

Tactic

This part explains how the tactic (MembershipGoalTac) associated to the reasoner MembershipGoal is working.

Goal

The tactic (as the reasoner) should works only on goals such as :

$\cdots~\in~\cdots$

For examples :

$f(x)\in g\otimes h$
$x\in A\cprod\left(B\cup C\right)$
$x\mapsto y\in A\cprod B$

In the latter case, the reasoner won't try to prove that x belongs to A and y belongs to B, but that the mapplet belong to the Cartesian product.

Hypotheses

Now we have to find hypotheses leading to discharge the sequent. To do so, the tactic recovers two kinds of hypotheses :

the ones related to the left member of the goal (this is the start point):
- $x\in \cdots$
- $\cdots\mapsto x\mapsto\cdots\in\cdots$
- $\left\{\cdots, x,\cdots\right\}=\cdots$
- $\left\{\cdots, \cdots\mapsto x\mapsto\cdots,\cdots\right\}=\cdots$
the ones denoting inclusion (all but the ones matching the description of the first point) :
- $\cdots\subset\cdots$
- $\cdots\subseteq\cdots$
- $\cdots=\cdots$

Then, it will search a link between those hypotheses so that the sequent can be discharged.

Find a path

Now that we recovered all the hypotheses that could be useful for the reasoner, it remains to find a path among the hypotheses leading to discharge the sequent. Depending on the relations on each side of the inclusion, we will act differently. $f$ always represent an expression (may be a domain, a range, etc.).

The following sequent is provable because .
- $x\in f,\quad \varphi (f)\subseteq g\quad\vdash\quad x\in g$
- $\varphi (f) = f\quad\mid\quad f\cup h \quad\mid\quad h\cup f \quad\mid\quad h\ovl f$
The following sequent is provable because .
- $x\in \psi (f),\quad f\subseteq g\quad\vdash\quad x\in g$
- $\psi (f) = f\quad\mid\quad f\cap h \quad\mid\quad h\cap f \quad\mid\quad f\setminus h \quad\mid\quad f\ransub A \quad\mid\quad f\ranres A \quad\mid\quad A\domsub f \quad\mid\quad A\domres f$
We can generalized the first two points. This is the Russian dolls system. We can easily prove a sequent with multiple inclusions by going from hypothesis to hypothesis.
- $x\in \psi (f),\quad \varphi (f)\subseteq g\quad\vdash\quad x\in g$
For some relations, positions are needed to be known to continue to find hypotheses, but it is not always necessary.
- $x\mapsto y\in f,\quad f\subseteq A\cprod B\quad\vdash\quad x\in A$
- $x\in dom(f),\quad f\subseteq A\cprod B\quad\vdash\quad x\in A$
- $x\in ran(f),\quad f\subseteq A\cprod B\quad\vdash\quad x\in B$

By using these inclusion and rewrites, it tries to find a path among the recovered hypotheses. Every one of those should only be used once, avoiding possible infinite loop $\left(A\subseteq B,\quad B\subseteq A\right)$ . Among all paths that lead to discharge the sequent, the tactic give the first it finds. Moreover, so that the reasoner does not do the same work as the tactic of writing new hypothesis, it gives all needed hypotheses and added hypotheses in the input.

Reasoner

The way the reasoner must work is still in discussion.

Implementation

This section explain how the tactic has bee implemented.

Positions

As it was said, we may sometimes need the position. It is represented by an array of integer. Here are the possible values the array contains (atomic positions) :

kdom : it corresponds to the domain.
- $\left[A\cprod B\right]_{pos\;=\;kdom} = A$
- $\left[x\mapsto y\right]_{pos\;=\;kdom} = x$
- $\left[g\right]_{pos\;=\;kdom} = dom(g)$
kran : it corresponds to the domain.
- $\left[A\cprod B\right]_{pos\;=\;kran} = B$
- $\left[x\mapsto y\right]_{pos\;=\;kran} = y$
- $\left[g\right]_{pos\;=\;kran} = ran(g)$
leftDProd : it corresponds to the left member of a direct product.
- $\left[f\otimes g\right]_{pos\;=\;leftDProd} = f$
- $\left[A\cprod \left(B\cprod C\right)\right]_{pos\;=\;leftDProd} = A\cprod B$
rightDProd : it corresponds to the right member of a direct product
- $\left[f\otimes g\right]_{pos\;=\;rightDProd} = g$
- $\left[A\cprod\left(B\cprod C\right)\right]_{pos\;=\;rightDProd} = A\cprod C$
leftPProd : it corresponds to the left member of a parallel product
- $\left[f\parallel g\right]_{pos\;=\;leftPProd} = f$
- $\left[\left(A\cprod B\right)\cprod\left(C\cprod D\right)\right]_{pos\;=\;leftPProd} = A\cprod C$
rightPProd : it corresponds to the right member of a parallel product
- $\left[f\parallel g\right]_{pos\;=\;rightPProd} = g$
- $\left[\left(A\cprod B\right)\cprod\left(C\cprod D\right)\right]_{pos\;=\;rightPProd} = B\cprod D$
converse : it corresponds to the child of an inverse
- $\left[f^{-1}\right]_{pos\;=\;converse}=f$
- $\left[A\cprod B\right]_{pos\;=\;converse} = B\cprod A$

For example, the following expressions at the given positions are equivalent.

\left[f\otimes\left(\left(A\cprod dom(g)\right)\parallel g\right)\right]_{pos\;=\;\left[rightDProd,\;leftPProd,\;kran\right]} = \left[\left(A\cprod dom(g)\right)\parallel g\right]_{pos\;=\;\left[leftPProd,\;kran\right]} = \left[A\cprod dom(g)\right]_{pos\;=\;\left[kran\right]} = \left[dom(g)\right]_{pos\;=\;\left[~\right]} = \left[g\right]_{pos\;=\;\left[kdom\right]}

Some combinations of atomic positions are equivalent. In order to simplify comparison between positions, they are normalized :

$ran(f^{-1}) = dom(f)\quad\limp\quad \left[f\right]_{pos \;=\; \left[converse,~kran\right]} = \left[f\right]_{pos\;=\;\left[kdom\right]}$
$dom(f^{-1}) = ran(f)\quad\limp\quad \left[f\right]_{pos \;=\; \left[converse,~kdom\right]} = \left[f\right]_{pos\;=\;\left[kran\right]}$
$\left(f^{-1}\right)^{-1} = f\quad\limp\quad \left[f\right]_{pos \;=\; \left[converse,~converse\right]} = \left[f\right]_{pos\;=\;\left[~\right]}$

Goal

As explained in the design decision part, goal is checked. If it matches the description here above $\left(x\in S\right)$ then x is stored in an attribute. Moreover, from the set S, we compute every pair expression & position equivalent to it. For example, from the set $dom(ran(ran(g)))$ , the map will be computed :

$dom(ran(ran(g)))\;\mapsto\;[\;]$
$ran(ran(g))\;\mapsto\;[0]$
$ran(g)\;\mapsto\;[1,~0]$
$g\;\mapsto\;[1,~1,~0]$

Only range, domain and converse can be taken into account to get all the possibles goals.

A pair (expression ; position) is said equal to the goal if and only if there exists a pair equivalent to the goal (GoalExp ; GoalPos) and a pair equivalent to the given pair (Exp ; Pos) such as Pos = GoalPos and Exp is contained in GoalExp.

Hypotheses

As explained in the design decision part, there are two kinds of hypotheses which are recovered. But when hypotheses related to the left member of the goal $\left(x\in S\right)$ are stored, the position of x is also record. Then, if there is an hypothesis such as $\left\{\cdots\;,\;y\mapsto x\mapsto z\;,\;m\mapsto x\;,\;\cdots\right\} = A$ , then this hypothesis is mapped to the positions $\left\{\left[0,~1\right],~\left[1\right]\right\}$ .

Find a path

Let's considered the sequent with the following goal : $x\in V$ . We start with the hypotheses which have a connection with the goal's member. Such a hypothesis gives two informations : the position $pos$ and the set $S$ as explained in hypotheses. Then, for each equivalent pair to these one $\left(S', pos'\right)$ , we compute set containing $S'$ ( Find a path 2.). For every new pair, we test if it is contained in the goal.

To be continued.

Untreated cases

Some cases are not treated. Further enhancement may be provided for some.

$x\in A\cup B,\quad A\cup B\cup C\subseteq D\quad\vdash\quad x\in D$
$x\in f,\quad f\in A\;op\;B\quad\vdash\quad x\in A\cprod B$
$f\ovl \left\{x\mapsto y\right\}\subseteq A\cprod B\quad\vdash\quad x\in A$
$x\in f\otimes g,\quad f\subseteq A\cprod B,\quad g\subseteq C\cprod D\quad\vdash\quad x\in (A\cprod C)\cprod(B\cprod D)$
$x\in f\otimes g,\quad f\subseteq h\quad\vdash\quad x\in h\otimes g$
$x\in \left\{a,~b,~c\right\},\quad\left\{a,~b,~c,~d,~e,~f\right\}\subseteq D\quad\vdash\quad x\in D$
$x\in A\cprod B,\quad A\subseteq C\quad\vdash\quad x\in C\cprod B$
$x\in dom(f)\cap A\quad\vdash\quad x\in dom(A\domres f)$
$x\in ran(f)\cap A\quad\vdash\quad x\in ran(f\ranres A)$
$x\in \quad\vdash\quad$
$\quad\vdash\quad$
$\quad\vdash\quad$
$\quad\vdash\quad$
$\bigl($ where $op_1$ and $op_2$ are ones of : $\quad\rel, \trel, \srel, \strel, \pfun, \tfun, \pinj, \tinj, \psur, \tsur, \tbij\bigr)$

Difference between pages "D45 General Platform Maintenance" and "Membership in Goal"

Revision as of 13:28, 9 August 2011

Contents

Objective

Analysis

Design Decision

Tactic

Goal

Hypotheses

Find a path

Reasoner

Implementation

Positions

Goal

Hypotheses

Find a path

Untreated cases

Navigation menu

Page actions

Page actions

Personal tools

Navigation

contribute

Search

Tools

@@ Line 1: / Line 1: @@
-= Overview =
+= Objective =
-The Rodin platform versions concerned by this deliverable are:
-* 2.1(08.02.2011),
-* 2.2(01.06.2011),
-* 2.2.2(01.08.2011),
-* 2.3(04.10.2011),
-* 2.4(31.01.2011),
-* 2.5(30.04.2011).
-This year, the maintenance carried on fixing identified bugs, although an emphasis was put on correcting usability issues. Indeed, during the annual meeting in Nice, the WP9 members agreed to refocus on the needed tasks to address some specific bugs and issues reported by DEPLOY partners, and wished resolved by the end of DEPLOY. Thus, no new features were implemented but those appearing in the description of work. The tasks to be performed by the WP9 members were then scheduled, prioritized and regularly updated during the WP9 bi-weekly meetings. The updates allowed to capture and integrate rapidly some minor changes to enhance the usability of the platform which were required by the DEPLOY partners. The following paragraphs will give an overview of the the work that has been performed concerning maintenance on the existing platform components (i.e. core platform and plug-ins).
-See the Release Notes<ref name="documentation">http://wiki.event-b.org/index.php/D32_General_Platform_Maintenance#Available_Documentation</ref> and the SourceForge<ref name=documentation>http://wiki.event-b.org/index.php/D45_General_Platform_Maintenance#Available_Documentation</ref> databases (bugs and feature requests) for details about the previous and upcoming releases of the Rodin platform.
+This page describes the design of the reasoner MembershipGoal and its associated tactic MembershipGoalTac.<br>
+This reasoner discharges sequent whose goal denotes a membership which can be inferred from hypotheses. Here an basic example of what it discharges :<br>
+<math>H,\quad x\in S,\quad S\subset T,\quad T\subseteq U \quad\vdash x\in U</math>
-* General platform maintenance
+= Analysis =
-The maintenance done to overcome Rodin scalability weaknesses and enhance the proving experience will be detailed in a separate chapter. However, some features initially planned and some other which were later added and prioritized are worth to mention:
-:*Possibility to highlight patterns in the ProverUI,
-:*A better output providing warnings and errors in case of wrong or missing building configurations,
-:*The switch to Eclipse 3.7,
-:*A Handbook to complete and enhance the existing documentation.
-* {{TODO}} An overview of the contribution about Mathematical extensions / Theory Plug-in (Issam Maamria)
+Such sequent are proved by PP and ML. But, these provers have both drawbacks :
+*All the visible are added as needed hypotheses, which is most of the time not the case.
+*They take quite consequent time to prove it (even with the basic example given here above, the difference in time execution is noticeable).
+*If there are too many hypotheses, or if the expression of the <math>x</math> is too complicated, they may not prove it.
+This is particularly true when in the list of inclusion expressions of each side of the relation are not equal. For example : <math>H,\quad a\in S,\quad S\subset T_1\cap T_2,\quad T_1\cup T_3\subseteq  U\quad\vdash a\in U</math>
+<p>
+Such a reasoner contributes to prove more Proof Obligations automatically, faster and with fewer needed hypotheses which makes proof rule more legible and proof replay less sensitive to modifications.
-* {{TODO}} An overview of the contribution about Plug-in Incompatibilities (All partners)
+= Design Decision =
-* {{TODO}} An overview of the contribution about Modularisation (Alexei Illiasov)
+== Tactic ==
-* {{TODO}} An overview of the contribution about Decomposition (Renato Silva)
+This part explains how the tactic (MembershipGoalTac) associated to the reasoner MembershipGoal is working.
+=== Goal ===
+The tactic (as the reasoner) should works only on goals such as :
+*<math>\cdots~\in~\cdots</math>
+For examples :
+*<math>f(x)\in g\otimes h</math>
+*<math>x\in A\cprod\left(B\cup C\right)</math>
+*<math>x\mapsto y\in A\cprod B</math>
+In the latter case, the reasoner won't try to prove that ''x'' belongs to ''A'' and ''y'' belongs to ''B'', but that the mapplet belong to the Cartesian product.
+=== Hypotheses ===
+Now we have to find hypotheses leading to discharge the sequent. To do so, the tactic recovers two kinds of hypotheses :
+#the ones related to the left member of the goal <math>\left( x\in S\right)</math> (this is the start point):
+#*<math>x\in \cdots</math>
+#*<math>\cdots\mapsto x\mapsto\cdots\in\cdots</math>
+#*<math>\left\{\cdots, x,\cdots\right\}=\cdots</math>
+#*<math>\left\{\cdots, \cdots\mapsto x\mapsto\cdots,\cdots\right\}=\cdots</math>
+#the ones denoting inclusion (all but the ones matching the description of the first point) :
+#*<math>\cdots\subset\cdots</math>
+#*<math>\cdots\subseteq\cdots</math>
+#*<math>\cdots=\cdots</math>
+Then, it will search a link between those hypotheses so that the sequent can be discharged.
+=== Find a path ===
+Now that we recovered all the hypotheses that could be useful for the reasoner, it remains to find a path among the hypotheses leading to discharge the sequent. Depending on the relations on each side of the inclusion, we will act differently. <math>f</math> always represent an expression (may be a domain, a range, etc.).
+#The following sequent is provable because <math>f\subseteq \varphi (f)</math>.
+#*<math>x\in f,\quad \varphi (f)\subseteq g\quad\vdash\quad x\in g</math>
+#*<math>\varphi (f) = f\quad\mid\quad f\cup h \quad\mid\quad h\cup f \quad\mid\quad h\ovl f</math>
+#The following sequent is provable because <math>\psi (f)\subseteq f</math>.
+#*<math>x\in \psi (f),\quad f\subseteq g\quad\vdash\quad x\in g</math>
+#*<math>\psi (f) = f\quad\mid\quad f\cap h \quad\mid\quad h\cap f \quad\mid\quad f\setminus h \quad\mid\quad f\ransub A \quad\mid\quad f\ranres A \quad\mid\quad A\domsub f \quad\mid\quad A\domres f</math>
+#We can generalized the first two points. This is the Russian dolls system. We can easily prove a sequent with multiple inclusions by going from hypothesis to hypothesis.
+#*<math>x\in \psi (f),\quad \varphi (f)\subseteq g\quad\vdash\quad x\in g</math>
+#For some relations, [[#positions|positions]] are needed to be known to continue to find hypotheses, but it is not always necessary.
+#*<math>x\mapsto y\in f,\quad f\subseteq A\cprod B\quad\vdash\quad x\in A</math>
+#*<math>x\in dom(f),\quad f\subseteq A\cprod B\quad\vdash\quad x\in A</math>
+#*<math>x\in ran(f),\quad f\subseteq A\cprod B\quad\vdash\quad x\in B</math>
-* {{TODO}} An overview of the contribution about Team-based Development (Colin Snook, Vitaly Savicks)
+By using these inclusion and rewrites, it tries to find a path among the recovered hypotheses. Every one of those should only be used once, avoiding possible infinite loop <math>\left(A\subseteq B,\quad B\subseteq A\right)</math>. Among all paths that lead to discharge the sequent, the tactic give the first it finds. Moreover, so that the reasoner does not do the same work as the tactic of writing new hypothesis, it gives all needed hypotheses and added hypotheses in the input.
-* {{TODO}} An overview of the contribution about UML-B (Colin Snook, Vitaly Savicks)
+== Reasoner ==
-== An overview of the contribution about ProR (Michael Jastram) ==
+The way the reasoner must work is still in discussion.
-ProR is a replacement of the original requirements plug-in, which got discontinued in 2010.  It is based on the OMG ReqIF standard (<ref name="reqif">http://www.omg.org/spec/ReqIF/</ref>), which provides interoperability with industry tools.  It evolved into the Eclipse Foundation project "Requirements Modeling Framework" (RMF, <ref name="rmf">http://eclipse.org/rmf</ref>), resulting in significant visibility.  ProR is independent from Rodin.  Integration is achieved with a separate plug-in that provides support for traceability and model integration.
+= Implementation =
-= Motivations =
+This section explain how the tactic has bee implemented.
-The tasks to solve the issues faced by the DEPLOY partners have been listed and have been assigned to groups according to their priority. A high priority means a high need in the outcome of a given task. The group 1 has the highest priority, the group 2 has an intermediate priority, and the group 3 has the lowest priority. The group 4 concerns topics that could not be resourced during the lifetime of DEPLOY.The prover integrity item, although not being directly covered, has been partially addressed thanks to Isabelle and SMT integration. Unfortunately, the originally planned export of full proofs and integrity check was too ambitious to be fully achieved in the scope of DEPLOY.
-{{SimpleHeader}}
+=== Positions ===
-|-
+As it was said, we may sometimes need the position. It is represented by an array of integer. Here are the possible values the array contains (atomic positions) :
-! scope=col | Group 1 (highest priority) || Responsible
+* '''''kdom''''' : it corresponds to the domain.
-|-
+**<math>\left[A\cprod B\right]_{pos\;=\;kdom} = A</math>
-|Performance <br /> - Core (large models, etc.) <br /> - GUI (incl. prover UI, edition, etc.) || SYSTEREL
+**<math>\left[x\mapsto y\right]_{pos\;=\;kdom} = x</math>
-|-
+**<math>\left[g\right]_{pos\;=\;kdom} = dom(g)</math>
-|Prover Performances <br /> - New rewriting rules / inference rules <br /> - Automatic tactics (preferences, timeout, etc.) || SYSTEREL
+* '''''kran''''' : it corresponds to the domain.
-|-
+**<math>\left[A\cprod B\right]_{pos\;=\;kran} = B</math>
-|ProB Disprover (incl. counter examples to DLF POs) || Düsseldorf
+**<math>\left[x\mapsto y\right]_{pos\;=\;kran} = y</math>
-|-
+**<math>\left[g\right]_{pos\;=\;kran} = ran(g)</math>
-|Stability (crash, corruption, etc.)  || SYSTEREL
+* '''''leftDProd''''' : it corresponds to the left member of a direct product.
-|-
+**<math>\left[f\otimes g\right]_{pos\;=\;leftDProd} = f</math>
-|Editors || SYSTEREL/Düsseldorf
+**<math>\left[A\cprod \left(B\cprod C\right)\right]_{pos\;=\;leftDProd} = A\cprod B</math>
-|-
+* '''''rightDProd''''' : it corresponds to the right member of a direct product
-|}
+**<math>\left[f\otimes g\right]_{pos\;=\;rightDProd} = g</math>
-{{SimpleHeader}}
+**<math>\left[A\cprod\left(B\cprod C\right)\right]_{pos\;=\;rightDProd} = A\cprod C</math>
-|-
+* '''''leftPProd''''' : it corresponds to the left member of a parallel product
-! scope=col | Group 2 || Responsible
+**<math>\left[f\parallel g\right]_{pos\;=\;leftPProd} = f</math>
-|-
+**<math>\left[\left(A\cprod B\right)\cprod\left(C\cprod D\right)\right]_{pos\;=\;leftPProd} = A\cprod C</math>
-| Prover Performances <br /> - SMT provers integration <br /> - connection with Isabelle  <br /> - Mathematical extensions <br /> - ProB || <br />SYSTEREL <br /> ETH Zürich <br /> Southampton/SYSTEREL <br /> Düsseldorf
+* '''''rightPProd''''' : it corresponds to the right member of a parallel product
-|-
+**<math>\left[f\parallel g\right]_{pos\;=\;rightPProd} = g</math>
-|Scalability <br /> - Decomposition <br /> - Modularisation plug-in <br /> - Team-based development || <br /> Southampton <br /> Newcastle <br /> Southampton
+**<math>\left[\left(A\cprod B\right)\cprod\left(C\cprod D\right)\right]_{pos\;=\;rightPProd} = B\cprod D</math>
-|-
+* '''''converse''''' : it corresponds to the child of an inverse
-|Plug-in incompatibilities || Newcastle
+**<math>\left[f^{-1}\right]_{pos\;=\;converse}=f</math>
-|-
+**<math>\left[A\cprod B\right]_{pos\;=\;converse} = B\cprod A</math>
-|Model-based testing || Pitesti/Düsseldorf
+For example, the following expressions at the given positions are equivalent.
-|-
+:<math>\left[f\otimes\left(\left(A\cprod dom(g)\right)\parallel g\right)\right]_{pos\;=\;\left[rightDProd,\;leftPProd,\;kran\right]} = \left[\left(A\cprod dom(g)\right)\parallel g\right]_{pos\;=\;\left[leftPProd,\;kran\right]} = \left[A\cprod dom(g)\right]_{pos\;=\;\left[kran\right]} = \left[dom(g)\right]_{pos\;=\;\left[~\right]} = \left[g\right]_{pos\;=\;\left[kdom\right]}</math>
-|ProR || Düsseldorf
-|}
-{{SimpleHeader}}
-|-
-! scope=col | Group 3 || Responsible
-|-
-|Scalability <br /> - Generic instantiation <br /> - UML-B maintenance <br /> || <br /> Southampton <br /> ETH Zürich/Southampton
-|-
-|Code Generation || Southampton
-|}
-{{SimpleHeader}}
-|-
-! scope=col | Group 4
-|-
-|Prover Integrity
-|-
-|Integrity of Code Generation
-|}
-== Platform maintenance ==
-The platform maintenance, as it can be deduced from the above tables in section [[#Motivations | Motivations]], mainly concerned stability and performance improvement. These topics will be discussed and detailed in a separate chapter about scalability improvements.<br>
-However, other improvements of utmost importance were made on the platform. These improvements either came from DEPLOY partners specific needs, or were corresponding to previously identified needs (listed in D32 - Model Construction tools & Analysis III Deliverable).
-Hence we review below the motivations of some noteworthy implemented features:
-* A Possibility to highlight patterns in the Prover UI.
-This feature came from a request of DEPLOY partners<ref name="searchInPUI">https://sourceforge.net/tracker/?func=detail&atid=651672&aid=3092835&group_id=108850</ref>, often facing the need to find particular patterns such as expressions in long predicates (e.g. long goals). Since Rodin 2.2, and its new Proving UI interface, a nice feature was added, allowing to search and highlight a string pattern into the whole Proving UI views and editors. This function as also been enabled on direct selection of text in this UI.
-* A better output providing warnings and errors in case of wrong or missing building configurations.
-This issue, often seen as a bug or as a plug-in incompatibility, was raised when a user imports and tries to use a model on a platform with some missing required plug-ins. The user often thought his models corrupted whereas Rodin was not able to build them, and hid this information to the user. This is why, since Rodin 2.3, an output has been provided in such case, taking the form of warnings or errors that any user can understand and review. This is a first answer to Rodin plug-in incompatibilities issues.
-* The switch to Eclipse 3.7.
-Due to the major improvements made every year in Eclipse releases and the continuously growing number of contributing projects which are for some of them used as basis for Rodin plug-ins, the Rodin platform follows the evolution and is adapted every year quickly to the latest Eclipse version available. This year, Rodin 2.3 originated the switch from Eclipse 3.6 to Eclipse 3.7.
-* A Handbook to complete and enhance the existing documentation.
-At the DEPLOY Plenary Meeting in Zürich in 2010, it has been stated that the current documentation, in its state at that time, would not support a engineer starting using the tools without significant help of an expert <ref name="documentationoverhaul>http://wiki.event-b.org/index.php/User_Documentation_Overhaul</ref>. Significant efforts to improve the documentation were performed and coordinated by Düsseldorf, and took form of a handbook<ref name="RodinHandbook">http://handbook.event-b.org/</ref>. The Rodin handbook has the aim to minimize the access to an expert, by providing the necessary assistance to an engineer in the need to be productive using Event-B and the Rodin toolset. The contents of the handbook, user oriented, were originated by some contents of the Event-B wiki.
-== Mathematical extensions / Theory Plug-in ==
+Some combinations of atomic positions are equivalent. In order to simplify comparison between positions, they are normalized :
-{{TODO}} ''To be completed by Issam Maamria''
+*<math>ran(f^{-1}) = dom(f)\quad\limp\quad \left[f\right]_{pos \;=\; \left[converse,~kran\right]} = \left[f\right]_{pos\;=\;\left[kdom\right]}</math>
-== Plug-in Incompatibilities ==
+*<math>dom(f^{-1}) = ran(f)\quad\limp\quad \left[f\right]_{pos \;=\; \left[converse,~kdom\right]} = \left[f\right]_{pos\;=\;\left[kran\right]}</math>
-By its extensibility nature, the Rodin platform is susceptible to incompatibilities. Indeed, there are many ways in which incompatibilities could occur, and it occurred in the lifetime of DEPLOY. A good example, is the dependency management. Suppose that a bundle x_v1.0 is needed by a plug-in A (i.e. a dependency from A has been defined to x in at most the version 1.0) and installed in Rodin. Then the plug-in x_v1.1 is needed by a plug-in B. The both versions 1.0 and 1.1 of x could not be installed and used at the same time and create thus some usage incompatibility.
+*<math>\left(f^{-1}\right)^{-1} = f\quad\limp\quad \left[f\right]_{pos \;=\; \left[converse,~converse\right]} = \left[f\right]_{pos\;=\;\left[~\right]}</math>
-== Modularisation ==
+=== Goal ===
-{{TODO}} ''To be completed by Alexei Illiasov''
-== Decomposition ==
-{{TODO}} ''To be completed by Renato Silva''
-== Team-based Development ==
-{{TODO}} ''To be completed by Colin Snook, Vitaly Savicks''
-== UML-B ==
-{{TODO}} ''To be completed by Colin Snook, Vitaly Savicks''
-== ProR ==
-While the original requirements plug-in for Rodin was useful as a prototype, a number of shortcomings lead to a new development.  In particular, the original plug-in was a traceability tool with externally managed requirements.  With ProR, requirements are authored and edited within Eclipse.  The original plug-in supported only a limited number of attributes and flat (unstructured) requirements.  ProR supports all data structures that the ReqIF standard<ref name="reqif">http://www.omg.org/spec/ReqIF/</ref> supports. Further, ReqIF-support for industry tools like Rational DOORS, MKS or IRqA is expected in the near future, while the original plug-in required a custom adaptor for each data format.
+As explained in the design decision part, goal is checked. If it matches the description here above <math>\left(x\in S\right)</math> then ''x'' is stored in an attribute. Moreover, from the set ''S'', we compute every pair ''expression'' & ''position'' equivalent to it. For example, from the set <math>dom(ran(ran(g)))</math>, the map will be computed :
+*<math>dom(ran(ran(g)))\;\mapsto\;[\;]</math>
+*<math>ran(ran(g))\;\mapsto\;[0]</math>
+*<math>ran(g)\;\mapsto\;[1,~0]</math>
+*<math>g\;\mapsto\;[1,~1,~0]</math>
+Only ''range'', ''domain'' and ''converse'' can be taken into account to get all the possibles goals.
-ProR is developed independently from Rodin.  Dependencies to Rodin exist only in the Rodin integration plug-in.  This significantly decreases the maintenance effort for the integration plugin, while increasing the visibility of ProR in the Open Source community.  The move of ProR from the University of Düsseldorf to the Eclipse Foundation increases visibility even further.  The Rodin integration plug-in is maintained as an independent project at github.
+A pair (expression ; position) is said equal to the goal if and only if there exists a pair equivalent to the goal (GoalExp ; GoalPos) and a pair equivalent to the given pair (Exp ; Pos) such as ''Pos = GoalPos'' and ''Exp'' is contained in ''GoalExp''.
-= Choices / Decisions =
+=== Hypotheses ===
-== Platform maintenance ==
-* Revisited task priority
-This year, the process of giving priority to maintenance tasks was revisited according the the refocus mentioned above. The aim was to address all the major scalability issues before the end of DEPLOY. Thus, the requests coming from DEPLOY partners were given high priorities, and they were also prioritized against the already planned tasks coming from both DEPLOY partners and the Description of Work.
-* Keep 32-bit versions of the Rodin platform on linux and windows systems
-It was asked by end users to make both 32-bit and 64-bit versions of the Rodin platform available for Linux and Windows platforms. Only a 64-bit version of Rodin is available on Mac platforms as 32-bit Mac (early 2006) platforms are no longer maintained. The request to offer 64-bit was motivated by the possibility to increase for them the available Java heap size for some memory greedy platforms (these before 2.3). However, the drawbacks of assembling and maintaining more platforms (5 platforms instead of 3) and the corrections brought to the database which improved the memory consumption pushed away the limitations of the platform, made this request not relevant for now.
-== Mathematical extensions / Theory Plug-in ==
+As explained in the design decision part, there are two kinds of hypotheses which are recovered. But when hypotheses related to the left member of the goal <math>\left(x\in S\right)</math> are stored, the position of ''x'' is also record. Then, if there is an hypothesis such as <math>\left\{\cdots\;,\;y\mapsto x\mapsto z\;,\;m\mapsto x\;,\;\cdots\right\} = A</math>, then this hypothesis is mapped to the positions <math>\left\{\left[0,~1\right],~\left[1\right]\right\}</math>.
-{{TODO}} ''To be completed by Issam Maamria''
-== Plug-in Incompatibilities ==
-It has been decided in cooperation with all the WP9 partners to find better ways to address the plug-in incompatibility issues. First of all, the various partners refined the concept of "plug-in incompatibility". Hence, various aspects could be identified and some specific answers were given to each of them. The user could then defined more clearly the incompatibility faced. Plug-in incompatibilities can be separated in two categories:
-:* Rodin platform/plug-in incompatibilities, due to some wrong match between Rodin included packages and the plug-in dependencies (i.e. needed packages). These incompatibilities, when reported, allowed the plug-in developers to contact SYSTEREL in charge of managing the packages shipped with a given version of Rodin. It could also allow traceability of incompatibilities and information to the user through a specific and actualized table on each Rodin release notes page on the Wiki<ref name="incompTableA">http://wiki.event-b.org/index.php/Rodin_Platform_Releases#Current_plug-ins</ref>.
-:* Plug-in/plug-in incompatibilities, due to some wrong match between needed/installed packages, or API/resources incompatible usage. A table was created on each release notes wiki page, and a procedure was defined<ref name="incompTableB">http://wiki.event-b.org/index.php/Rodin_Platform_Releases#Known_plug-in_incompatibilities</ref> so that identified incompatibilities are listed and corrected by the concerned developers.
-It appeared that cases of using a model which references some missing plug-ins were formerly often seen as compatibility issues although they were not.<br>
-After the incompatibilities have been identified, the developing counterparts being concerned assigned special tasks and coordination to solve issues the soonest as possible. Incompatibilities are often due to little glitches or desynchronisation and such direct coordination of counterpart appeared appropriate because quick and effective.
-== Modularisation ==
+=== Find a path ===
-{{TODO}} ''To be completed by Alexei Illiasov''
-== Decomposition ==
-{{TODO}} ''To be completed by Renato Silva''
-== Team-based Development ==
-{{TODO}} ''To be completed by Colin Snook, Vitaly Savicks''
-== UML-B ==
-{{TODO}} ''To be completed by Colin Snook, Vitaly Savicks''
-== ProR ==
-The following key decisions were made when developing ProR:
+Let's considered the sequent with the following goal : <math>x\in V</math>.
+We start with the hypotheses which have a connection with the goal's member. Such a hypothesis gives two informations : the position <math>pos</math> and the set <math>S</math> as explained in [[#Hypotheses|hypotheses]]. Then, for each equivalent pair to these one <math>\left(S', pos'\right)</math>, we compute set containing <math>S'</math> ([[#Design Decision#Tactic#Find a path| Find a path 2.]]). For every new pair, we test if it is contained in the goal.
-* '''New development, rather than continuing the original plug-in''' - the architecture of ProR differs significantly from that of the original plug-in (see [[D45_General_Platform_Maintenance#ProR]].  In addition, new technologies like EMF promised a cleaner, more powerful framework for an implementation.
+To be continued.
-* '''ReqIF as the underlying data model''' - the ReqIF standard <ref name="reqif">http://www.omg.org/spec/ReqIF/</ref> is gaining traction and promises interoperability with industry tools.  In addition, a digital version of the data model was available for free and could serve as the foundation for the model code.
+= Untreated cases =
-* '''The Eclipse Modeling Framework''' (EMF) was identified as a technology that would allow a quick and clean foundation for an implementation.  Further, the Rodin EMF-plug-in represents a convenient interface for integrating ProR and ProB.  Last, the digital data model from the OMG could be imported directly into EMF and used for generating the model code.
+Some cases are not treated. Further enhancement may be provided for some.
+*<math>x\in A\cup B,\quad A\cup B\cup C\subseteq D\quad\vdash\quad x\in D</math>
+*<math>x\in f,\quad f\in A\;op\;B\quad\vdash\quad x\in A\cprod B</math>
+*<math>f\ovl \left\{x\mapsto y\right\}\subseteq A\cprod B\quad\vdash\quad x\in A</math>
+*<math>x\in f\otimes g,\quad f\subseteq A\cprod B,\quad g\subseteq C\cprod D\quad\vdash\quad x\in (A\cprod C)\cprod(B\cprod D)</math>
+*<math>x\in f\otimes g,\quad f\subseteq h\quad\vdash\quad x\in h\otimes g</math>
+*<math>x\in \left\{a,~b,~c\right\},\quad\left\{a,~b,~c,~d,~e,~f\right\}\subseteq D\quad\vdash\quad x\in D</math>
+*<math>x\in A\cprod B,\quad A\subseteq C\quad\vdash\quad x\in C\cprod B</math>
+*<math>x\in dom(f)\cap A\quad\vdash\quad x\in dom(A\domres f)</math>
+*<math>x\in ran(f)\cap A\quad\vdash\quad x\in ran(f\ranres A)</math>
+*<math>x\in \quad\vdash\quad</math>
+*<math>\quad\vdash\quad</math>
+*<math>\quad\vdash\quad</math>
+*<math>\quad\vdash\quad</math>
+*:<math>\bigl(</math> where <math>op_1</math> and <math>op_2</math> are ones of :<math>\quad\rel, \trel, \srel, \strel, \pfun, \tfun, \pinj, \tinj, \psur, \tsur, \tbij\bigr)</math>
-* '''Keeping ProR independent from Rodin''' - There is significant interest in ReqIF right now, but this interest is unrelated to formal methods.  By providing an implementation that is independent from Rodin, we have a much larger target group of potential users and developers.  By carefully designing extension points, we can still provide a powerful Rodin integration.
+[[Category:Design proposal]]
-* '''Eclipse Foundation Project''' - we were actively establishing an open source community around ProR.  By recruiting engaged partners early on, development progressed faster than anticipated.  By becoming an Eclipse Foundation project <ref name="rmf">http://eclipse.org/rmf</ref>, we exceeded our goals in this respect.
-= Available Documentation =
-* Core platform:
-:The following pages give useful information about the Rodin platform releases:
-:* Release notes<ref>http://wiki.event-b.org/index.php/Rodin_Platform_Releases</ref>.
-:* Bugs<ref>https://sourceforge.net/tracker/?group_id=108850&atid=651669</ref>.
-:* Feature requests<ref>https://sourceforge.net/tracker/?group_id=108850&atid=651672</ref>.
-*The Rodin handbook is proposed as a PDF version and a HTML version and a dedicated plug-in makes it available as help within Rodin<ref name="RodinHandbook">http://handbook.event-b.org/</ref>.
-*{{TODO}}  Links for Mathematical extensions / Theory Plug-in
-*{{TODO}}  Links for Modularisation
-*{{TODO}}  Links for Decomposition
-*{{TODO}}  Links for Team-based Development
-*{{TODO}}  Links for UML-B
-* Links for ProR
-** ProR at the Eclipse Foundation <ref name="rmf">http://eclipse.org/rmf</ref>
-** ProR Documentation for end users and plugin developers <ref>http://pror.org</ref>
-= Status =
-== Platform maintenance ==
-By the end of the project, there are :
-* xx bugs reported and open. All with a priority lower or equal to 5.
-* xx feature requests expressed and still open.
-== Mathematical extensions / Theory Plug-in ==
-{{TODO}} ''To be completed by Issam Maamria''
-== Plug-in Incompatibilities ==
-As the time of writing this deliverable, no plug-in incompatibilities are left or known to exist between the platform and plug-ins or between plug-ins.
-== Modularisation ==
-{{TODO}} ''To be completed by Alexei Illiasov''
-== Decomposition ==
-{{TODO}} ''To be completed by Renato Silva''
-== Team-based Development ==
-{{TODO}} ''To be completed by Colin Snook, Vitaly Savicks''
-== UML-B ==
-{{TODO}} ''To be completed by Colin Snook, Vitaly Savicks''
-== ProR ==
-ProR took on a life on its own as part of the Requirements Modeling Framework<ref name="rmf">http://eclipse.org/rmf</ref>.  It is currently in the incubation stage of an Eclipse project.  There are currently five committers in total, with two from the Rodin project, namely Michael Jastram (Project Lead) and Lukas Ladenberger.
-The Rodin integration supports:
-* Creating traces between model elements and requirements
-* Highlighting of model elements in the requirements text
-* Marking of invalidated traces, where either the requirement or model element had changed.
-The Rodin integration is hosted at GitHub.
-= References =
-<references/>
-[[Category:D45 Deliverable]]