Xref: utzoo comp.specification:375 comp.software-eng:6022 comp.theory:2135
Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!uunet!mcsun!ukc!mucs!timc
From: timc@cs.man.ac.uk (Tim Clement)
Newsgroups: comp.specification,uk.events,comp.software-eng,comp.theory
Subject: David Harel at Manchester
Keywords: systems design
Message-ID: <2719@m1.cs.man.ac.uk>
Date: 18 Jun 91 16:44:32 GMT
Sender: news@cs.man.ac.uk
Reply-To: annual-lecture@cs.man.ac.uk
Followup-To: comp.specification
Organization: Department of Computer Science, University of Manchester UK
Lines: 189


                1991 Sun Annual Lecture in Computer Science
                         University of Manchester
                          September 25th - 26th.

                  Systems Design: Theory and Practice

                             David Harel
            Department of Applied Mathematics and Computer Science
                         Weizmann Institute


About the Sun Annual Lecture
----------------------------

The Sun Annual Lecture in Computer Science at the University of Manchester
provides an opportunity for an eminent computer scientist to give a series
of lectures introducing a wider audience to current research work in
their area.  The lectures occupy eight hours over two days, giving
ample time for questions and discussion.

This year, we are delighted to have Professor David Harel, Chairman of
the Department of Applied Mathematics and Computer Science at the
Weizmann Institute, and co-founder of i-Logix Incorporated.

Registration for the lecture series is 75 pounds, which includes lunch
each day, and supporting material for the lectures.  The Annual Lecture
dinner will be held  on the night of the 25th at Yang Sing, one of the best
Chinese restaurants in the UK.  If you would like to attend this,
please tick the box in the reply slip below and include the cost with the
registration payment.


Abstract
--------

In these lectures I will try to outline an approach to the development
and analysis of complex reactive systems.

In his well-known ``No Silver Bullet'' paper, published in 1987, Fred Brooks 
expresses his feelings about the illusions and hopes offered by software 
engineering.  He argues that many proposed ideas are not the silver bullets
that will deliver us from the horrors of developing complex systems.
Brooks' paper is reminiscent of Parnas' series of mini-papers that accompanied
his widely publicized resignation from the SDIO Panel on Computing in 1985. 
Parnas claims that current proposals are vastly inadequate when it comes 
to building reliable software as complex as that required by the SDIO project.

We thus have two rather discouraging position papers, authored by two of the 
most influential figures in the software world. One of the things I will
try to do in these lectures is to illuminate the brighter side of the coin,
emphasizing developments in the field that were too recent or immature
to have influenced Brooks and Parnas at the time of their writing.
The two main aspects of these developments have to do with a carefully wrought 
``vanilla'' approach to system modeling, and the emergence of powerful methods 
for executing the resulting models.  I will argue that the combined effect of
these and other ideas is already showing positive signs, and appears to have
the potential of providing a truly major improvement in our present abilities,
affecting the essence of the problem in a profound way. This might take more 
than the ten years Brooks focuses on in his paper. It will surely be a long, 
long time before we can build reliable software for the likes of the SDIO 
project. Such a system remains an order of magnitude too large and too
critical, mainly because of its must-work-first-time nature. But I also
believe that we are on the royal road, and that the general impression one
gets from reading the papers of Brooks and Parnas is far too bleak.

Reactive systems include many kinds of embedded, concurrent and real-time 
systems, but exclude data-intensive ones, such as databases and management 
information systems. Reactive systems are widely considered to be particularly 
problematic, posing some of the greatest challenges in systems engineering.

The vanilla approach is rooted in early work on modularization and information
hiding, and on structured analysis and structured design, which dealt mainly 
with data-intensive systems. According to these, the backbone of the model of 
a system should be a hierarchy of activities, that capture the functional
capabilities of the system, suitably decomposed to a level with which the 
designer is happy.  The new work advocates enriching this hierarchy with 
behavioral descriptions, called control activities, that appear (potentially)
on all levels.  Control activities play the role of the central nervous system,
so to speak, of the conceptual model.  They are to sense and control the 
dynamics of that portion of the functional description that is on their level.

The lectures will describe a relatively new approach to modeling behavior,
i.e., for capturing the workings of the control activities, the language of 
statecharts. This is a highly visual language, that extends state-transition 
diagrams, making them useful even for very large systems.  We shall discuss 
mathematical properties of statecharts, such as the succinctness they offer 
in describing systems with very large state spaces.

The second part of the lectures will concentrate on means for analyzing and
debugging system  models. Although the importance of testing and analyzing
algorithms has always been acknowledged, the world of complex systems has 
long suffered from something of an indifference to such needs. By analogy,
the situation was as if we were asked to solve one-person algorithmic problems 
without the possibility of running programs, and hence without being able
to test and debug them at all! 

One of the main ideas we shall consider is that of executable specifications, 
or, to fit in better with the terminology used here, executable models.  
Executing a model is analogous to running a program directly, with the aid 
of an interpreter. Although model execution is not a new idea, its vast 
potential has not yet been fully  exploited. We shall discuss interactive and 
batch executions, as well as programmed executions, random executions, and 
exhaustive executions, and will exhibit their power. We shall also touch
upon the possibility of verifying the model rigorously against a global
constraint in temporal logic.

We shall then turn to another crucial idea, that of automatically translating
the model into runnable code, in, say, C or Ada, or a hardware desscription
languages, such as VHDL. This process is analogous to compilation, and its main
benefit is in observing the system performing under circumstances that are 
close to those of the real world. For example, the code can be ported to, and 
executed in, the actual target environment, or, as is often the case in 
earlier stages, in a simulated version of the target environment.  The code 
can be linked to ``soft'' panels, i.e., graphical mock-ups of control boards, 
complete with images of display screens, switches, dials and gauges, that 
represent the actual user-interface of the final system.

The main thesis of the talks is that the current situation, and the prospects 
of significant improvement in the future, indicate that system development is
at the start of a new and exciting era.


About the lecturer
------------------

David Harel is a professor at the Weizmann Institute of Science in Israel,
and is Chairman of its Department of Applied Mathematics and Computer Science.
He is also a co-founder of i-Logix, Inc., Burlington, MA.  He has published 
widely on computability and complexity theory, logics of programs, theory 
of databases, systems engineering, and visual languages. He has been on the 
research staff of IBM's T.J. Watson Research Center at Yorktown Heights, 
and a visiting professor at Carnegie-Mellon University.  He received a 
best paper award in the 10th International Conference on Software Engineering 
in 1988, and his book, "Algorithmics: The Spirit of Computing" (Addison-Wesley,
1987), was the Spring 1987 Main Selection of the Macmillan Library of Science.

Harel received the BSc from Bar-Ilan University in 1974, the MSc from Tel-Aviv 
University in 1976, and the PhD from the Massachussetts Institute of Technology
in 1978.  He is on the editorial boards of  Information and Computation, 
Formal Aspects of Computing, Mathematical Systems Theory, and the 
ACM Press/Addison-Wesley book series.  He is a senior member of the IEEE, 
and a member of the IEEE Computer Society and the ACM.


-------------------------------------------------------------------------------

                  Sun Annual Lecture Registration 1991

Please register me for the SUN Annual Lecture in Computer Science at the
University of Manchester.

Name:

Address:




Company/Institution:
Telephone:
Electronic mail address:

Payments:

  Registration Fee (75 pounds)
  Annual Lecture Dinner (25 pounds)

  Total

I enclose a cheque for this amount made payable to the University of
Manchester.

------------------------------------------------------------------------------

Please send registration forms to:

           Mrs. J. Fleet,
           Annual Lecture,
           Department of Computer Science,
           The University,
           Oxford Road,
           Manchester M13 9PL,
           ENGLAND

For further information, write or e-mail:

          JANET:       annual-lecture@uk.ac.man.cs
          ARPA/BITNET: annual-lecture@cs.man.ac.uk