Code Generation for Event-B
This work addresses software developers using formal methods by enabling a transition from Event-B modeling to Java implementation, though it appears incremental as it builds on existing translation approaches.
The thesis tackled the problem of combining stepwise refinement with Event-B and Design-by-Contract with Java/JML by developing syntactic rules and the EventB2Java tool to translate Event-B models into JML-annotated Java code, successfully generating code for several models and applying it to two software applications.
Stepwise refinement and Design-by-Contract are two formal approaches for modelling systems. These approaches are widely used in the development of systems. Both approaches have (dis-)advantages. This thesis aims to answer, is it possible to combine both approaches in the development of systems, providing the user with the benefits of both? We answer this question by translating the stepwise refinement method with Event-B to Design-by-Contract with Java and JML, so users can take full advantage of both formal approaches without losing their benefits. This thesis presents a set of syntactic rules that translates Event-B to JML-annotated Java code. It also presents the implementation of the syntactic rules as the EventB2Java tool. We used the tool to translate several Event-B models. It generated JML-annotated Java code for all the considered models that serve as initial implementation. We also used EventB2Java for the development of two software applications. Additionally, we compared EventB2Java against two other tools for Event-B code generation. EventB2Java enables users to start the software development process in Event-B, where users can model the system and prove its consistency, to then transition to JML-annotated Java code, where users can continue the development process.