Transformational development allows one to design systems and simultaneously prove them correct. We present transformational developments of multiplier circuits from a common specification. Careful choice of the notation (a functional language with polymorphic and dependent higher-order (sub)types) and of the foundations for the transformations (some lemmas over the data domains, embeddings of functions into more general ones, and use of the unfold/fold strategy) allow highlighting the design decisions in a systematic way.
Calculating digital counters
(1996)
We formally derive a functional module for binary search trees comprising search, insert, delete, minimum and maximum operations. The derivation starts from an extensional specification that refers only to the multiset of elements stored in the tree. The search tree property is systematically derived as an implementation requirement.
