Introduction

This chapter is based on the fifth chapter of John Reynolds’ book “The craft of programming” [Rey81]. The material in Section 11.2 is taken verbatim from his book.

In contrast to Part I, Reynolds is mainly concerned with top-down development of programs rather than proving refinement between data types. His method of deriving programs is called stepwise refinement and was introduced in [Wir71] and [DDH72]. One of his development techniques, however, is related to data refinement. In this chapter we shall present and analyze this technique and show that it amounts to L-simulation.

In a given program Reynolds inspects each particular variable of some abstract data type separately, and shows how the choice of a way to implement that variable is guided by the number and relative frequency of the operations performed on it. This allows differentiation between the implementation of different variables of the same data type.

Reynolds uses Hoare-style partial correctness specifications. However, none of his program transformation steps increases the domain of possible nontermination. Therefore his examples of refinement are also refinements in a total correctness interpretation.

In Section 11.3 we relate Reynolds' method to L-simulation. At the last stage of our analysis of Reynolds' method we shall see that we have to interpret some of his operations in a total correctness setting to bridge a gap between his requirements and those for partial correctness L-simulation. Formally, this is supported by the L-simulation theorem for total correctness, Theorem 9.9.

We close this chapter with some remarks on the history of this method.