Although today’s software systems are distributed by necessity, their design verification and validation is still an open issue due to their ever-increasing complexity. This paper proposes a stepwise development method allowing a designer to build correct-by-construction distributed systems. System correctness is handled w.r.t.a realizability property. We assume a top-down approach where systems are specified with a global behavioral model referred to as conversation protocol (CP). This specification defines all allowed sequences of messages exchanged between distributed peers implied in that conversation. Given a CP, realizability is defined whether there exists a set of peers such that their interaction with each other leads to the same sequences as specified by the original CP. Our proposal ensures that the built CP is realizable-by-construction. We define a set of sufficient conditions preserving realizability at CP level. We then propose an algebra of operators for incremental CP building w.r.t.to the defined conditions. We also prove that our proposal is correct and we show how this is supported with mechanized proofs. Lastly, we implemented our approach using Rodin platform and validated it on several case studies.

尽管当今的软件系统是必须分发的，但是由于其不断增加的复杂性，其设计验证和确认仍然是一个未解决的问题。本文提出了一种逐步开发方法，允许设计人员构建按构造正确的分布式系统。系统的正确性是wrta可实现性的处理。我们假设一种自顶向下的方法，其中使用称为会话协议（CP）的全局行为模型来指定系统。该规范定义了该会话中隐含的分布式对等体之间交换的所有允许消息序列。给定一个CP，可实现性定义为是否存在一组对等体，以使它们之间的交互导致与原始对等体相同的序列CP。我们的建议确保了所构建的CP可通过构造实现。我们定义了一组在CP级别保持可实现性的充分条件。然后，我们提出了一个算子代数，用于在定义的条件下进行增量CP构建。我们还证明了我们的建议是正确的，并且展示了如何用机械化证明支持这一建议。最后，我们使用Rodin平台实施了我们的方法，并在一些案例研究中对其进行了验证。