Reusing Formal Models via Lifting

Formal modelling methods rightly focus on the primary goal of verifying properties. This can however, lead to inadequate facilities for structuring the model into manageable verification components. For example, the Event-B language is designed to achieve a high level of automatic theorem proofs through a linear sequence of refinements. In previous work, we introduced a mechanism to structure models via an inclusion mechanism using event synchronisations but this did not deal with generalised instantiations of a model component. Here we introduce a lifting mechanism that can be used in conjunction with inclusion to introduce multiple instances of a separately verified model lifted to an arbitrary set of instances. This allows localised properties to be proven without the complications caused by multiple instances as well as enhancing the usability of the inclusion feature.