Go backward to 2 Why union AND extension?
Go up to Top
Go forward to 4 Complexity of specification expressions

3 Rôle of conservative extension

The rôle of conservative extensions is to protect the extended part. Whenever one has a specification Sp that extends a specification Sp' and the model class of Sp' should not be restricted by Sp, one should use a conservative extension. Note that the use of a conservative extension is only the statement of an intention that Sp does not modify Sp' and that it is the responsibility of the specifier to guarantee that Sp does not modify Sp'. Note that the use of conservative extensions generates a proof obligation that has to be discharged.

A common situation, where conservative extensions are used, is with parameters of generic specifications. For example in a generic specification of lists, the list specification should not restrict the model class of the parameter specification. This is expressed using a conservative generic extension (GEN-CONS-EXTN)

Another situation is the import of other specifications. For example, in a specification List of lists with a count function on lists, we have to refer to the specification of natural numbers. In general the intention is that the natural numbers are protected by List.

Note that a conservative extension should not be used if the extension is a refinement of the extended part. This means that the class of models of the extended part is restricted by the extension.

CoFI Note: M-1 --0.1-- 18 Sep 1997.
Comments to hubert@mpi-sb.mpg.de