Presentation is loading. Please wait.

Presentation is loading. Please wait.

Laurea Triennale in Informatica – Corso di Ingegneria del Software I – A.A. 2006/2007 Andrea Polini IX. System Models (III)

Published byNorma Clark Modified over 7 years ago

Similar presentations

Presentation on theme: "Laurea Triennale in Informatica – Corso di Ingegneria del Software I – A.A. 2006/2007 Andrea Polini IX. System Models (III)"— Presentation transcript:

1 Laurea Triennale in Informatica – Corso di Ingegneria del Software I – A.A. 2006/2007 Andrea Polini IX. System Models (III)

2 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 2 Objective Introduce formal descriptive notation Logic Algebraic Z

3 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 3 Logic Specifications Use of First Order Logic formula to describe program properties Expressions involve variables, numeric constants, functions, predicates. Logical connectives and, or, not, implies, for all, exists Examples x > y and y > z implies x>z for all i in N x[i] > x[i+1] for all M in N (exist n in N(n>M)) Free variables and bound variables

4 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 4 Logic Specifications – input/output assertions A property for a program or a subprogram P is specified as a formula of type {Pre(i 1,i 2,...,i n )} P {Post(O 1,O 2,...,O m,i 1,i 2,...,i n )}

5 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 5 input/output assertions - example {true} P {(o=i 1 or o=i 2 ) and o  i 1 and o  i 2 } {n>0} P {o=  k=1...n  i k } {(i 1 >0 and i 2 >0)} P {(exists z 1,z 2 (i 1 =o x z 1 and i 2 =o x z 2 ) and not (exists h(i 1 =h x z 1 and i 2 =h x z 2 ) and h>o))}

6 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 6 Generalising input/output assertions We would like to talk of programs fragments! The language should be able to refer variables defined within the program {n > 0} – n is a constant value procedure search(table: in integer_array; n: in integer; element: in integer; found: out Boolean); {found=(exist i(1<=i<=n and table(i)=element))}

7 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 7 input/output assertions and classes The language “predicates” over object variables and data structures defining: Invariants Object states Methods execution must preserve invariants Examples: set abstraction or ordered set abstraction Pre- and Post-conditions on each methods {INV and precondition} program fragment for m {INV and post-condition} Logical statements defined by the developer to increase verification power

8 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 8 Example public class Queue { Object[] queue; int length,head,tail,elementInQueue; public Queue(int length) { queue = new Object[length]; this.length=length;this.head=0;this.tail=0;this.elementInQueue=0; } public void insert(Object o) { queue[head]=o;head++;elementInQueue++; if (head==length) head=0; } public Object remove() { Object o = queue[tail];tail++;elementInQueue--; if (tail==length) tail=0; return o; } public boolean isEmpty() { return (head==tail); }

9 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 9 Design by Contract Engineering principle known as Design by Contract (DbC) Logical statements defined at the interface level Constitute the agreement among the contractor and the client Support in programming languages: Eiffel, JContractor... Design vs. Requirements using logic specifications Which is the universe of discourse?

10 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 10 Verification of Specifications Using FOT you specify that any implementation must guarantee that all of the given rules are true Logical expressions can be used to analyze system properties applying logical deduction Derive the formula from the specification of the system Operational formalisms do not allow to prove properties You can discover behaviour but you cannot provide a proof! Proving theorems is not a decidable problem within FOT

11 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 11 Algebraic Specification Large systems are decomposed into subsystems with well-defined interfaces between these subsystems. Specification of subsystem interfaces allows independent development of the different subsystems. Interfaces may be defined as abstract data types or object classes. The algebraic approach to formal specification is particularly well-suited to interface specification as it is focused on the defined operations in an object.

12 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 12 Specification elements Introduction Defines the sort (the type name) and declares other specifications that are used. Description Informally describes the operations on the type. Signature Defines the syntax of the operations in the interface and their parameters. Axioms Defines the operation semantics by defining axioms which characterise behaviour.

13 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 13 Systematic Algebraic Specification Algebraic specifications of a system may be developed in a systematic way Specification structuring; Specification naming; Operation selection; Informal operation specification; Syntax definition; Axiom definition.

14 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 14 Specification Operations Constructor operations. Operations which create entities of the type being specified. Inspection operations. Operations which evaluate entities of the type being specified. Rule of thumb: identify constructor operations and define inspector operations for each primitive constructor operation.

15 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 15 Operations on a List ADT Constructor operations which evaluate to sort List Create, Cons and Tail. Inspection operations which take sort list as a parameter and return some other sort Head and Length. Tail can be defined using the simpler constructors Create and Cons. No need to define Head and Length with Tail.

16 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 16 Operations on a List ADT LIST(ELEM) sort List imports INTEGER Defines a list where elements are added at the end and removed from the front. The operations are Create, which brings an empty list into existence, Cons, which creates a new list with an added member, Length, which evaluates the list size, Head, which evaluates the front element of the list, and Tail, which creates a list by removing the head from its input list. Undefined represents an undefined value of type Elem. Create --> List Cons(List, Elem) --> List Head(List) --> Elem Length(List) --> Integer Tail(List) --> List Head(Create) = Undefined exception (empty list) Head(Cons(L,v)) = if L = Create then v else Head(L) Length(Create)=0 Length(Cons(L,v)) = Length(L) + 1 Tail(Create) = Create Tail(Cons(L,v)) = if L = Create then Create else Cons(Tail(L),v)

17 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 17 Operations on a List ADT Operations are often specified recursively. Tail (Cons (L, v)) = if L = Create then Create else Cons (Tail (L), v). Cons ([5, 7], 9) = [5, 7, 9] Tail ([5, 7, 9]) = Tail (Cons ( [5, 7], 9)) = Cons (Tail ([5, 7]), 9) = Cons (Tail (Cons ([5], 7)), 9) = Cons (Cons (Tail ([5]), 7), 9) = Cons (Cons (Tail (Cons ([], 5)), 7), 9) = Cons (Cons ([Create], 7), 9) = Cons ([7], 9) = [7, 9]

18 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 18 Algebraic specifications Algebraic Specifications can be easily combined Reuse of algebras Import allow to reuse Assume allows to rewrite definition

19 Ingegneria del Software I – A.A. 2006/2007 Andrea Polini 19 Keynote Discussed two formalism for defining a software specification with a descriptive flavour Use of FOT Algebraic specification Operational spec better for simulation descriptive for analysis Limitations of analysis have been highlighted

Download ppt "Laurea Triennale in Informatica – Corso di Ingegneria del Software I – A.A. 2006/2007 Andrea Polini IX. System Models (III)"

Similar presentations

Formal Specifications

Formal Specifications
1 Note content copyright © 2004 Ian Sommerville. NU-specific content © 2004 M. E. Kabay. All rights reserved. Formal Specification IS301 – Software Engineering.

1 Note content copyright © 2004 Ian Sommerville. NU-specific content © 2004 M. E. Kabay. All rights reserved. Formal Specification IS301 – Software Engineering.
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Lilian Blot Announcements Teaching Evaluation Form week 9 practical session Formative Assessment week 10 during usual practical sessions group 1 Friday.

Lilian Blot Announcements Teaching Evaluation Form week 9 practical session Formative Assessment week 10 during usual practical sessions group 1 Friday.
Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers

Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 11.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 11.
1 University of Toronto Department of Computer Science © 2001, Steve Easterbrook Lecture 10: Formal Verification Formal Methods Basics of Logic first order.

1 University of Toronto Department of Computer Science © 2001, Steve Easterbrook Lecture 10: Formal Verification Formal Methods Basics of Logic first order.
Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.

Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.
ISBN 0-321-33025-0 Chapter 3 Describing Syntax and Semantics.

ISBN Chapter 3 Describing Syntax and Semantics.
1 Design by Contract Building Reliable Software. 2 Software Correctness Correctness is a relative notion  A program is correct with respect to its specification.

1 Design by Contract Building Reliable Software. 2 Software Correctness Correctness is a relative notion  A program is correct with respect to its specification.
1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.

1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.
1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.

1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.
CS 355 – Programming Languages

CS 355 – Programming Languages
Software Engineering and Design Principles Chapter 1.

Software Engineering and Design Principles Chapter 1.
Lecturer: Sebastian Coope Ashton Building, Room G.18 COMP 201 web-page: Lecture.

Lecturer: Sebastian Coope Ashton Building, Room G.18 COMP 201 web-page: Lecture.
Modified from Sommerville’s originalsSoftware Engineering, 7th edition. Chapter 10 Slide 1 Formal Specification.

Modified from Sommerville’s originalsSoftware Engineering, 7th edition. Chapter 10 Slide 1 Formal Specification.
Katz2004 236386--Formal Specifications Larch 1 Algebraic Specification and Larch Formal Specifications of Complex Systems 236368 Shmuel Katz The Technion.

Katz Formal Specifications Larch 1 Algebraic Specification and Larch Formal Specifications of Complex Systems Shmuel Katz The Technion.
Modified from Sommerville’s originalsSoftware Engineering, 7th edition. Chapter 10 Slide 1 Formal Specification.

Modified from Sommerville’s originalsSoftware Engineering, 7th edition. Chapter 10 Slide 1 Formal Specification.
©Ian Sommerville 2000Software Engineering, 6/e, Chapter 91 Formal Specification l Techniques for the unambiguous specification of software.

©Ian Sommerville 2000Software Engineering, 6/e, Chapter 91 Formal Specification l Techniques for the unambiguous specification of software.
Dr. Muhammed Al-Mulhem 1ICS535-101 ICS 535 Design and Implementation of Programming Languages Part 1 Fundamentals (Chapter 4) Axiomatic Semantics ICS 535.

Dr. Muhammed Al-Mulhem 1ICS ICS 535 Design and Implementation of Programming Languages Part 1 Fundamentals (Chapter 4) Axiomatic Semantics ICS 535.

Similar presentations

Ads by Google