Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Z Specification Language Based on J. M. Spivey. An Introduction to Z and formal specifications, Software Engineering Journal, 4(1):40-50, January,

Published byPeregrine Pearson Modified over 7 years ago

Similar presentations

Presentation on theme: "The Z Specification Language Based on J. M. Spivey. An Introduction to Z and formal specifications, Software Engineering Journal, 4(1):40-50, January,"— Presentation transcript:

1 The Z Specification Language Based on J. M. Spivey. An Introduction to Z and formal specifications, Software Engineering Journal, 4(1):40-50, January, 1989. 1

2 Outline Basic notation of Z for specifying states and operations Modularizing specification using schema calculus Refining specifications 2

3 Formal Specifications Use mathematical notation to describe properties of a system. Describe “what” the system must do without saying “how” it is to be done. Serve as a single, reliable reference point for those who investigate the customer’s needs, programmers, testers and those who writes instruction manuals for the system. Is independent of the program code. 3

4 Underlying Ideas of Z (“Zed”) Can use mathematical data types, e.g., numbers and sets, to model the data in a system. Can use predicate logic to describe the effects of operations. Can decompose a specification into small pieces called schemas, the main ingredient in Z. Can use schemas to describe both static and dynamic aspects of a system. 4

5 Characteristics of Z Based on sets and predicates (Zermelo- Fraenkel set theory) Semi-graphical or visual notation (e.g., open boxes and x? and y!) Schema for both data and operations Schema calculus for modularizing specifications Informal texts for explaining formal ones ISO standard, ISO/IEC 13568:2002 5

6 Static vs. Dynamic Aspects Static aspects –The states that a system can occupy. –The invariant relationships that are maintained as the system moves from state to state. Dynamic aspects –The operations that are possible. –The relationship between their inputs and outputs. –The changes of state that happen. 6

7 How to Specify Static Aspects? Use schemas---math in a box with a name attached---to describe the state space, i.e., state components/variables along with constraints. Example: BirthdayBook for recording people’s birthdays –known: set of names with birthdays recorded –birthday: function from names to birthdays –Q: What does the constraint/invariant say? 7

8 State Schema: More Examples Simple text editor with limited memory Editor state modeled by two state variables, the texts to the left and right of the cursor 8

9 Example: Birthday Book One possible state Stated properties –No limit on the number of birthdays recorded –No premature decision about the format of names and dates –Q: How many birthday can a person have? –Q: Does everyone have a birthday? –Q: Can two persons share the same birthday? 9

10 Exercise Write a Z specification to describe the state space of the following system. A teacher wants to keep a register of students in her class, and to record which of them have completed their homework. 10

11 Exercise Write a Z specification to describe the state space of the Battleship Game players. Battleship is a guessing game for two players. … Each player takes a turn to … 11 [PLAYER] Players

12 Exercise Rewrite the Players schema to introduce the notion of human and computer players. Use a free type, e.g., PLAYER ::= computer | human Or [NAME] PLAYER ::= computer | human > Q: Difference from PLAYER == { human, computer }? 12

13 How to Specify Dynamic Aspects? Use schemas to describe operations –Syntactic: name, input and output, state components –Semantic/behavior: input/output relationship, state change/side effect Example: AddBirthday –Q: What’re inputs, outputs, and the state components referred to? –Q: Is it total or partial? –Q: What’s the pre and post-conditions? –Q: What’s the meaning (semantic domain) of operation schemas? 13

14  And  Notation Syntactic sugar for introducing pre and post- state variables, e.g., –  BirthdayBook  [BirthdayBook; BirthdayBook’] –  BirthdayBook  [  BirthdayBook | ?] 14

15 Stating and Proving Properties E.g., known’ = known  {name?} 15

16 More Example: FindBirthday Use of  notation Specify no state change 16

17 More Example: Remind Use of set comprehension notation –Selection (|) vs. collection (  ) Q: What does it return? 17

18 More Example: InitBirthdayBook Describes the initial state of the system By convention, use Init as prefix Q: Initially, any maplet in the birthday function? 18

19 Exercise Write a Z specification to describe the operations of the following system. A teacher wants to keep a register of students in her class, and to record which of them have completed their homework. –An operation to enroll a new student –An operation to record that a student (already enrolled in the class) has finished the homework –An operation to enquire whether a student (who must be enrolled) has finished the homework (answer in the set {yes, no}). ANSWER ::= yes | no 19

20 Exercise Introduce operations to manage the two players of the Battleship Game. Write a Z specification to describe them by using the state schema defined earlier. E.g., –Changing the turn –Retrieving the active player –Retrieving the opponent (the other player) –… 20

21 Exercise Work on states or operations from Battleship Game that require quantifiers, E.g., –Any constraints on places, e.g., horizontal/vertical row and no overlap? –Operation for placing a ship? 21 Fleet places: SHIP  F PLACE … Fleet ships: F Ship … Ship places: F PLACE … [SHIP]

22 Schema Calculus Modularize specifications by building large schemas from smaller ones, e.g., –Separating normal operations from error handling –Separating access restrictions from functional behaviors –Promoting and framing operations, e.g., reading named a file from reading a file –… => Separation of concerns How? Provide operations for combining schemas, e.g., S 1  S 2 where S 1 and S 2 are schemas 22

23 Schema Calculus Schema operator for every logical connective and quantifier Conjunction and disjunction are most useful Merge declarations and combine predicates, S 1 [D 1 | C 1 ] S 2 [D 2 | C 2 ] S 1  S 2  [D 1 ; D 2 | C 1  C 2 ] 23

24 Example 24

25 More Examples Strengthening specifications by making partial operations total. Q: How to make AddBirthday total? 25

26 Strengthening AddBirthday REPORT ::= ok | already_known 26

27 RAddBirthday 27 Notice the framing constraint. Why?

28 Strengthening FindBirthday and Remind 28

29 RFindBirthday and RRemind REPORT ::= ok | already_known | not_known 29

30 Exercise Specify a robust version of the class register system. A teacher wants to keep a register of students in her class, and to record which of them have completed their homework. –An operation to enroll a new student –An operation to record that a student (already enrolled in the class) has finished the homework –An operation to enquire whether a student (who must be enrolled) has finished the homework (answer in the set {yes, no}). ANSWER ::= yes | no 30

31 Exercise Complete the HitShip operation below to hit a place of a ship. You may need to extend the definition of Fleet to record that fact that a place of a ship was hit. Make an improvement, HitShip result to specify the result (e.g., miss, hit, sink). Use schema calculus notation. 31 HitShip  Fleet place? : Place Fleet places: SHIP  F PLACE … [SHIP]

32 Refinement---From Specification to Designs and Implementation Previously, Z to specify a software module Now, Z to document the design of a programs Key idea: data refinement –Describe concrete data structures ( abstract data in specification) –Derive descriptions of operations in terms of concrete data structures –Often data refinement leads to operation refinement or algorithm development 32

33 Specification Refinement Done in a single or multiple steps Referred to as direct refinement and deferred refinement 33 concrete data concrete operationdataoperation data refinement operation refinement deferred refinement direct refinement abstraction relation

34 Implementation of Birthday Book Expressive clarity in abstract data structure Efficiency and representation in concrete data structure One possible representation NAME[] names; DATE[] dates; Q: Any better representation in Java? 34

35 Concrete State Model, BirthdayBook1 Arrays modeled mathematically modeled as functions: I.e., names[i] as names(i) andnames[i] = v as 35

36 Abstraction Relation, Abs Relation between abstract state space and concrete state space, e.g., BirthdayBook and BirthdayBook1 Q: Why abstract relation? 36

37 Operation Refinement, AddBirthday1 Manipulate names and dates arrays 37

38 Correctness of Operation Refinement Whenever AddBirthday is legal in some abstract state, the implementation AddBirthday1 is legal in any corresponding concrete state, i.e., Pre A  Pre C The final state which results from AddBirthday1 represents an abstract state which AddBirthday could produce, i.e., Post C  Post A 38 Op A Op C Pre A Post C Pre C Post C

39 Correctness of AddBirthday1 Pre A  Pre C, i.e.,  Does this hold? Yes, because: 39

40 Correctness of AddBirthday1 Post C  Post A Read the proof (p. 46) Abs(Post C )  Post A 40

41 Implementation of AddBirthday1 void addBirthday(NAME name, DATE date) { hwm++; names[hwm] = name; dates[hwm] = date; } 41

42 Refinement of FindBirthday 42

43 Refinement of Remind 43

44 Refinement of InitBirthdayBook 44

45 Exercise Implement the class register system specified earlier. Use two arrays. NAME[] names; YesOrNo[] finished; where YesOrNo is an enum consisting of yes and no. Document: –the concrete state space –the abstraction relation –the concrete operations 45

Download ppt "The Z Specification Language Based on J. M. Spivey. An Introduction to Z and formal specifications, Software Engineering Journal, 4(1):40-50, January,"

Similar presentations

© Fachgebiet Softwaretechnik, Heinz Nixdorf Institut, Universität Paderborn 2.4 The Z Notation [Reference: M. Spivey: The Z Notation, Prentice Hall]

© Fachgebiet Softwaretechnik, Heinz Nixdorf Institut, Universität Paderborn 2.4 The Z Notation [Reference: M. Spivey: The Z Notation, Prentice Hall]
1 Abstract Model Specification Tarang Garg Srikumar Nagaraj.

1 Abstract Model Specification Tarang Garg Srikumar Nagaraj.
Introducing Formal Methods, Module 1, Version 1.1, Oct., 1998 1 Formal Specification and Analytical Verification L 5.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
SOFTWARE TESTING. INTRODUCTION  Software Testing is the process of executing a program or system with the intent of finding errors.  It involves any.

SOFTWARE TESTING. INTRODUCTION  Software Testing is the process of executing a program or system with the intent of finding errors.  It involves any.
ISBN 0-321-33025-0 Chapter 3 Describing Syntax and Semantics.

ISBN Chapter 3 Describing Syntax and Semantics.
1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.

1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.
The Z Specification Language

The Z Specification Language
Object Oriented Design An object combines data and operations on that data (object is an instance of class) data: class variables operations: methods Three.

Object Oriented Design An object combines data and operations on that data (object is an instance of class) data: class variables operations: methods Three.
Formal Methods: Z CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 18, 2003.

Formal Methods: Z CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 18, 2003.
© Janice Regan 2004 1 Problem-Solving Process 1. State the Problem (Problem Specification) 2. Analyze the problem: outline solution requirements and design.

© Janice Regan Problem-Solving Process 1. State the Problem (Problem Specification) 2. Analyze the problem: outline solution requirements and design.
Schema Operators. State We can use the language of schemas to describe the state of a system, and operations upon it. Different aspects of the state --

Schema Operators. State We can use the language of schemas to describe the state of a system, and operations upon it. Different aspects of the state --
1 Z Schemas Chapter 7 Formal Specification using Z Example of Z specification Document.

1 Z Schemas Chapter 7 Formal Specification using Z Example of Z specification Document.
1 Introduction to Software Engineering Lecture 42 – Communication Skills.

1 Introduction to Software Engineering Lecture 42 – Communication Skills.
Refinements in Z Shmuel Katz The Technion Formal Specifications of Complex Systems (CS236368)

Refinements in Z Shmuel Katz The Technion Formal Specifications of Complex Systems (CS236368)
Schema Operators. State We can use the language of schemas to describe the state of a system, and operations upon it. Different aspects of the state --

Schema Operators. State We can use the language of schemas to describe the state of a system, and operations upon it. Different aspects of the state --
©Ian Sommerville 2000Software Engineering, 6/e, Chapter 91 Formal Specification l Techniques for the unambiguous specification of software.

©Ian Sommerville 2000Software Engineering, 6/e, Chapter 91 Formal Specification l Techniques for the unambiguous specification of software.
Describing Syntax and Semantics

Describing Syntax and Semantics
School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification

School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification
1 Z Schemas Chapter 6 Formal Specification using Z.

1 Z Schemas Chapter 6 Formal Specification using Z.
10 May 2009Instructor: Tasneem Darwish1 University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department Formal.

10 May 2009Instructor: Tasneem Darwish1 University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department Formal.

Similar presentations

Ads by Google