Presentation is loading. Please wait.

Presentation is loading. Please wait.

Session 9 Crosscutting Techniques in Program Specification and Analysis Mark Stobbe October 8, 2007 1.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Session 9 Crosscutting Techniques in Program Specification and Analysis Mark Stobbe October 8, 2007 1."— Presentation transcript:

1 Session 9 Crosscutting Techniques in Program Specification and Analysis Mark Stobbe October 8, 2007 1

2 Outline Hob system –Implementation –Specification –Abstraction Scopes Examples Finishing touch 2

3 Hob hob. 1. The block in the center of a wheel, from which the spokes radiate, and through which the axle passes; -- called also hub or hob. Webster's Revised Unabridged Dictionary, © 1996, 1998 MICRA, Inc. The goal of the Hob project is to verify sophisticated properties of programs that manipulate complex, heterogenous data structures. 3

4 Hob system Verify data structures Abstract set specification Different analysis –Flags –Linked data structures (PALE) –Theorem prover (Isabelle) Patrick Lam – February 2007 Implementation is 10,000 lines O’Caml Flags (2000), PALE (700), Theorem prover (1000) 4

5 Answering question 5 Answer Usage seems to be fairly low, in contrast to the more common specification languages like Z, Spec# and JML. Question The paper talks about the Hob program specification, analysis and verification system and how it is implemented. But can you tell some more about it (about the users, usage, maybe a small example about it)? (Robin)

6 Hob system Implementation section –code –formats (inter-type declarations) Specification section –interfaces for procedures (requires/modifies/ensures) –defaults Abstraction section –specify the connection between implementation and specification 6

7 Answering question 7 Answer No. Hob uses a syntactically similar language to Java on statement level and a custom procedure implementation. Common object-oriented features such as inheritance, dynamic dispatch and object-based encapsulation are not supported. Question Does Hob support the OO concept of inheritance? (Martijn)

8 Answering question 8 Answer Formats describe the necessary fields to define a data structure. These fields can crosscut the data structure itself, but with formats they are centralized to one location. With inter-type declarations in AspectJ this is the same, you can add fields to a class, centralized in one place. Question In paper they state that formats can be viewed as a case of inter-type declarations in AspectJ. Could you indicate what they have in common? (Alesya)

9 Answering question 9 Answer You have the possibility to define defaults for a whole specification module or use the pointcut notation they defined. Therefore it is entirely in the hands of the programmer what should be defaulted. Notice that this is similar to the pointcuts in AspectJ. Question If you have a lot of defaults specified, doesn't that make it easy to make mistakes (especially in bigger systems)? Either because you think something already has a default or by not realizing that something has a default. In the paper in section 4 they claim the opposite, but I think it all just depends on how clear it is to the programmer, perhaps by tool support. Any thoughts on this? (Christiaan)

10 Scopes 10

11 Answering question 11 Answer The places where you invoke a procedure. Question The paper mentions "call sites". What are they? (Martijn)

12 Flag plugin Abstract interpretation 12 impl module UseList { format Node {} proc use() { Node n1; Node n2; n1 = new Node(); n2 = new Node(); List.add(n1); List.add(n2); List.remove(n2); List.remove(n1); } spec module UseList { proc use() requires List.Content = {} modifies List.Content calls List ensures List.Content’ = {}; } abst module UseList { use plugin "flags"; }

13 Pointer Assertion Logic Engine 13 impl module DLLIter { format Node { next : Node; prev : Node; } var root, current : Node; proc isEmpty() returns e:bool { return root == null; } proc add(n : Node) {... } proc remove(n : Node) { if (n==current) { current = current.next; } if (n==root) { root = root.next; } Node prv = n.prev, nxt = n.next; if (prv!=null) { prv.next = nxt; } if (nxt!=null) { nxt.prev = prv; } n.next = null; n.prev = null; } proc openIter() { current = root; } proc nextIter() returns n : Node { Node n1 = current; current = current.next; return n1; } proc isLastIter() returns e: bool { return current == null; } proc closeIter() { current = null; } }

14 14 spec module DLLIter { format Node; specvar Content, Iter : Node set; invariant Iter in Content; proc isEmpty() returns e:bool ensures e’ (|Content’| = 0); proc add(n : Node) requires |n| = 1 & ¬(n in Content) modifies Content ensures (Content’ = Content + n); proc remove(n : Node) requires |n| = 1 & (n in Content) modifies Content, Iter ensures (Content’ = Content - n) & (Iter’ = Iter - n); proc openIter() requires |Iter| = 0 modifies Iter ensures (Iter’ = Content); proc nextIter() returns n : Node requires |Iter| >= 1 modifies Iter ensures |n’| = 1 & (n’ in Iter) & (Iter’ = Iter - n’); proc isLastIter() returns e:bool ensures ¬e (|Iter’| >= 1); proc closeIter() modifies Iter ensures |Iter’| = 0; }

15 15 abst module DLLIter { use plugin "PALE"; Content = { n : Node | "root n" }; Iter = { n : Node | "current n" }; invariant "type Node = { data next:Node; pointer prev:Node[thisˆNode.next = {prev}]; }"; invariant "data root : Node;"; invariant "pointer current : Node;"; } Final glue… Pointer Assertion Logic Engine

16 Answering question 16 Answer Hyperslices are similar to aspects. A hyperslice is defined inside a hyperspace and it encapsulates one concern. Hyper/J uses hyperslices to solve the problem of crosscutting functionality. Hyper/J falls in the category of subject-oriented techniques. Question In the paper they mention Hyperslices a couple of times. I don't really know what they are but if you have extra time perhaps you can give a short intro to them to put it in perspective. (Christiaan)

17 Answering question 17 Answer There is more mathematical approach using superposition. Superposition is a way to reason about first-order logic equations. Most theorem provers nowadays are based on superposition. The idea is to slice the specification in views, which all describe one concern. Together with some first-order logic you can then verify the program according to the specification. Another system is Moxa. Moxa uses crosscutting to cope with the problem of specification aggregation. Basically it is an extended version of the Java Modeling Language (JML) with aspects applied. Question Are there any other methods/techniques for program specification, analysis and verification for Aspect Oriented Programming/AspectJ? (Robin)

18 Continue answering question 18 Answer There has also been some research into checking aspect-oriented programs. One way described in the paper by S. Krishnamurthi, is to take the verification system for the base program. At each join point where an aspect is applied you keep the state of the verification system and you check this against the aspects specification. Question Are there any other methods/techniques for program specification, analysis and verification for Aspect Oriented Programming/AspectJ? (Robin)

19 Answering question 19 Answer The paper is a draft. Did you notice the other mistakes in the examples? And, of course, the spelling mistakes? Question In figure 3 in format Cell they have init:bool twice. Do you have any idea why that is? Could this somehow be related to scopes or something? (Christiaan)

Download ppt "Session 9 Crosscutting Techniques in Program Specification and Analysis Mark Stobbe October 8, 2007 1."

Similar presentations

Agenda Definitions Evolution of Programming Languages and Personal Computers The C Language.

Agenda Definitions Evolution of Programming Languages and Personal Computers The C Language.
Department of Computer Engineering Faculty of Engineering, Prince of Songkla University 1 5 – Abstract Data Types.

Department of Computer Engineering Faculty of Engineering, Prince of Songkla University 1 5 – Abstract Data Types.
Aspect Oriented Programming. AOP Contents 1 Overview 2 Terminology 3 The Problem 4 The Solution 4 Join point models 5 Implementation 6 Terminology Review.

Aspect Oriented Programming. AOP Contents 1 Overview 2 Terminology 3 The Problem 4 The Solution 4 Join point models 5 Implementation 6 Terminology Review.
An Aspect-Oriented Approach For Web Application Access Control Presented by: Mohamed Hassan Carleton University Carleton University

An Aspect-Oriented Approach For Web Application Access Control Presented by: Mohamed Hassan Carleton University Carleton University
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 32 Slide 1 Aspect-oriented Software Development.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 32 Slide 1 Aspect-oriented Software Development.
Chapter 6 Problem Solving and Algorithm Design. 6-2 Chapter Goals Determine whether a problem is suitable for a computer solution Describe the computer.

Chapter 6 Problem Solving and Algorithm Design. 6-2 Chapter Goals Determine whether a problem is suitable for a computer solution Describe the computer.
Georgia Institute of Technology Workshop for CS-AP Teachers Chapter 3 Advanced Object-Oriented Concepts.

Georgia Institute of Technology Workshop for CS-AP Teachers Chapter 3 Advanced Object-Oriented Concepts.
Classes and Object- Oriented... tMyn1 Classes and Object-Oriented Programming The essence of object-oriented programming is that you write programs in.

Classes and Object- Oriented... tMyn1 Classes and Object-Oriented Programming The essence of object-oriented programming is that you write programs in.
Software Engineering and Design Principles Chapter 1.

Software Engineering and Design Principles Chapter 1.
Liang, Introduction to Java Programming, Eighth Edition, (c) 2011 Pearson Education, Inc. All rights reserved. 0132130807 1 Immutable Objects and Classes.

Liang, Introduction to Java Programming, Eighth Edition, (c) 2011 Pearson Education, Inc. All rights reserved Immutable Objects and Classes.
Jump to first page 1 System Design (Finalizing Design Specifications) Chapter 3d.

Jump to first page 1 System Design (Finalizing Design Specifications) Chapter 3d.
PowerPoint Presentation for Dennis, Wixom & Tegarden Systems Analysis and Design Copyright 2001 © John Wiley & Sons, Inc. All rights reserved. Slide 1.

PowerPoint Presentation for Dennis, Wixom & Tegarden Systems Analysis and Design Copyright 2001 © John Wiley & Sons, Inc. All rights reserved. Slide 1.
© Copyright Eliyahu Brutman Programming Techniques Course.

© Copyright Eliyahu Brutman Programming Techniques Course.
© 2006 Pearson Addison-Wesley. All rights reserved2-1 Chapter 2 Principles of Programming & Software Engineering.

© 2006 Pearson Addison-Wesley. All rights reserved2-1 Chapter 2 Principles of Programming & Software Engineering.
Session 15 Modeling Traceability of Concerns in Architectural Views Mark Stobbe October 29, 2007 1.

Session 15 Modeling Traceability of Concerns in Architectural Views Mark Stobbe October 29,
Basic Concepts Chapter 1 Objectives

Basic Concepts Chapter 1 Objectives
C++ fundamentals.

C++ fundamentals.
Copyright © 2009 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Java Software Solutions Foundations of Program Design Sixth Edition by Lewis.

Copyright © 2009 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Java Software Solutions Foundations of Program Design Sixth Edition by Lewis.
IT PUTS THE ++ IN C++ Object Oriented Programming.

IT PUTS THE ++ IN C++ Object Oriented Programming.
© Curriculum Foundation1 Section 2 The nature of the assessment task Section 2 The nature of the assessment task There are three key questions: What are.

© Curriculum Foundation1 Section 2 The nature of the assessment task Section 2 The nature of the assessment task There are three key questions: What are.

Similar presentations

Ads by Google