Presentation is loading. Please wait.

Presentation is loading. Please wait.

TIVDM1VDMTools and Logic1 Peter Gorm Larsen. TIVDM1VDMTools and Logic2 Agenda  Overview of VDMTools ® Functionality Demonstration of VDMTools ® and Rational.

Published byPhilomena Mabel Lambert Modified over 8 years ago

Similar presentations

Presentation on theme: "TIVDM1VDMTools and Logic1 Peter Gorm Larsen. TIVDM1VDMTools and Logic2 Agenda  Overview of VDMTools ® Functionality Demonstration of VDMTools ® and Rational."— Presentation transcript:

1 TIVDM1VDMTools and Logic1 Peter Gorm Larsen

2 TIVDM1VDMTools and Logic2 Agenda  Overview of VDMTools ® Functionality Demonstration of VDMTools ® and Rational Rose Introduction to Logic

3 TIVDM1VDMTools and Logic3 VDMTools ® Overview The Rose-VDM++ Link Document Generator Code Generators - C++, Java Syntax & Type Checker API (Corba), DL Facility Interpreter (Debugger)Integrity CheckerJava to VDM++

4 TIVDM1VDMTools and Logic4 Japanese Support via Unicode

5 TIVDM1VDMTools and Logic5 Validation with VDMTools ® VDM specs Test cases Expected results Actual results Comparison Execution

6 TIVDM1VDMTools and Logic6 Documentation in MS Word/RTF One compound document: Documentation Specification Test coverage Test coverage statistics

7 TIVDM1VDMTools and Logic7 Architecture of the Rose VDM++ Link VDM++ Toolbox Rational Rose 2000 ClassRepositoryClassRepository Merge Tool VDM++ Files UMLDiagrams UML model file

8 TIVDM1VDMTools and Logic8 Integrity checker

9 TIVDM1VDMTools and Logic9 Reference Material The VDM++ Language for VICE, CSK, 2005 The VDM++ User Manual, CSK, 2005 The VDM++ Installation Guide, CSK, 2005 Rational Rose Link Plug-in Installation and User Guide, CSK, 2005

10 TIVDM1VDMTools and Logic10 Further Information An Executable Subset of Meta-IV with Loose Specification, P.G. Larsen, P.B. Lassen, VDM '91: Formal Software Development Methods, 1991An Executable Subset of Meta-IV with Loose Specification The IFAD VDM-SL Toolbox: A Practical Approach to Formal Specifications, R. Elmstrøm, P.G. Larsen, P.B. Lassen, ACM Sigplan Notices, September 1994The IFAD VDM-SL Toolbox: A Practical Approach to Formal Specifications Computer-aided Validation of Formal Specifications, P. Mukherjee, Software Engineering Journal, July 1995 Ten Years of Historical Development - ”Bootstrapping” VDMTools, P.G. Larsen, Journal of Universal Computer Science, 2001Ten Years of Historical Development - ”Bootstrapping” VDMTools

11 TIVDM1VDMTools and Logic11 Agenda Overview of VDMTools ® Functionality  Demonstration of VDMTools ® and Rational Rose Introduction to Logic

12 TIVDM1VDMTools and Logic12 Agenda Overview of VDMTools ® Functionality Demonstration of VDMTools ® and Rational Rose  Introduction to Logic

13 TIVDM1VDMTools and Logic13 Logic Our ability to state invariants, record pre-conditions and post-conditions, and the ability to reason about a formal model depend on the logic on which the modelling language is based. Classical logical propositions and predicates Connectives Quantifiers

14 TIVDM1VDMTools and Logic14 A temperature monitor example 30 20 10 0 123456789 Temperature (C) Time (s) The monitor records the last five temperature readings 251055

15 TIVDM1VDMTools and Logic15 A temperature monitor example The following conditions are to be detected by the monitor: 1.Rising: the last reading in the sample is greater than the first 2.Over limit: there is a reading in the sample in excess of 400 C 3.Continually over limit: all the readings in the sample exceed 400 C 4.Safe: If readings do not exceed 400 C by the middle of the sample, the reactor is safe. If readings exceed 400 C by the middle of the sample, the reactor is still safe provided that the reading at the end of the sample is less than 400 C. 5.Alarm: The alarm is to be raised if and only if the reactor is not safe

16 TIVDM1VDMTools and Logic16 Predicates and Propositions Predicates are simply logical expressions. The simplest kind of logical predicate is a proposition. A proposition is a logical assertion about a particular value or values, usually involving a Boolean operator to compare the values, e.g. 3 < 275 = 9

17 TIVDM1VDMTools and Logic17 Predicates A predicate is a logical expression that is not specific to particular values but contains variables which can stand for one of a range of possible values, e.g. x < 27 (x**2) + x - 6 = 0 The truth or falsehood of a predicate depends on the value taken by the variables.

18 TIVDM1VDMTools and Logic18 Predicates in the monitor example Monitor :: temps : seq of int alarm : bool inv m == len m.temps = 5 Consider a monitor m. m is a sequence so we can index into it: First reading in m : Last reading in m : Predicate stating that the first reading in m is strictly less than the last reading: The truth of the predicate depends on the value of m. m.temps(1) m.temps(5) m.temps(1) < m.temps(5)

19 TIVDM1VDMTools and Logic19 The rising condition The last reading in the sample is greater than the first Monitor :: temps : seq of int alarm : bool inv m == len m.temps = 5 We can express the rising condition as a Boolean function: Rising: Monitor -> bool Rising(m) == m.temps(1) < m.temps(5) For any monitor m, the expression Rising(m) evaluates to true iff the last reading in the sample in m is higher than the first, e.g. Rising( mk_Monitor([233,45,677,650,900], false) ) Rising( mk_Monitor([23,45,67,50,20], false) )

20 TIVDM1VDMTools and Logic20 Logical Operators (Connectives) We will examine the following logical operators: Negation (NOT) Conjunction (AND) Disjunction (OR) Implication (if – then) Biconditional (if and only if) Truth tables can be used to show how these operators can combine propositions to compound propositions.

21 TIVDM1VDMTools and Logic21 Negation Negation allows us to state that the opposite of some logical expression is true, e.g. The temperature in the monitor mon is not rising: not Rising(mon) Truth table for negation: P PP truefalse true

22 TIVDM1VDMTools and Logic22 Disjunction Disjunction allows us to express alternatives that are not necessarily exclusive: Over limit: There is a reading in the sample in excess of 400 C OverLimit: Monitor -> bool OverLimit(m) == m.temps(1) > 400 or m.temps(2) > 400 or m.temps(3) > 400 or m.temps(4) > 400 or m.temps(5) > 400 PQ PQPQ true falsetrue falsetrue false

23 TIVDM1VDMTools and Logic23 Conjunction Conjunction allows us to express the fact that all of a collection of facts are true. Continually over limit: all the readings in the sample exceed 400 C COverLimit: Monitor -> bool COverLimit(m) == m.temps(1) > 400 and m.temps(2) > 400 and m.temps(3) > 400 and m.temps(4) > 400 and m.temps(5) > 400 PQ PQPQ true false truefalse

24 TIVDM1VDMTools and Logic24 Implication Implication allows us to express facts which are only true under certain conditions (“if … then …”): Safe: If readings do not exceed 400 C by the middle of the sample, the reactor is safe. If readings exceed 400 C by the middle of the sample, the reactor is still safe provided that the reading at the end of the sample is less than 400 C. Safe: Monitor -> bool Safe(m) == m.temps(3) > 400 => m.temps(5) < 400 PQ PQPQ true false true false true

25 TIVDM1VDMTools and Logic25 Biimplication Biimplication allows us to express equivalence (“if and only if”). Alarm: The alarm is to be raised if and only if the reactor is not safe This can be recorded as an invariant property: Monitor :: temps : seq of int alarm : bool inv m == len m.temps = 5 and not Safe(m.temps) m.alarm PQ PQPQ true false truefalse true

26 TIVDM1VDMTools and Logic26 Operator Precedence and Associativity not has the highest precedence Followed by and, or, => and in that order => has right grouping i.e. oA => B => C without brackets means oA => (B => C) The other logical operators are associative so right and left grouping are equivalent, i.e. oA and (B and C) is identical to (A and B) and C

27 TIVDM1VDMTools and Logic27 Quantifiers For large collections of values, using a variable makes more sense than dealing with each case separately. inds m.temps represents indices (1-5) of the sample The “over limit” condition can then be expressed more economically as: exists i in set inds m.temps & temps(i) > 400 The “continually over limit” condition can then be expressed using “ forall ”: COverLimit: Monitor -> bool COverLimit(m) == forall i in set inds m.temps & temps(i) > 400

28 TIVDM1VDMTools and Logic28 Quantifiers Syntax: forall binding & predicate exists binding & predicate There are two types of binding: Type Binding, e.g. x : nat n : seq of char Set Binding, e.g. i in set inds m x in set {1,…,20} A type binding lets the bound variable range over a type (a possibly infinite collection of values). A set binding lets the bound variable range over a finite set of values.

29 TIVDM1VDMTools and Logic29 Universal quantification Universal quantification is a generalised form of conjunction For example, the statement “every natural number is greater than or equal to zero” is denoted by  n: nat  n  0 (  is a turned-round “A”, “for All” and written as “ forall ” in ASCII) “for all n drawn from the natural numbers, n is greater than or equal to zero” This statement is equivalent to (and a lot more succinct than): 0  0  1  0  2  0  3  0  …

30 TIVDM1VDMTools and Logic30 Questions Formulate the following statements using predicate logic: Everybody likes Danish pastry Everybody either likes Danish pastry or is a vegetarian Either everybody likes Danish pastry or everybody is a vegetarian Are the last two statements equivalent?

31 TIVDM1VDMTools and Logic31 Existential quantification Existential quantification allows us to assert that a predicate holds for at least one value — but not necessarily all values — of a given set For example, the statement “there is a natural number that is greater than or equal to zero” is denoted by:  n: nat  n  0 (  is a turned-round “E”, “there Exists” and written as “ exists ” in ASCII) “there exists an n drawn from the natural numbers such that n is greater than or equal to zero” 0  0  1  0  2  0  3  0  …

32 TIVDM1VDMTools and Logic32 Questions Formulate the following statements using predicate logic: Somebody likes Danish pastry There is somebody who either likes Danish pastry or is a vegetarian Either somebody likes Danish pastry or somebody is a vegetarian Are the last two statements equivalent?

33 TIVDM1VDMTools and Logic33 Quantifiers Several variables may be bound at once by a single quantifier, e.g. forall x,y in set {1,…,5} & X <> y => not m.temps(x) = m.temps(y) Would this predicate be true for the following value of m.temps ? [320, 220, 105, 119, 150]

34 TIVDM1VDMTools and Logic34 Formulation Questions All the readings in the sample are less than 400 and greater than 50. Each reading in the sample is up to 10 greater than its predecessor. There are two distinct readings in the sample which are over 400. forall i in set inds m.temps & m.temps(i) 50 forall i in set inds m.temps\{1} & m.temps(i – 1) >= m.temps(i) + 10 exists i,j in set inds m.temps & i <> j and m.temps(i) > 400 and m.temps(j) > 400

35 TIVDM1VDMTools and Logic35 Combination of quantifiers Assume we have a predicate with two free variables P(x,y) where x : X and y : Y Then quantifiers can be combined:  y : Y   x : X  P(x,y) or  y : Y   x : X  P(x,y) Would these be equal if X, Y are int and P = x >y? However if the same quantifier was used both places the expressions would be equivalent:  y : Y   x : X  P(x,y)   x : X   y : Y  P(x,y)  y : Y   x : X  P(x,y)   x : X   y : Y  P(x,y)

36 TIVDM1VDMTools and Logic36 Quantifiers Suppose we have to formalise the following property: There is a “single minimum” in the sequence of readings, i.e. there is a reading which is strictly smaller than any of the other readings. Suppose the order of the quantifiers is reversed. exists i in set inds m.temps & forall j in set inds m.temps & i <> j => m.temps(i) < m.temps(j)

37 TIVDM1VDMTools and Logic37 Questions Translate the following into English:  x:Elephant & grey(x)  x:ANIMAL & elephant(x) => grey(x)  x : ANIMAL & bird(x)  has-wings(x)   flies(x) Represent the following using predicate logic formulae: “Joanne is a teacher, she teaches AI, and likes chocolate.” “Some teachers do not like chocolate”

38 TIVDM1VDMTools and Logic38 Summary What have I presented today? Introduction to VDMTools ® Demonstration of VDMTools ® and Rose Introduction to Logic What do you need to do now? Read chapter 4 and 5 of the book for next week Start playing with the combination of VDMTools and Rose Read existing material about the selected project Formulate a new requirements definition for the project Decide upon the purpose of the model to develop Prepare presentation about this for the rest of us

39 TIVDM1VDMTools and Logic39 Quote of the day The successful construction of all machinery depends on the perfection of the tools employed, and whoever is the master in the art of tool-making possesses the key to the construction of all machines. Charles Babbage, 1851

Download ppt "TIVDM1VDMTools and Logic1 Peter Gorm Larsen. TIVDM1VDMTools and Logic2 Agenda  Overview of VDMTools ® Functionality Demonstration of VDMTools ® and Rational."

Similar presentations

Artificial Intelligence

Artificial Intelligence
L41 Lecture 2: Predicates and Quantifiers.. L42 Agenda Predicates and Quantifiers –Existential Quantifier  –Universal Quantifier 

L41 Lecture 2: Predicates and Quantifiers.. L42 Agenda Predicates and Quantifiers –Existential Quantifier  –Universal Quantifier 
Demonstration of VDMTools®

Demonstration of VDMTools®
Goals Determine the true value of statements with AND, OR, IF..THEN. Negate statements with the connectives above Construct truth tables Understand when.

Goals Determine the true value of statements with AND, OR, IF..THEN. Negate statements with the connectives above Construct truth tables Understand when.
Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.

Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.
From Chapter 4 Formal Specification using Z David Lightfoot

From Chapter 4 Formal Specification using Z David Lightfoot
Discrete Mathematics Math 6A Instructor: M. Welling.

Discrete Mathematics Math 6A Instructor: M. Welling.
Describing Syntax and Semantics

Describing Syntax and Semantics
CSE115/ENGR160 Discrete Mathematics 01/20/11 Ming-Hsuan Yang UC Merced 1.

CSE115/ENGR160 Discrete Mathematics 01/20/11 Ming-Hsuan Yang UC Merced 1.
Discrete Math 6A Max Welling. Recap 1. Proposition: statement that is true or false. 2. Logical operators: NOT, AND, OR, XOR, ,  3. Compound proposition:

Discrete Math 6A Max Welling. Recap 1. Proposition: statement that is true or false. 2. Logical operators: NOT, AND, OR, XOR, ,  3. Compound proposition:
Adapted from Discrete Math

Adapted from Discrete Math
Predicates and Quantifiers

Predicates and Quantifiers
Predicates & Quantifiers Goal: Introduce predicate logic, including existential & universal quantification Introduce translation between English sentences.

Predicates & Quantifiers Goal: Introduce predicate logic, including existential & universal quantification Introduce translation between English sentences.
Lecture 8 Introduction to Logic CSCI – 1900 Mathematics for Computer Science Fall 2014 Bill Pine.

Lecture 8 Introduction to Logic CSCI – 1900 Mathematics for Computer Science Fall 2014 Bill Pine.
The Foundations: Logic and Proofs

The Foundations: Logic and Proofs
2009/9 1 Logic and Proofs §1.1 Introduction §1.2 Propositional Equivalences §1.3 Predicates and Quantifiers §1.4 Nested Quantifiers §1.5~7 Methods of Proofs.

2009/9 1 Logic and Proofs §1.1 Introduction §1.2 Propositional Equivalences §1.3 Predicates and Quantifiers §1.4 Nested Quantifiers §1.5~7 Methods of Proofs.
Discrete Mathematics and Its Applications

Discrete Mathematics and Its Applications
Lecture for Week 6 2012 Spring.   Introduction to Propositional Logic  Types of Proposition  Operator and Truth table Agenda.

Lecture for Week Spring.   Introduction to Propositional Logic  Types of Proposition  Operator and Truth table Agenda.
Mathematical Structures A collection of objects with operations defined on them and the accompanying properties form a mathematical structure or system.

Mathematical Structures A collection of objects with operations defined on them and the accompanying properties form a mathematical structure or system.
1 COSC 4406 Software Engineering COSC 4406 Software Engineering Haibin Zhu, Ph.D. Dept. of Computer Science and mathematics, Nipissing University, 100.

1 COSC 4406 Software Engineering COSC 4406 Software Engineering Haibin Zhu, Ph.D. Dept. of Computer Science and mathematics, Nipissing University, 100.

Similar presentations

Ads by Google