School of Technology 1 Z: Operations on Schemas David Lightfoot based on work of Andrew Simpson
2 School of Technology Reference Using Z: Specification, Refinement, and Proof, Jim Woodcock and Jim Davies, Prentice-Hall, 1996 (Chapter 11)
3 School of Technology Agenda Operation schemas Input and output Initialisation schemas Schema disjunction Schema conjunction Schema negation
4 School of Technology The schema language The schema language is used to structure and compose mathematical descriptions of systems It collates pieces of information, encapsulates them, and names them for re-use It is the second component of the Z notation; the first is the mathematical language
5 School of Technology Change of state To describe the effect of an operation, we consider two copies of the state schema: one describing the state before, the other describing the state afterwards An operation schema describes the relationship between the two states The inclusion of two copies of the state ensures that the constraint part of the state schema (the state invariant) is preserved
6 School of Technology Operation schemas An operation schema includes two copies of the corresponding state schema: Operation ®State … We use the undecorated state to represent the state before the operation and the primed state to represent the state afterwards
7 School of Technology Example Purchase 0 ®BoxOffice ®… ®s? seating \ dom sold ®sold = sold {s? c?} ®seating = seating
8 School of Technology Input and output An operation may involve inputs and outputs These are declared in the normal way, although there is a convention regarding their names: the name of an input must end in a question mark ? the name of an output must end in an exclamation mark !
9 School of Technology Example Operation ®State ®i?: I ®o!: O ®…
10 School of Technology Example Purchase 0 ®BoxOffice ®s?: Seat ®c?: Customer ®s? seating \ dom sold ®sold = sold {s? c?} ®seating = seating
11 School of Technology (Delta) and (Xi) There is another convention regarding operation schemas: if a schema describes an operation upon a state described by S, we include S (‘delta S’)in its declaration (in place of S and S) if, in addition, the operation leaves the state unchanged we include S (in place of S)
12 School of Technology Example Purchase 0 ® BoxOffice ®s?: Seat ®c?: Customer ®s? seating \ dom sold ®sold = sold {s? c?} ®seating = seating
13 School of Technology Example An operation that leaves the state of the box office unchanged: QueryAvailability ® BoxOffice ®available!: ®available! = # (seating \ dom sold)
14 School of Technology Initialisation An initialisation is a special operation for which the before state is unimportant Such an operation can be modelled by an operation schema that contains only a decorated copy of the state: StateInit ®State ®…
15 School of Technology Question How might we complete the following? BoxOfficeInit ®BoxOffice ®allocation?: Seat ®…
16 School of Technology BoxOfficeInit BoxOfficeInit ®BoxOffice ®allocation?: Seat ®seating = allocation? ®sold =
17 School of Technology Schema disjunction If S and T are two schemas then their disjunction, S T is also a schema in which the declaration is a merging of the two declarations in which the constraint is a disjunction (‘oring’) of the two constraints
18 School of Technology Schema conjunction If S and T are two schemas then their conjunction, S T is also a schema in which the declaration is a merging of the two declarations in which the constraint is a disjunction (‘anding’) of the two constraints
19 School of Technology Schema negation If S is a schema then its negation, S is also a schema in which the declaration the same as that of S in which the constraint is the negation (‘noting’) of the constraint of S
20 School of Technology Examples S ®a: A ®b: B ®P T ®b: B ®c: C ®Q S T is equivalent to: ®a: A ®b: B ®c: C ®P Q S T is equivalent to: ®a: A ®b: B ®c: C ®P Q
21 School of Technology Examples S ®a: A ®b: B ®P S is equivalent to: ®a: A ®b: B ® P
22 School of Technology Example If we define: NotAvailable ® BoxOffice ® s?: Seat ®s? seating \ dom sold then the schema disjunction Purchase 0 NotAvailable describes a total operation
23 School of Technology Constructing operations Although disjunction is the obvious operator for constructing operation schemas, conjunction can also be useful Response ::= okay | sorry Success ®r!: Response ®r! = okay Failure ®r!: Response ®r! = sorry
24 School of Technology Total operation The operation of purchasing a seat may be described by: Purchase (Purchase 0 Success) (NotAvailable Failure)
25 School of Technology Question How might we complete the following operation? ReturnTicket 0 ® BoxOffice ®s?: Seat ®c?: Customer ®…
26 School of Technology ReturnTicket 0 ReturnTicket 0 ® BoxOffice ®s?: Seat ®c?: Customer ®s? c? sold ®sold = sold \ {s? c?} ®seating = seating
27 School of Technology Question How might we complete the following operation? ReturnNotPossible ® BoxOffice ®s?: Seat ®c?: Customer ®…
28 School of Technology ReturnNotPossible ReturnNotPossible ® BoxOffice ®s?: Seat ®c?: Customer ®s? c? sold
29 School of Technology Summary We may use operation schemas to describe the effect of operations on the state of our system The inclusion of S in an operation schema denotes that the operation will change the state of S The inclusion of S indicates that the operation is concerned with the state of S, but will leave it unchanged Operation schemas may have input and output An initialisation schema describes the state of our system at the beginning of its life Disjunction and conjunction may be used to combine operation schemas