Formal Specification Thomas Alspaugh ICS 221 2002 Nov 7.

Slides:

Advertisements

Similar presentations

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Advertisements

Kees van Deemter Matthew Stone Formal Issues in Natural Language Generation Lecture 4 Shieber 1993; van Deemter 2002.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 11.

LIFE CYCLE MODELS FORMAL TRANSFORMATION

Knowledge Representation Methods

ISBN Chapter 3 Describing Syntax and Semantics.

1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.

Software Reliability CIS 640 Adapted from the lecture notes by Doron Pelel (

Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.

Software Testing. Overview Definition of Software Testing Problems with Testing Benefits of Testing Effective Methods for Testing.

Formal Methods. Importance of high quality software ● Software has increasingly significant in our everyday activities - manages our bank accounts - pays.

COMP2001 Testing. Aims of Testing To achieve a correct system producing correct results with a variety of input data.

Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Operational Semantics.

Temporal Logic of Actions (TLA) Leslie Lamport

From Chapter 4 Formal Specification using Z David Lightfoot

Validating and Improving Test-Case Effectiveness Author: Yuri Chernak Presenter: Lam, Man Tat.

Tim Sheard Oregon Graduate Institute Lecture 11: A Reduction Semantics for MetaML CS510 Section FSC Winter 2005 Winter 2005.

Describing Syntax and Semantics

School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification

MCA –Software Engineering Kantipur City College. Topics include  Formal Methods Concept  Formal Specification Language Test plan creation Test-case.

Software Test Plan Why do you need a test plan? –Provides a road map –Provides a feasibility check of: Resources/Cost Schedule Goal What is a test plan?

University of Toronto Department of Computer Science CSC444 Lec04- 1 Lecture 4: Software Lifecycles The Software Process Waterfall model Rapid Prototyping.

University of Toronto Department of Computer Science © 2001, Steve Easterbrook CSC444 Lec17 1 Lecture 17: Formal Modeling Methods Formal Modeling Techniques.

Predicates and Quantifiers

Formal Methods 1. Software Engineering and Formal Methods  Every software engineering methodology is based on a recommended development process  proceeding.

PZ01A Programming Language design and Implementation -4th Edition Copyright©Prentice Hall, PZ01A -- Introduction Programming Language Design and.

Verification and Validation Yonsei University 2 nd Semester, 2014 Sanghyun Park.

Faye Business Systems Group presents: The Top 10 Reasons Why CRM Implementations Fail.

Project Tracking. Questions... Why should we track a project that is underway? What aspects of a project need tracking?

Verification and Validation Overview References: Shach, Object Oriented and Classical Software Engineering Pressman, Software Engineering: a Practitioner’s.

Mathematical Modeling and Formal Specification Languages CIS 376 Bruce R. Maxim UM-Dearborn.

Introduction to Formal Methods Based on Jeannette M. Wing. A Specifier's Introduction to Formal Methods. IEEE Computer, 23(9):8-24, September,

Overview of Formal Methods. Topics Introduction and terminology FM and Software Engineering Applications of FM Propositional and Predicate Logic Program.

University of Toronto Department of Computer Science © Steve Easterbrook. This presentation is available free for non-commercial use with attribution.

Chapter 22 Developer testing Peter J. Lane. Testing can be difficult for developers to follow  Testing’s goal runs counter to the goals of the other.

School of Computing and Mathematics, University of Huddersfield CIA2326: Week 11 LECTURE: Formal Specification TUTORIAL/PRACTICAL: Finish off last weeks.

1 Introduction to Software Engineering Lecture 1.

Course Overview and Road Map Computability and Logic.

Chapter 1, Part II: Predicate Logic With Question/Answer Animations.

Safety-Critical Systems 5 Testing and V&V T

Requirements Specification. Welcome to Software Engineering: “Requirements Specification” “Requirements Specification”  Verb?  Noun?  “Specification”

Formal Methods in Software Engineering 1

Hazırlayan DISCRETE COMPUTATIONAL STRUCTURES Propositional Logic PROF. DR. YUSUF OYSAL.

Uncertainty Management in Rule-based Expert Systems

What is Testing? Testing is the process of finding errors in the system implementation. –The intent of testing is to find problems with the system.

CS 1813 Discrete Mathematics, Univ Oklahoma Copyright © 2000 by Rex Page 1 Lecture 2 CS 1813 – Discrete Mathematics Proofs Propositions and Calculuses.

© 2006 Pearson Addison-Wesley. All rights reserved 2-1 Chapter 2 Principles of Programming & Software Engineering.

SWE 513: Software Engineering

Slide 1 A Reference Model for Requirements and Specifications NOTES.

CSCI1600: Embedded and Real Time Software Lecture 28: Verification I Steven Reiss, Fall 2015.

CSC3315 (Spring 2009)1 CSC 3315 Languages & Compilers Hamid Harroud School of Science and Engineering, Akhawayn University

Course: Software Engineering – Design I IntroductionSlide Number 1 What is a specification Description of a (computer) system, which:  is precise;  defines.

Metalogic Soundness and Completeness. Two Notions of Logical Consequence Validity: If the premises are true, then the conclusion must be true. Provability:

Formal Methods. What Are Formal Methods Formal methods refers to a variety of mathematical modeling techniques that are applicable to computer system.

Artificial Intelligence Knowledge Representation.

ALLOY: A Formal Methods Tool Glenn Gordon Indiana University of Pennsylvania COSC 481- Formal Methods Dr. W. Oblitey 26 April 2005.

Section 1.7. Section Summary Mathematical Proofs Forms of Theorems Direct Proofs Indirect Proofs Proof of the Contrapositive Proof by Contradiction.

Software Design and Development Development Methodoligies Computing Science.

Knowledge Representation Lecture 2 out of 5. Last Week Intelligence needs knowledge We need to represent this knowledge in a way a computer can process.

CENG 424-Logic for CS Introduction Based on the Lecture Notes of Konstantin Korovin, Valentin Goranko, Russel and Norvig, and Michael Genesereth.

Algorithms II Software Development Life-Cycle.

A Reference Model for Requirements and Specifications

Verification and Validation Overview

Matching Logic - A New Program Verification Approach -

CSE 311 Foundations of Computing I

CSE 20: Discrete Mathematics for Computer Science Prof. Shachar Lovett

Software Verification, Validation, and Acceptance Testing

Human Computer Interaction Lecture 14 HCI in Software Process

Basic Systems Management Employing Security Policies

Presentation transcript:

Formal Specification Thomas Alspaugh ICS Nov 7

What is formal specification? The broad view:  Any use of discrete mathematics …  that involves modelling and analysis …  underpinned by mathematically-precise model And the narrow view:  A use of a formal language (syntax)...  with formal reasoning about its formulae (semantics)

What sorts of “things” can be formal specifications? Operational  The specification is executable  Examples: Scheme, Prolog, Smalltalk State-based  Arbitrarily-complex state (value of a data structure)  Operations that change the state  Example: Z Algebraic  Language of formulae  Operations that convert one formula to another  Example: Larch

What sort of decisions and operations are involved? Example: propositional logic  we have primitives (var’s, brackets, const’s)  we have connectives (and, or, not)  we have quantifiers (existential, universal)  we have deduction rules Expressions, open (?) or closed (tt or ff) Have to take it “all the way down” to do anything  Quantified over what universe?  What is the denotation?  What do tt and ff mean?

What would we do with formal specification? We show two specifications are consistent (identical, or one a refinement of the other) We show a specification has some property We show a specification is complete (with respect to some criterion) We show a specification is self-consistent We show a specification is well-formed

What is the landscape in which formal specifications fit? We have:  the real world (domain properties D)  the statement of the problem (requirements R)  the specification of the solution (S)  the implementation of the solution (program P)  the system the software runs on (computer) Verification: correctness  of solution S against problem R  of implementation P against specification S and...

What about validation? More useful than correctness Of system P+C against world D+R Of R -- completeness (all important requirements) Of D -- completeness (all relevant domain properties) We are usually (no, always) operating with incomplete information

What kinds of things do we say? D = Domain properties R = Requirements S = Specification -- bridge between D,R and P,C P = Program properties C = Computer (hardware) properties Assuming C, then S + D imply R  we hope!

What are examples of R, D, S? Requirement R:  “Reverse thrust shall only be enabled when the aircraft is moving on the ground.” Domain properties D:  Wheel pulses are present iff wheels are turning  Wheels are turning iff plane is moving on ground Specification S:  Reverse thrust is enabled iff wheel pulses present S + D imply R D is weak point

What are examples of R, D, S? R  Database only accessed by authorized persons D  Authorized persons have passwords  Passwords are never shared with others S  Access to database shall be granted by password S + D imply R Again, D is weak point

Where do things go wrong? The computer is wrong (very rare)  power, chip, OS, device, network,...  detect with testing, certification through use,... The program is wrong (uncommon)  bug, misunderstood spec, poor configuration control  detect with testing to spec, inspection, walkthroughs The specification is wrong (common)  misunderstood reqs, incomplete, inconsistent  detect with inspection, formal verification, end-to-end testing

Where do things go wrong? (ii) The requirements are wrong (common)  not enough communication with users, not enough analysis, change not handled correctly  detect with inspections, customer reviews, modelling, formal validation, prototyping The domain properties are wrong (very common)  lack of expertise, unquestioned assumptions, not enough domain analysis  detect with failure analysis, talking to the right experts, testing off-nominal cases

How can formality help? Formalize S  precise baseline to verify P against  we don’t prove correctness unless it’s really really important  as a model to compare against R

How can formality help? Formalize D  reason about completeness  reason about how D affects S  forces us to be precise and explicit

How can formality help? Formalize R  to animate them  to test for consistency and coherence  to test for completeness (against some underlying model)

Why don’t we do more of it? Formal approaches are usually at lower level  too much detail too soon  too many decisions too soon Concentrate on consistency and completeness  which we usually don’t have

Why don’t we do more of it? Where to use it appropriately?  attached to one tool or language  are we modelling the program or the requirements?  scaleability (of tools) “It requires more effort”  takes time  takes training  payoff is deferred Not always appropriate