Download presentation
Presentation is loading. Please wait.
1
VDM - Part II Models and Analysis of Software Lecture 4
Jerzy Nawrocki Models and Analysis of Software Lecture 4 VDM - Part II Copyright, 2003 © Jerzy R. Nawrocki Models & Analysis of Software, Lecture 4
2
From the previous lecture..
Jerzy Nawrocki From the previous lecture.. Introduction to VDM VDM = Very Difficult Method Model-based: basic types (integer, real, ..) and compound types (sets, sequences, ..) Implicit specification (what?) and explicit one (how?). No explicit support for concurrency and time. J. Nawrocki, Models & ... Models & Analysis of Software, Lecture 4
3
From the previous lecture..
Jerzy Nawrocki From the previous lecture.. Quantifiers That’s really different from Pascal! -- A prime number, n, is -- divisible only by 1 and n. IsPrime (n: N1) res: B post res k N1 (1 < k k < n) n mod k 0 J. Nawrocki, Models & ... Models & Analysis of Software, Lecture 4
4
From the previous lecture..
Jerzy Nawrocki From the previous lecture.. Pre-conditions Quotient (-6, 2) = 3 Quotient (a, b: Z) res: N pre b 0 post res = (abs a) div (abs b) J. Nawrocki, Models & ... Models & Analysis of Software, Lecture 4
5
From the previous lecture..
Jerzy Nawrocki From the previous lecture.. Sequences (I) -- CDs = sequence of Common Divisors CDs (a, b: N1) res: N1+ post res = [k | k N1 a mod k = 0 b mod k = 0] J. Nawrocki, Models & ... Models & Analysis of Software, Lecture 4
6
Characters and strings
Jerzy Nawrocki Plan of the lecture From the previous lecture.. Characters and strings Type invariants Records Miscellaneous J. Nawrocki, Models & ... Models & Analysis of Software, Lecture 4
7
Characters and strings
char - alfanumeric characters char* - possibly empty sequence of char char+ - nonempty sequence of char 'a' - a character literal "ABBA" - a string of chars (text) "S. Covey" = ['S', '.', ' ', 'C', 'o', 'v', 'e', 'y'] "S. Covey"(1)= 'S' J. Nawrocki, Models & ...
8
Characters and strings
Reversing a string -- Reversing a string of characters reverse(t: char*) res: char* post (t = [ ] res = [ ]) (t [ ] res = (tl t) [hd t] reverse("top") = "pot" J. Nawrocki, Models & ...
9
Characters and strings
Reversing a string -- Reversing a string of characters reverse(t: char*) res: char* post (t = [ ] res = [ ]) (t [ ] res = reverse(tl t) [hd t] reverse("top") = "pot" Important modification J. Nawrocki, Models & ...
10
Characters and strings
Integer to text conversion Can’t be simpler? d_seq= ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9'] -- Integer to text conversion i2t(i: N) t: char+ post (i=0 t="0") (i>0 t=i2t1(i)) i2t1(i: N) t: char* post (i=0 t= [ ]) (i>0 t=i2t1(i div 10) [d_seq(i mod )]) J. Nawrocki, Models & ...
11
Plan of the lecture Type invariants From the previous lecture..
Jerzy Nawrocki Plan of the lecture From the previous lecture.. Characters and strings Type invariants Records Miscellaneous J. Nawrocki, Models & ... Models & Analysis of Software, Lecture 4
12
Declaration of invariants
Type invariants Declaration of invariants 0 b b 1 resembles 0 b 1 Id = T inv Pattern Boolean_condition Bit = N inv Bit 0 b b 1 Bit = {b | b N 0 b b 1} J. Nawrocki, Models & ...
13
Defining prime numbers
Type invariants Defining prime numbers More reusable and readable! Prime = N1 inv Prime i N1 (1<i i<a) a mod i 0 is_prime(a: N1) res: B post res = i N1 (1<i i<a) a mod i 0 Prime = N1 inv Prime is_prime(a) J. Nawrocki, Models & ...
14
Here the defined type is used.
Type invariants Using prime numbers -- Checking if every even number between a and b -- can be represented as a sum of 2 prime numbers goldbach(a,b: N1) res: B pre a b post res = i N1 (a i i b i mod 2 = 0) x,y: Prime i= x+y Here the defined type is used. J. Nawrocki, Models & ...
15
Plan of the lecture Records From the previous lecture..
Jerzy Nawrocki Plan of the lecture From the previous lecture.. Characters and strings Type invariants Records Miscellaneous J. Nawrocki, Models & ... Models & Analysis of Software, Lecture 4
16
Records Record definition ‘FamilyN’ Rec:: Field1 : T1 stands for
‘Family Name’ Rec:: Field1 : T1 Field2 : T2 . . . Fieldn : Tn Worker:: FamilyN: char+ FirstN: char+ Hours: N J. Nawrocki, Models & ...
17
Selecting the field ‘Hours’.
Records Field selection Rec.Field WorkersFile = Worker* total_hours(w: WorkersFile) res: N post (w=[ ] res = 0) (w [ ] res = (hd w).Hours + total_hours(tl w) Selecting the field ‘Hours’. J. Nawrocki, Models & ...
18
Plan of the lecture Miscellaneous From the previous lecture..
Jerzy Nawrocki Plan of the lecture From the previous lecture.. Characters and strings Type invariants Records Miscellaneous J. Nawrocki, Models & ... Models & Analysis of Software, Lecture 4
19
Unions T1 | T2 Enumerated types: Signal = RED | AMBER | GREEN
J. Nawrocki, Models & ...
20
Optional types N N N nil - absence of a value Optional type:
Optional type operator: Expression = nil | nil or [ ] N N N if next(P) = nil .. J. Nawrocki, Models & ...
21
Explicit functions N max: x x max (x, y, z)
func_name: T1 x T2 x .. x Tn T func_name(Id1, Id2, .., Idn) E pre B max: x x max (x, y, z) if (y x) (z x) then x elseif (x y) (z y) then y else z N J. Nawrocki, Models & ...
22
Polymorphic functions
max max (x, y, z) if (y x) (z x) then x elseif (x y) (z y) then y else z result = max [ ] (1, 2, 3) N result = max [ ] (1.1, 2.2, 3.3) R J. Nawrocki, Models & ...
23
State N state Id of field_list inv invariant_definition
init initialisation end state maximum of max: init mk_maximum(m) m=0 end N J. Nawrocki, Models & ...
24
State R Another example state Id of field_list
inv invariant_definition init initialisation end Another example state aircraft of speed: height: inv mk_aircraft(-,h) (h 0.0) init mk_aircraft(s,h) (s=0.0) (h= 0.0) end R J. Nawrocki, Models & ...
25
Implicit operations N Op_name (Id1: T1, .., Idk:Tk) Idr: Tr
ext Access_vars pre B post B’ Access_vars: rd or wr prefix MAX3() ext rd x, y, z: wr max: post (x max) (y max) (z max) (max {x, y, z}) N J. Nawrocki, Models & ...
26
Implicit operations N Old state: variable MAX_NUM(n: ) ext wr max:
post (n max) (max = max max = n) N J. Nawrocki, Models & ...
27
Error definitions N PUT_YEAR(year: ) ext wr yr: pre year 1994
post yr = year errs yr2dXIX: 94 year year 99 yr= year+1900 yr2dXX: year < 94 yr = year+2000 N J. Nawrocki, Models & ...
28
Explicit operations N o OPER_NAME: T1 x .. x Tn T
OPER_NAME (Id1, Id2, .., Idn) Expression pre B MAX_NUM: () MAX_NUM (n) if max < n then max:= n else skip N o J. Nawrocki, Models & ...
29
Conditionals if B1 then ES1 elseif B2 then ES2 . . .
elseif Bn then ESn else ES cases Es: P1 ES1 . . . Pn ESn others ES end J. Nawrocki, Models & ...
30
Iteration statements for Id= E1 to E2 by Inc do St for Id in Sq do St
for Id in reverse Sq do St for all Id E do St while B do St J. Nawrocki, Models & ...
31
Summary At last! Character string = sequence.
Type invariants allow to define quite complicated types (e.g. prime numbers). Records allow do specify database-like computations. At last! J. Nawrocki, Models & ...
32
Jerzy Nawrocki Homework Specify a function digit 5 that returns a sequence of decimal digits of a number k (see functions digits3 and digits2). Specify an example of a function that would be an implementation of a JOIN operation in a relational database. Specify a polymorphic projection and selection operation. J. Nawrocki, Models & ... Models & Analysis of Software, Lecture 4
33
Jerzy Nawrocki Further readings A. Harry, Formal Methods Fact File, John Wiley & Sons, Chichester, 1996. J. Nawrocki, Models & ... Models & Analysis of Software, Lecture 4
34
Quality assessment 1. What is your general impression? (1 - 6)
2. Was it too slow or too fast? 3. What important did you learn during the lecture? 4. What to improve and how? J. Nawrocki, Models & ...
Similar presentations
