1. Weakest pre-conditions and towards machine consistency Saima Zareen

2. Outline State Space Multiple assignment statements Post Condition Skip statement Conditional statement CASE statement Proof Obligations

3. State Space

4. Multiple Assignment statements

5. Post Condition A particular statement which is required to be true after executing S. Notation S [P] Exercise

6. skip The empty statement which has no effect at all on any part of the state. It is always guaranteed to terminate successfully and the state on termination will be the same as the state before it was executed. Predicate will remain same before and after skip executes [skip]P=P

7. Conditional Statement Programming languages provide conditional statements which allow branching depending on a particular value on the state. The most common of this is If then else IF E THEN S ELSE T END It is used in two circumstances When the post condition is of P can be guaranteed. Either E is true in which S will be executed Otherwise then T will execute

8. Conditional Statement contd..

10. Conditional Statement alternative interpretation

11. Case Statement Allows the flow of control of the assignment to depend on the value of a particular expression. It lists a number of alternative values. A case statement is written as follows

12. Case Statement contd.. E describes expression which is to be evaluated. If it evaluates to e1,then T1 is executed If it evaluates to e2 then T2 is executed. If does not evaluate to any of the list of alternatives then ELSE clause is executed. It is an optional clause. For example The set DIRECTION={north, south, east, west} Variable dir must evaluate to some element of DIRECTION, then the following CASE statement finds the opposite direction for dir

13. Case Statement contd..

14. Only finite cases are included. If there are infinitely many possibilities then the remaining ones will have to be covered by the ELSE clause or left with no associate statement. For example The following CASE statement assigns a percentage discount rate depending on the size of the order

16. Case Statement contd.. For a CASE statement to guarantee to establish a post condition P, we require that any branch OR e THEN T must have that T establishes P whenever the expression E evaluates to the value e on that branch. If E =e then [T]P must hold. If none f the values is matched, then the ELSE clause must establish P. This leads to the following rule

18. CASE statement Exercise

19. Begin and End

20. Consistency of INVARIANT

21. Proof Obligations A proof obligation is a mathematical formula to be proven, in order to ensure that a B component is correct.

22. Proof Obligation for Initialization

23. [T]I

24. Proof Obligation for Operations

25. B is a method for specifying, designing, and coding software systems. — Jean-Raymond Abrial

26. Inconsistency An operation whose proof obligation is not true, highlights a confusion between the machine invariant and the operation. It needs to be resolved. Number of ways to resolve a machine inconsistency. By Strengthening the precondition. May be Body of the operation might not be correct. May be Invariant may be too loose that allowed some states that should not be permitted. Invariant may be wrong.

27. Summary We have studied the concept of state space and weakest pre- conditions that result in valid final states. Multiple assignment statements can also be used to show parallel execution of statements. Evaluation of pre conditions using conditional and case statements. Proof obligations of initialization and Operations