IntroductionIntroduction Copyright, 2000 © Jerzy R. Nawrocki [email protected] Models...

IntroductionIntroduction

Copyright, 2000 © Jerzy R. Nawrocki

[email protected]

www.cs.put.poznan.pl/jnawrocki/mse/models/

Models and Analysis of Software Models and Analysis of Software

Lecture 1Lecture 1

Models and Analysis of Software Models and Analysis of Software

Lecture 1Lecture 1

J. Nawrocki, Models & Analysis of Software

Plan of the lecturePlan of the lecturePlan of the lecturePlan of the lecture

• Specification styles• A model-based specification• An axiomatic specification• An unexpected specification• Course organisation


Specification stylesSpecification stylesSpecification stylesSpecification styles

Formal methodsFormal methodsFormal methodsFormal methods

Model-basedModel-basedModel-basedModel-based AxiomaticAxiomaticAxiomaticAxiomatic

ImperativeImperativeImperativeImperative DeclarativeDeclarativeDeclarativeDeclarative

FunctionalFunctionalFunctionalFunctional LogicalLogicalLogicalLogical

AlgebraicAlgebraicAlgebraicAlgebraic



• Specification styles

• A model-based specification• An axiomatic specification• An unexpected specification• Course organisation


A model-based specificationA model-based specificationA model-based specificationA model-based specification

Directory = Name Directory = Name TelephoneNo TelephoneNo

statestate telbook telbook ofof

dir: Directorydir: Directory

endend




endendINIT()INIT()

extext wrwr dir: Directory; dir: Directory;

postpost dir = {}; dir = {};

INIT()INIT()



mm






endend




endendINIT()INIT()



INIT()INIT()



ADD (name: Name, telno: TelephoneNo)ADD (name: Name, telno: TelephoneNo)


postpost dir = dir dir = dir {name {name telno}; telno};




mm






endend




endendINIT()INIT()



INIT()INIT()









LOOKUP (name: Name) r: TelephoneNoLOOKUP (name: Name) r: TelephoneNo

extext rdrd dir: Directory; dir: Directory;

prepre name name domdom dir; dir;

postpost dir (name); dir (name);





mm






endend




endendINIT()INIT()



INIT()INIT()

















DELETE (name: Name)DELETE (name: Name)


postpost dir = {name} dir dir = {name} dir ; ;

DELETE (name: Name)DELETE (name: Name)


postpost dir = {name} dir dir = {name} dir ; ;

mm



• Specification styles• A model-based specification

• An axiomatic specification• An unexpected specification• Course organisation


An axiomatic specificationAn axiomatic specificationAn axiomatic specificationAn axiomatic specificationschemescheme DIRECTORY = DIRECTORY =classclass typetype Name, PhoneNo, Dir Name, PhoneNo, Dirvaluevalue empty: Dir, empty: Dir, add: Name x PhoneNo x Dir add: Name x PhoneNo x Dir Dir, Dir, lookup: Name x Dir lookup: Name x Dir PhoneNo, PhoneNo, delete: Name x Dir delete: Name x Dir Dir Dir

schemescheme DIRECTORY = DIRECTORY =classclass typetype Name, PhoneNo, Dir Name, PhoneNo, Dirvaluevalue empty: Dir, empty: Dir, add: Name x PhoneNo x Dir add: Name x PhoneNo x Dir Dir, Dir, lookup: Name x Dir lookup: Name x Dir PhoneNo, PhoneNo, delete: Name x Dir delete: Name x Dir Dir Dir

axiomaxiom forallforall name, name1: Name, t: PhoneNo, d: Dir name, name1: Name, t: PhoneNo, d: Dir delete (name, empty) delete (name, empty) empty empty delete (name, add(name1, t, d)) delete (name, add(name1, t, d)) ifif name = name1 name = name1 thenthen delete (name, d)delete (name, d) elseelse add (name1, t, add (name1, t, delete (name, d)delete (name, d))) endend

axiomaxiom forallforall name, name1: Name, t: PhoneNo, d: Dir name, name1: Name, t: PhoneNo, d: Dir delete (name, empty) delete (name, empty) empty empty delete (name, add(name1, t, d)) delete (name, add(name1, t, d)) ifif name = name1 name = name1 thenthen delete (name, d)delete (name, d) elseelse add (name1, t, add (name1, t, delete (name, d)delete (name, d))) endend

Not ‘d’ ?Not ‘d’ ?


An axiomatic specificationAn axiomatic specificationAn axiomatic specificationAn axiomatic specification

axiomaxiom forallforall name, name1: Name, t: PhoneNo, d: Dir name, name1: Name, t: PhoneNo, d: Dir lookup (name, add(name1, t, d)) lookup (name, add(name1, t, d)) ifif name = name1 name = name1 thenthen t t elseelse lookup (name, d) lookup (name, d) endend prepre name = name1 name = name1 name name dd

axiomaxiom forallforall name, name1: Name, t: PhoneNo, d: Dir name, name1: Name, t: PhoneNo, d: Dir lookup (name, add(name1, t, d)) lookup (name, add(name1, t, d)) ifif name = name1 name = name1 thenthen t t elseelse lookup (name, d) lookup (name, d) endend prepre name = name1 name = name1 name name dd





• Specification styles• A model-based specification• An axiomatic specification

• An unexpected specification• Course organisation


Another axiomatic specificationAnother axiomatic specificationAnother axiomatic specificationAnother axiomatic specificationtypetype ext_nat_numbers ext_nat_numbers isis sortssorts nat nat opnsopns 0 0 nat nat suc: nat suc: nat nat nat _ + _ : nat, nat _ + _ : nat, nat nat nat

typetype ext_nat_numbers ext_nat_numbers isis sortssorts nat nat opnsopns 0 0 nat nat suc: nat suc: nat nat nat _ + _ : nat, nat _ + _ : nat, nat nat nateqnseqns forallforall x,y x,y ofsortofsort nat nat

x + 0 = x;x + 0 = x;

x + succ(y) = succ(x+y);x + succ(y) = succ(x+y);

eqnseqns forallforall x,y x,y ofsortofsort nat nat

x + 0 = x;x + 0 = x;

x + succ(y) = succ(x+y);x + succ(y) = succ(x+y);

int zero ()int zero ()

int succ (int x)int succ (int x)

int plus (int x, int y)int plus (int x, int y)



int plus (int x, int y)int plus (int x, int y)xx plus(x, zero())= x plus(x, zero())= x

x,yx,y plus(x,succ(y))= succ(plus(x,y)) plus(x,succ(y))= succ(plus(x,y))

xx plus(x, zero())= x plus(x, zero())= x

x,yx,y plus(x,succ(y))= succ(plus(x,y)) plus(x,succ(y))= succ(plus(x,y)) Our intuition:Our intuition:

plus(2, 3)= 5plus(2, 3)= 5Our intuition:Our intuition:

plus(2, 3)= 5plus(2, 3)= 5


An unexpected implementationAn unexpected implementationAn unexpected implementationAn unexpected implementation











plus(2, 3)= 5plus(2, 3)= 5


{ return 1; }{ return 1; }int zero ()int zero ()

{ return 1; }{ return 1; }













plus(2, 3)= 5plus(2, 3)= 5





{ return 2*x; }{ return 2*x; }int succ (int x)int succ (int x)

{ return 2*x; }{ return 2*x; }













plus(2, 3)= 5plus(2, 3)= 5








{ return x * y; }{ return x * y; }int plus (int x, int y)int plus (int x, int y)

{ return x * y; }{ return x * y; }








plus(2, 3)= 5plus(2, 3)= 5








{ return x * y; }{ return x * y; }int plus (int x, int y)int plus (int x, int y)

{ return x * y; }{ return x * y; }... but

plus(2,3)= 6

The implementation satisfies those

conditions



• Specification styles• A model-based specification• An axiomatic specification• An unexpected specification

• Course organisation


Course organisationCourse organisationCourse organisationCourse organisation

28.02 Introduction

7.03 VDM (I)

14.03 VDM (II)

21.03 Statecharts (I)

28.03 Statecharts (II)

4.04 -

11.04 Z

18.04 -

25.04 Petri Nets and CSP

Lectures by J. Nawrocki



9.05 Introduction to testing

16.05 Automatic testing

23.05 Rational TestStudio (I)

30.05 Rational TestStudio (II)

6.06 Testing in Practice (B. Nowicki)

13.06 Pre-exam

Lectures by W. Complak



10: Presence at lectures & seminars (0.5 each)

30: Presentation at seminar

60: Written exam (13.06)

------------------------------------

100: Total

Grading rules

91 .. 100: 5.0

81 .. 90: 4.5

71 .. 80: 4.0

61 .. 70: 3.5

51 .. 60: 3.0

91 .. 100: 5.0

81 .. 90: 4.5

71 .. 80: 4.0

61 .. 70: 3.5

51 .. 60: 3.0



Each student has to give a presentation lasting for 20 minutes.

Any topic concerning Models & Analysis of Software will be accepted.

The presentation does not have to be original.It can be based on someone’s paper or book.Title, name, e-mail address, keywords and abstract

(about half a page) must be submitted to Mr. Complak at least 10 days before the presentation.

Schedule will be prepared by Mr. Complak by 7.03.

Presentation at seminar



Each student has a ‘budget’ of 189 points.Using the budget he has to evaluate 21

presentations (average is 9 points).A student is not evaluating his/her own

presentation. To check this, WC or JN has to know student’s name.

Each presentation can get no more than 10 points.

Presentation grade



If a student is not able to evaluate a presentation, he/she can put ‘x’. Then his budget is lowered by 9 points.

Average presentation grade (x’s do not count) will be multiplied by 3 to get overall presentation grade.

Presentation grade


SummarySummarySummarySummary

Model-based specifications:• an abstract implementation

Axiomatic specifications:• relations and superposition

Problem of unexpected implementations


Further readingsFurther readingsFurther readingsFurther readings

A. Harry, Formal Methods Fact File, John Wiley & Sons, Chichester, 1996 (Chapters 1 - 3).


Quality assessmentQuality assessmentQuality assessmentQuality assessment

1. What is your general impression? (1 - 6)

2. Was it too slow or too fast?

3. What important did you learn during the lecture?

4. What to improve and how?

Date post:	28-Mar-2015
Category:	Documents
Upload:	sofia-hale
View:	215 times
Download:	0 times

IntroductionIntroduction Copyright, 2000 © Jerzy R. Nawrocki [email protected] Models...

Documents