1 cs 501 spring 2003 cs 501: software engineering lecture 12 requirements iv
Post on 19-Dec-2015
217 views
TRANSCRIPT
2 CS 501 Spring 2003
Course Administration
Quiz 2, Question 1(a)
Grading of this part of Question 1 was inconsistent. If you would like me to regrade your solution, please return you answer book.
Quiz 1 and Quiz 2
The quizzes have been mounted on the Web site. If you have questions abour grading, please compare your solution to the question.
3 CS 501 Spring 2003
Formal Specification
Why?
• Precise standard to define and validate software.
Why not?
• May be time consuming
• Methods are not suitable for all applications
4 CS 501 Spring 2003
Formal Specification using Mathematical Notation
Example from a mathematical software package:
B1, B2, ... Bk is a sequence of m x m matrices
1, 2, ... k is a sequence of m x m elementary matrices
B1-1 = 1
B2-1 = 21
Bk-1 = k ... 21
The numerical accuracy must be such that, for all k,
BkBk-1 - I <
5 CS 501 Spring 2003
Formal Specification Using Diagrams
digitunsigned integer
digit. E
+
-
unsigned integerunsigned integer
unsigned number
Pascal number syntax
6 CS 501 Spring 2003
Formal Specification of Programming Languages
<unsigned number> ::= <unsigned integer> | <unsigned real>
<unsigned integer> ::= <digit> {<digit>}
<unsigned real> ::= <unsigned integer> . <digit> {<digit>} | <unsigned integer> . <digit> {<digit>} E <scale factor> | <unsigned integer> E <scale factor>
<scale factor> ::= <unsigned integer> | <sign> <unsigned integer>
<sign> ::= + | -
Pascal number syntax
7 CS 501 Spring 2003
Formal Specification using Z ("Zed")
Ben Potter, Jane Sinclair, David Till,
An Introduction to Formal Specification and Z
(Prentice Hall) 1991
Jonathan Jacky
The Way of Z
(Cambridge University Press) 1997
8 CS 501 Spring 2003
Remember
• Formal specification does not guarantee correctness
• Formal specification does not prescribe the implementation
9 CS 501 Spring 2003
Informal: The function intrt(a) returns the largest integer whose square is less than or equal to a.
Formal (Z):
intrt: N N
a : N •
intrt(a) * intrt(a) < a < (intrt(a) + 1) * (intrt(a) + 1)
Example: Specification using Z
10 CS 501 Spring 2003
Example: Algorithm
1 + 3 + 5 + ... (2n - 1) = n2
Static specification does not describe the design of the system.
A possible algorithm uses the mathematical identity:
11 CS 501 Spring 2003
Example: Program
int intrt (int a)/* Calculate integer square root */{ int i, term, sum; term = 1; sum = 1; for (i = 0; sum <= a; i++) { term = term + 2; sum = sum + term; } return i;}
12 CS 501 Spring 2003
Formal Specification of Finite State Machine Using Z
A finite state machine is a broadly used method of formal specification:
• Event driven systems (e.g., games)
• User interfaces
• Protocol specification
etc., etc., ...
13 CS 501 Spring 2003
State Transition Diagram
Patients Fields Setup ReadyBeam
on
Enter Enter Start
Stop
Select field
Select patient(interlock)
(ok)
14 CS 501 Spring 2003
State Transition Table
SelectPatient
SelectField
Enter ok Start Stop interlock
Patients
Fields
Setup
Ready
Beamon
Fields
Fields
Fields
Patients
Patients
Patients
Setup
Setup
Setup
Ready
Beamon
Ready
15 CS 501 Spring 2003
Z Specification
STATE ::= patients | fields | setup | ready | beam_on
EVENT ::= select_patient | select_field | enter | start | stop | ok | interlock
FSM == (STATE X EVENT) STATE
no_change, transitions, control : FSM
Continued on next slide
16 CS 501 Spring 2003
Z Specification (continued)
control = no_change transitions
no_change = { s : STATE; e : EVENT • (s, e) s }
transitions = { (patients, enter) fields,
(fields, select_patient) patients, (fields, enter) setup,
(setup, select_patient) patients, (setup, select_field) fields, (setup, ok) ready,
(ready, select_patient) patients, (ready, select_field) fields, (ready, start) beam_on, (ready, interlock) setup,
(beam_on, stop) ready, (beam_on, interlock) setup }
17 CS 501 Spring 2003
Schemas
Schema:
• The basic unit of formal specification.
• Enables complex system to be specifed as subsystems
• Describes admissible states and operations of a system.
18 CS 501 Spring 2003
LibSys: An Example of Z
Library system:
• Stock of books.
• Registered users.
• Each copy of a book has a unique identifier.
• Some books on loan; other books on shelves available for loan.
• Maximum number of books that any user may have on loan.
19 CS 501 Spring 2003
LibSys: Operations
• Issue a copy of a book to a reader.
• Reader returns a book.
• Add a copy to the stock.
• Remove a copy from the stock.
• Inquire which books are on loan to a reader.
• Inquire which readers has a particular copy of a book.
• Register a new reader.
• Cancel a reader's registration.
20 CS 501 Spring 2003
LibSys
Level of Detail:
Assume given sets:
Copy, Book, Reader
Global constant:
maxloans
21 CS 501 Spring 2003
Domain and Range
dom mX Yx
ran my
m : X Y
dom m = { x X : y Y x y}
ran m = { y Y : x X x y}
m
domain:
range:
22 CS 501 Spring 2003
LibSys: Schema for Abstract States
Library
stock : Copy Bookissued : Copy Readershelved : F Copyreaders: F Reader
shelved dom issued = dom stockshelved dom issued = Øran issued readersr : readers • #(issued {r}) maxloans<
23 CS 501 Spring 2003
Schema Inclusion
LibDB
stock : Copy Bookreaders: F Reader
LibLoansissued : Copy Readershelved : F Copy
r : Reader • #(issued {r}) maxloansshelved dom issued = Ø
<
24 CS 501 Spring 2003
Schema Inclusion (continued)
Library
LibDBLibLoans
dom stock = shelved dom issuedran issued readers
25 CS 501 Spring 2003
Schemas Describing Operations
Naming conventions for objects:
Before: plain variables, e.g., r
After: with appended dash, e.g., r'
Input: with appended ?, e.g., r?
Output: with appended !, e.g., r!
26 CS 501 Spring 2003
Operation: Issue a Book
• Inputs: copy c?, reader r?
• Copy must be shelved initially: c? shelved
• Reader must be registered: r? readers
• Reader must have less than maximum number of books on loan: #(issued {r?}) < maxloans
• Copy must be recorded as issued to the reader: issued' = issued {c? r?}
• The stock and the set of registered readers are unchanged: stock' = stock; readers' = readers
27 CS 501 Spring 2003
Operation: Issue a Book
stock, stock' : Copy Book
issued, issued' : Copy Reader
shelved, shelved': F Copy
readers, readers' : F Reader
c?: Copy; r? :Reader
[See next slide]
Issue
28 CS 501 Spring 2003
Operation: Issue a Book (continued)
[See previous slide]
Issue
shelved dom issued = dom stockshelved' dom issued' = dom stock'shelved dom issued = Ø; shelved' dom issued' = Øran issued readers; ran issued' readers'r : readers #(issued {r}) maxloansr : readers' #(issued' {r}) maxloansc? shelved; r? readers; #(issued {r?}) < maxloansissued' = issued {c? r?}stock' = stock; readers' = readers
<<
29 CS 501 Spring 2003
Schema Decoration
Issue
LibraryLibrary'c? : Copy; r? : Reader
c? shelved; r? readers#(issued {r?}) < maxloansissued' = issued {c? r?}stock' = stock; readers' = readers
30 CS 501 Spring 2003
Schema Decoration
Issue
Libraryc? : Copy; r? : Reader
c? shelved; r? readers#(issued {r?}) < maxloansissued' = issued {c? r?}stock' = stock; readers' = readers