3100-topic4 (2)
TRANSCRIPT
-
8/17/2019 3100-topic4 (2)
1/97
© Chinese University, CSE Dept. Software Engineering / 4 - 1
Software Engineering
Topic 4:
Software Specification
Yor !a"e: #####################
Co"pter Science $ Engineering Depart"ent
The Chinese University of %ong &ong
-
8/17/2019 3100-topic4 (2)
2/97
© Chinese University, CSE Dept. Software Engineering / 4 - '
Prelude on Specification
♦ ( specification is a precise state"ent of there)ire"ents that a syste" "st satisfy
♦the ter" *specification+ is se at ifferent
stages of syste" eveop"enti re)ire"ent specification
ii esign specification
iii "oe specification
-
8/17/2019 3100-topic4 (2)
3/97
© Chinese University, CSE Dept. Software Engineering / 4 - 0
Specification
♦ ( roa ter" that "eans _____________♦Use at ifferent stages of software
eveop"ent for ifferent prposes
♦2eneray, a state"ent of agree"ent _____________ etween 3 procer an cons"er of a service
3 i"pe"enter an ser
♦ ( esirae )aities "st e specifie
-
8/17/2019 3100-topic4 (2)
4/97
© Chinese University, CSE Dept. Software Engineering / 4 - 4
What Is A Specification?
♦ ( specification at so"e eve states there)ire"ents for the i"pe"entation at aower eve
♦t is viewe as a efinition of ######## thei"pe"entation "st provie, not #########
♦The istinction etween *what+ an *how+ isnot sharp.
e.g., a si"pe way to escrie *what+ is 5st to givean e6a"pe of *how+e.g., display of time: “hour” + “:” + “minute” 1 ≤ 2 digit ≤ 12 0 ≤ 2 digit ≤ 59
-
8/17/2019 3100-topic4 (2)
5/97
© Chinese University, CSE Dept. Software Engineering / 4 - 7
Uses of Specification
♦ State"ent of ############## re)ire"ents 3 "a5or faires occr ecase of "isnerstanings
etween the procer an the ser
3 ( sers8 nees are so"eti"es not ceary nerstoo
y the eveoper 3 So"eti"es, even the ser has no cear iea of what
e6acty the esire proct is
3 9The harest singe part of iing a software syste"
is eciing precisey what to i9 . ;roo
-
8/17/2019 3100-topic4 (2)
6/97
© Chinese University, CSE Dept. Software Engineering / 4 - =
Uses of Specification (cont.)
♦State"ent of the interface etween the ######### an the controe ############
3 serios nesirae effects can rest e to
"isnerstanings etween software engineers
an o"ain e6perts aot the pheno"ena
affecting the contro fnction to e i"pe"ente y
software
-
8/17/2019 3100-topic4 (2)
7/97
© Chinese University, CSE Dept. Software Engineering / 4 - >
Uses of Specification (cont.)
♦State"ent of re)ire"ents for ############ 3 esign process is a chain of specification i.e.,
efinition–i"pe"entation–verification steps
?requirements specification refers to efinitionof ############## ehavior esign specification "st e verifie against it
?design specification refers to efinition of the
################software architectre coe "st e verifie against it
-
8/17/2019 3100-topic4 (2)
8/97
© Chinese University, CSE Dept. Software Engineering / 4 - @
Uses of Specification (cont.)
♦ ( reference point ring ############ 3 corrective "aintenance ony changes
i"pe"entation or esign
3 aaptive an perfective "aintenanceoccr ecase of re)ire"ents changes
?re)ire"ents specification "st change
accoringy
-
8/17/2019 3100-topic4 (2)
9/97
© Chinese University, CSE Dept. Software Engineering / 4 - A
Specification Qualities
1 Spec sho e cear, na"igos, annerstanae
3 pictres are etter, if possie e.g. 2aieo
3infor"a spec, written in natra angagesEngish, are i
-
8/17/2019 3100-topic4 (2)
10/97
© Chinese University, CSE Dept. Software Engineering / 4 - 1
Spec Exaples
i ( select co""an in a wor processor 3 Seecting is the process for esignating areas
of yor oc"ent that yo want to wor< on.
Bost eiting an for"atting actions re)ire
two steps: first yo seect what yo want towor< on, sch as te6t or graphicsF then yo
initiate the appropriate action.
!!!!!!!!!!!
!!!!!!!!!!!
not sure if
possi"le or not
fro the spec
-
8/17/2019 3100-topic4 (2)
11/97
© Chinese University, CSE Dept. Software Engineering / 4 - 11
Spec Exaples
ii ( "ission-critica pro5ect 3 The "essage "st e tripicate. The three
copies "st e forware throgh three
ifferent physica channes. The receiver
accepts the "essage on the asis of a two-
ot-of-three voting poicy.
When? As soon as two identical essagesare recei#ed or has to wait for $
essages?
-
8/17/2019 3100-topic4 (2)
12/97
© Chinese University, CSE Dept. Software Engineering / 4 - 1'
Specification Qualities
' Spec sho e ################ 3 (n e6a"pe: wor processing for *te6t+
? Engish spec:
? The whoe te6t sho e
-
8/17/2019 3100-topic4 (2)
13/97
© Chinese University, CSE Dept. Software Engineering / 4 - 10
Specification Qualities
0 Spec sho e ######################## 3 internay co"pete sef-containe
? efine a new concept or ter"inoogy it ses
? gossary hepf for this prpose
3 e6ternay co"pete: co"pete with respect to serre)ire"ents
? specify a the fnctiona re)ire"ents
? e wary of non-fnctiona re)ire"ents e.g., perfor"ance,
e6ceptiona cases
? ifficty: when sho one stopDe to the ifficties in achieving co"pete spec, the se of
the ################ principe is especiay i"portant
-
8/17/2019 3100-topic4 (2)
14/97
© Chinese University, CSE Dept. Software Engineering / 4 - 14
Specification Qualities
4 Spec sho e ################## 3 Geferring to the specification process
? start fro" a s
-
8/17/2019 3100-topic4 (2)
15/97
© Chinese University, CSE Dept. Software Engineering / 4 - 17
%lassification of Specification St&les
1 or"a vs. nfor"a spec 3 infor"a - natra angage strctre or non-
strctre
?e.g. given earier in this ectre
3 for"a - a fy precise synta6 an se"antics
3 se"i-for"a - notation withot a co"peteyprecise se"antics
-
8/17/2019 3100-topic4 (2)
16/97
© Chinese University, CSE Dept. Software Engineering / 4 - 1=
%lassification of Specification St&les
' Hperationa vs. Descriptive spec 3 Hperationa - escrie the intene syste" y
escriing the esire ehavior, say throgh a"oe of the syste"
3 Descriptive - state the esire-properties of the syste"in a prey ecarative fashion
-
8/17/2019 3100-topic4 (2)
17/97
© Chinese University, CSE Dept. Software Engineering / 4 - 1>
%lassification of Specification St&les
3 e6a"pes of operationa spec aot eipse? operationa:
? escriptive:
3 e6a"pes of operationa spec aot sorting an array
? operationa:? escriptive:
3 escriptive specs ten to e "ore astract than
operation specs ecase they o not ias the reaer
towars any particar i"pe"entation 3 the istinction etween operationa an escriptive
specs is not sharp
-
8/17/2019 3100-topic4 (2)
18/97
© Chinese University, CSE Dept. Software Engineering / 4 - 1@
Spec St&le Exaples
1 (n operationa spec for eipse 3 E is the path of the point that "oves so that the s" of its istances
fro" two fi6e points P 1 and P 2 is ###########, an ###########.
3 Iroperty of operationa spec:
###############
p' p
a "
ap' ap * "p' "p
(x+ &)
x
&
( escriptive spec: _______________ where the center of the ellipse is (,+,) and
a+ b+ and c are suita"le constants.
-
8/17/2019 3100-topic4 (2)
19/97
© Chinese University, CSE Dept. Software Engineering / 4 - 1A
Spec St&le Exaples
() specs a"out sorting - perational spec/
0 1et a "e an arra& of n eleents. 2he result of sorting a is an arra& b of n eleents such that the first eleents of b is the iniu of a (if se#eral eleents of a ha#e the sae #alue+ an& one of the is
accepta"le)+ the second eleent of b is the iniu of the arra& ofn-1 eleents o"tained fro a "& reo#ing its iniu eleent3and so on until all n eleents of a ha#e "een reo#ed.
0 4eature/ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- 5escripti#e spec/
0 2he result of sorting a is an arra& b which is a perutation of a andis sorted.
0 4eature/ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-
8/17/2019 3100-topic4 (2)
20/97
© Chinese University, CSE Dept. Software Engineering / 4 - '
%lassification of Specification St&les
0 Data paraig" vs. Irocess paraig" 3 ata paraig" - the spec avocates the pri"acy of ata
astractions? DD ata fow iagra"s
3 process paraig" - the spec focses on se)ences of
events or actions operations? SB inite State Bachine
? Ietri !et
-
8/17/2019 3100-topic4 (2)
21/97
© Chinese University, CSE Dept. Software Engineering / 4 - '1
6erification of Specs
♦ specs "st e verifie prior to esign an i"pe"entation♦ two genera techni)es:1 oserve the yna"ic ehavior of the specifie syste" to chec< its
correctness ################### spec
' anayJe the properties of the specifie syste" that can e ecefro" the spec ##################### spec
♦ effectiveness of oth techni)es increases when for"aity of specincreases.
♦ Techni)e 1 co e one via si"ation, yieing prototype of thespecifie syste"Techni)e ' co e one y h"an inspection or theore"proving
♦ Kerifying spec correctness, consistency an co"peteness isfor"iae an teios tas
-
8/17/2019 3100-topic4 (2)
22/97
© Chinese University, CSE Dept. Software Engineering / 4 - ''
perational Specifications
( Data ow Diagra"s DD
; inite State Bachines SB
C Ietri !ets I!
-
8/17/2019 3100-topic4 (2)
23/97
© Chinese University, CSE Dept. Software Engineering / 4 - '0
A) 5ata 4low 5iagras
They escrie syste"s as coections of atathat are "anipate y fnctions.
3 ;asic ee"ents
-
8/17/2019 3100-topic4 (2)
24/97
© Chinese University, CSE Dept. Software Engineering / 4 - '4
A) 5ata 4low 5iagras
♦e.g.+ 545 for (a") 7 (ca7d) 3 igre 4.1
3 igre 4.': ( si"pifie infor"ation syste" for a
pic irary a first appro6i"ation of the syste"
3 igre 4.0: ( finer escription partia refine"ent
-
8/17/2019 3100-topic4 (2)
25/97
© Chinese University, CSE Dept. Software Engineering / 4 - '7
A) 5ata 4low 5iagras/ A Siple Exaple
specifes evaluation o
(a + b) * (c + a * d)
4igure 8.'
-
8/17/2019 3100-topic4 (2)
26/97
© Chinese University, CSE Dept. Software Engineering / 4 - '=
A %onstruction 9:ethod; (')
......
Input'
Input(
Inputn
.utput
'
.utput(
.utput
n orat on
s&ste
1. Start rom the “context” diaram
-
8/17/2019 3100-topic4 (2)
27/97
© Chinese University, CSE Dept. Software Engineering / 4 - '>
A %onstruction 9:ethod; ()
A
A'
A$
A(
A8
A<
A=
A>
?'
?(
?$ ?8
Ag
I.
I
.
@
B
:
C
P Q
D
S
2
'
(
$
8
:
C
!. "roceed b# refnements until #ou reach“elementar#” unctions (preserve balancin)
-
8/17/2019 3100-topic4 (2)
28/97
© Chinese University, CSE Dept. Software Engineering / 4 - '@
5ata 4low 5iagras/ A 1i"rar& Exaple
Shel#es
1ist of Authors
1ist of titles
1ist of topics
2itle and author
of reuested "ooF3 nae
of the user
Get a "ooF
?ooF
1ist of "ooFs "orrowed
?ooF title3
user nae
2opic reuest
"& the user
Search "&
topics
?ooF reuest
"& the user
?ooF
reception
2opic1ist of titlesreferring to the topic
?ooF
Author
2itle
5ispla& of
the list of titles
2opic
2itle
4igure 8.
fi f F
-
8/17/2019 3100-topic4 (2)
29/97
© Chinese University, CSE Dept. Software Engineering / 4 - 'A
Defineent of 9Get a ooF;
She-ves
List of (thors
List of tit-es
Ti t-e an athor
of re)este 1oo
-
8/17/2019 3100-topic4 (2)
30/97
© Chinese University, CSE Dept. Software Engineering / 4 - 0
A) 5ata 4low 5iagras
♦ Drawac< of the irary spec1 The se"antics of the sy"os "ight nee frther
e6panation.? e.g., *fin oo< position+
? !ee oth *athor+ an *tite+ or one is enogh
' Contro aspects are not efine y the "oe
i reations of otpt are nspecifiee.g. igre 4.4
ii synchroniJation etween syste" co"ponents is nspecifiee.g. igre 4.7
♦ n s""ary, DD is an attractive graphica notation, t it sti
ac
-
8/17/2019 3100-topic4 (2)
31/97
© Chinese University, CSE Dept. Software Engineering / 4 - 01
A) 5ata 4low 5iagras
$
%
&
'
utputs rom $, ', % are all needed-
utputs or & and are
produced at the same time-
4igure 8.8
A) 5 4l 5i
-
8/17/2019 3100-topic4 (2)
32/97
© Chinese University, CSE Dept. Software Engineering / 4 - 0'
A) 5ata 4low 5iagras
♦Contro infor"ation is asent
'$
"ossible interpretations(a) $ produces datum, /aits until ' consumes it(b)$ and ' are autonomous activities that have di0erent s
(b1) ' can read the datum rom $ and consume it(b!) a pipe is inserted bet/een $ and '
4igure 8.<
A) 5 t 4l 5i
-
8/17/2019 3100-topic4 (2)
33/97
© Chinese University, CSE Dept. Software Engineering / 4 - 00
A) 5ata 4low 5iagras
♦ To overco"e the DD rawac
-
8/17/2019 3100-topic4 (2)
34/97
© Chinese University, CSE Dept. Software Engineering / 4 - 04
A) 5ata 4low 5iagras
d'
d
dn
H
Σ
2rigger
4igure 8.= A partial 545 augented with control flow arrows. 2he trigger is a control flow arrow. It is dashed rather than continuous. 2he
function 9su; associated with the "u""le is applied to all data
existing in the "oxes as soon as a trigger occurs.
U:1 U 5i
-
8/17/2019 3100-topic4 (2)
35/97
© Chinese University, CSE Dept. Software Engineering / 4 - 07
U:1 Usecase 5iagras
♦UBL: Unifie Boeing Langage♦Use-case iagra"s efine fnctions on asis
of actors an actions
"orrow "ooF
return
book
li"rar&
update
li"rarian
custoer
U:1 A ti it 5i
-
8/17/2019 3100-topic4 (2)
36/97
© Chinese University, CSE Dept. Software Engineering / 4 - 0=
U:1 Acti#it& 5iagras
♦ (ctivity iagra"s representwor
-
8/17/2019 3100-topic4 (2)
37/97
© Chinese University, CSE Dept. Software Engineering / 4 - 0>
U:1 Seuence 5iagras
♦Descrie how o5ects interact y e6changing"essages
♦Irovie a yna"ic view 1i"rarian %atalogue
member card +
"ooF reEuest membership
.A
book request
book available
book borrowed
time
%ustoer
U:1 %olla"oration 5iagras
-
8/17/2019 3100-topic4 (2)
38/97
© Chinese University, CSE Dept. Software Engineering / 4 - 0@
U:1 %olla"oration 5iagras
♦2ive o5ect interactions an their orer ♦E)ivaent to se)ence iagra"s
%ustoer 1i"rarian %atalogue
'/ e"er card )
"ooF reEuest
(/ e"ership .A
$/ "ooF reEuest
8/ "ooF a#aila"le
-
8/17/2019 3100-topic4 (2)
39/97
© Chinese University, CSE Dept. Software Engineering / 4 - 0A
) ( )
%ontrol 4low
♦e nee to escrie contro aspects of a syste"in orer to "a
-
8/17/2019 3100-topic4 (2)
40/97
© Chinese University, CSE Dept. Software Engineering / 4 - 4
) 4inite State :achines (4S:s)
3 E6a"pes? igre 4.>, igre 4.@? igre 4.A
? igre 4.1 a refine poicy
3 State transition "atri6: a "atri6 to enote the transition
fnction Je.g. 2iven an SB of n states q1 .. qn
......
i....
....
......
= ..
....
..
n
'
n'
..q
q j
q
q
qqk qq
δ outgoing arcs
incoing arcs
M F i
iff J(s M+ i) * sF
) 4inite State :achines (4S:s)
-
8/17/2019 3100-topic4 (2)
41/97
© Chinese University, CSE Dept. Software Engineering / 4 - 41
) 4inite State :achines (4S:s)
a a
b
bc
q
q
q
q
1
20
3
On Off
Push switch
Push switch
4igure 8.>
4igure 8.N
Hn Hff
%igh-pressre aar"
%igh-te"peratre aar"
Gestart
4igure 8.O
) 4inite State :achines (4S:s)
-
8/17/2019 3100-topic4 (2)
42/97
© Chinese University, CSE Dept. Software Engineering / 4 - 4'
) 4inite State :achines (4S:s)
Iressre signa Te"peratre signa
Sccessf
recovery
Unsccessf
recovery
OffNormal
Pressureaction
Hff !or"a
Iressreaction
Te"peratre signa
Te"peratreaction
Sccessf
recoveryUnsccessf
recovery
Iressre signa
4igure 8.',
) 4inite State :achines (4S:s)
-
8/17/2019 3100-topic4 (2)
43/97
© Chinese University, CSE Dept. Software Engineering / 4 - 40
♦ SBs to specify sets of acceptae strings 3 ag"ente ter"s1 one initia state, , ∈ Q
' a set of fina states, F , 4 ⊂ Q enote y oe circenoes
0 a finite set of otpts, 4 the transition fnction J is ag"ente to proce otpt
signas
J/ Q K I L Q K
) 4inite State :achines (4S:s)
4S:s as Decogniers
-
8/17/2019 3100-topic4 (2)
44/97
© Chinese University, CSE Dept. Software Engineering / 4 - 44
4S:s as Decogniers
q
q q q q
q q
q
b
e g i
n
e
n
d
0
1 2 3 4
5 6
f
qf is a nal state
4igure 8.'' An 4S: accepting the Fe&words ________ and _________
4S:s as Decogni ers
-
8/17/2019 3100-topic4 (2)
45/97
© Chinese University, CSE Dept. Software Engineering / 4 - 47
4S:s as Decogniers
_
q q
Legend: is an abbreviation for a set of arrows
labeled a, b,..., z, A,..., Z,
is an abbreviation for a set of arrowslabeled 0, 1,..., 9, respectively
0 1 2
4igure 8.' An 4S: accepting the
identifiers of a prograing language
) 4inite State :achines (4S:s)
-
8/17/2019 3100-topic4 (2)
46/97
© Chinese University, CSE Dept. Software Engineering / 4 - 4=
♦ S""ary aot SBs
3 avantages:
1 si"pe
' wiey se especia in co"pier, I.L., (
3 isavantages:1 its co"ptationa power is i"ite e to finite "e"ory. e.g.,har to ea with rea n"ers whose possie vaes are infinite.
' n"er of states "ay e e6posive P: %ow "any states are neee to escrie a 4-yte ong register (: #################ifferent statesQ
0 SBs are essentiay a synchronos "oe - inappropriate forconcrrent an asynchronos co"ponents in a syste".
) 4inite State :achines (4S:s)
) 4inite State :achines (4S:s)
-
8/17/2019 3100-topic4 (2)
47/97
© Chinese University, CSE Dept. Software Engineering / 4 - 4>
) 4inite State :achines (4S:s)
3 i"prove"ents:1 escrie an appro6i"ation to the syste"
withot too "ch etais
' "oify an change the SB "oe
0 enrich the "oe y new featres e.g., a
"ore co"pe6 preicates for state transitions
) 4S:s/ State Explosion Pro"le
-
8/17/2019 3100-topic4 (2)
48/97
© Chinese University, CSE Dept. Software Engineering / 4 - 4@
) p
♦E6a"pe: 3 ( procer process -
?proces "essages an pts writes the" into a ffer
3 ( cons"er process -
? reas an re"oves the "essages, an cons"e the"
3 ( ffer -?a two-sot ffer to store "essages
igre 4.10: three co"ponents igre 4.14: escrie the whoe syste"
? %ow "any states are there
) 4S:s/ State Explosion Pro"le
-
8/17/2019 3100-topic4 (2)
49/97
© Chinese University, CSE Dept. Software Engineering / 4 - 4A
) 4S:s/ State Explosion Pro"le
Producer
p1
c2
Buffer
1
produce
write
read
consume
write
read read
write
p2
Consumer
c1
20
4igure 8.'$
) 4S:s/ State Explosion Pro"le
-
8/17/2019 3100-topic4 (2)
50/97
© Chinese University, CSE Dept. Software Engineering / 4 - 7
) 4S:s/ State Explosion Pro"le
essage in "uffer producers state consuers state
consume
proce
cons"e
proce
consume
proce
consume
proce
proce proce
cons"e cons"e
write
rea
write
rea
rea
write
rea
write
1
12
1
' '
M1, p ,c O
M, p ,c O
1 1
M1, p ,cO
M1, p ,c O
M1, p ,c O
' 1
1 '
1
'
' ' M', p ,c O ' '
M', p ,c O 1 '
M', p ,c O ' 1
11
4igure 8. '8
) 4S:s/ State Explosion Pro"le
-
8/17/2019 3100-topic4 (2)
51/97
© Chinese University, CSE Dept. Software Engineering / 4 - 71
) p
3 f we have n ifferent ssyste"s, each one with &i states,the resting syste" has a carinaity of
############ ############### state e6posion
3 igre 4.17 shows i"prove"ents over igre 4.14 yStatecharts with (!D parae eco"position.
? P: %ow "any states carinaity are there
? (: ############# ############ state increase
) 4S:s with Parallel 5ecoposition
-
8/17/2019 3100-topic4 (2)
52/97
© Chinese University, CSE Dept. Software Engineering / 4 - 7'
) S s w a a e eco pos o
Idle
%oncurrentWorF
P'
P
produce
write
%'
%
read
consue
'
,
write
write
read
read
start stop
%onsuerProducer uffer
4igure 8.'< Statecharts with AC5 parallel decoposition.
%) Petri Cets/Specif&ing As&nchronous S&stes
-
8/17/2019 3100-topic4 (2)
53/97
© Chinese University, CSE Dept. Software Engineering / 4 - 70
Specif&ing As&nchronous S&stes
♦ RIetri 1A=' C.(. Ietri Ih.D Dissertation U of ;onn.
♦ ;asic ee"ents1 a finite set of paces circes
' a finite set of transitions ars
0 a finite set of arrows connecting paces an transitions with a weightinteger if necessary
%) Petri Cets
-
8/17/2019 3100-topic4 (2)
54/97
© Chinese University, CSE Dept. Software Engineering / 4 - 74
%) Petri Cets
4igure. 8.'=
%) Petri Cets
-
8/17/2019 3100-topic4 (2)
55/97
© Chinese University, CSE Dept. Software Engineering / 4 - 77
( )arpe I,T,,I: paces T: transitions I, T are finite
: fow reation F⊆ {P×T}∪ {T×P}: weight fnction W: F N – {0}Iroperties:
1 I ∩ T ' I ∪ T ≠ 0 ⊆ I × T ∪ T × I
4 : → !-VW
Defat vae of is 1
State efine y "ar
-
8/17/2019 3100-topic4 (2)
56/97
© Chinese University, CSE Dept. Software Engineering / 4 - 7=
♦ Hperation of a Ietri !et I!1 state: a I! is given a state y "ar
-
8/17/2019 3100-topic4 (2)
57/97
© Chinese University, CSE Dept. Software Engineering / 4 - 7>
> fire: the n"er of *inpt weight+ to
-
8/17/2019 3100-topic4 (2)
58/97
© Chinese University, CSE Dept. Software Engineering / 4 - 7@
4igure. 8.'=(a)(d)
%) Petri Cets
-
8/17/2019 3100-topic4 (2)
59/97
© Chinese University, CSE Dept. Software Engineering / 4 - 7A
1'starvation: a process that never receivesaccess to a neee resorce.
? Starvation "ay happen e to *##############+
? It two to
%) Petri Cets
-
8/17/2019 3100-topic4 (2)
60/97
© Chinese University, CSE Dept. Software Engineering / 4 - =
4igure 8.'=(a) with a different arFing
%) Petri Cets
-
8/17/2019 3100-topic4 (2)
61/97
© Chinese University, CSE Dept. Software Engineering / 4 - =1
4igure. 8.'>A Petri net that can enter a deadlocF state
%) Petri Cets
-
8/17/2019 3100-topic4 (2)
62/97
© Chinese University, CSE Dept. Software Engineering / 4 - ='
10eaoc
-
8/17/2019 3100-topic4 (2)
63/97
© Chinese University, CSE Dept. Software Engineering / 4 - =0
4igure. 8.'N
A odification of the Petri net of 4igure 8.'> that is li#e.
4igure. 8.'O
A Petri net with partial star#ation.
%) Petri Cets/ Producer%onsuer Exaple
-
8/17/2019 3100-topic4 (2)
64/97
© Chinese University, CSE Dept. Software Engineering / 4 - =4
I I
write
proce
C
C
cons"e
1 '
rea rea
write write
rea
1
1
'
'
C1C'
cons"e
1 '
rea
writewrite
rea
I1 I'proce
integration
4igure. 8.,
%) Petri Cets/ Producer%onsuer peration
-
8/17/2019 3100-topic4 (2)
65/97
© Chinese University, CSE Dept. Software Engineering / 4 - =7
4igure. 8.'
An integrated Petri net descri"ing
a producerconsuer s&ste.
%) Petri Cets
-
8/17/2019 3100-topic4 (2)
66/97
© Chinese University, CSE Dept. Software Engineering / 4 - ==
♦ avantages over SB:1 graphica co"pe6ity - state space of the
co"ponents is ony aitive, not "tipicative
3 Ba5or rection of "oe co"pe6ity
' the concrrency of inepenent activities is
escrie propery y a ############### .
3 E.g. Mproce, write, proce, rea, cons"e,
write, rea, cons"eO
%) Petri Cets
-
8/17/2019 3100-topic4 (2)
67/97
© Chinese University, CSE Dept. Software Engineering / 4 - =>
P: "oify it so that fferis 0.
4igure. 8.'
An integrated Petri net descri"ing
a producerconsuer s&ste.
%) Petri Cets
-
8/17/2019 3100-topic4 (2)
68/97
© Chinese University, CSE Dept. Software Engineering / 4 - =@
' !ees techni)es to prevent starvation.
2eneray, it is not possie to specify a seection
poicy etween ifferent enae transitions.0 ############# isses are not we "oee
%hannel '(for correct
essage)
%hannel (for incorrect
essage)
♦ I! i"itations1 I! to
-
8/17/2019 3100-topic4 (2)
69/97
© Chinese University, CSE Dept. Software Engineering / 4 - =A
P P
P
P P
t t
t t
P P
t t
1
1 2
3
4
5
6
7
4
2
3
6
5
%) Petri Cets
-
8/17/2019 3100-topic4 (2)
70/97
© Chinese University, CSE Dept. Software Engineering / 4 - >
♦I! e6tensions1 assign vaes to to
-
8/17/2019 3100-topic4 (2)
71/97
© Chinese University, CSE Dept. Software Engineering / 4 - >1
0 ti"e Ietri nets in which a pair Mt"in,t"a6O is
associate with each transition.
tin * '
tax * 8
priorit& * ' (low)
tin *
tax * $
priorit& * $ (high)
*R t' cannot fire "etween ≤ t ≤ $
t' t
p' p p$
(n earier e6a"pe
? ( "ore precise spec y choosing igre 4.'0 or igre 4.'4
Original message
-
8/17/2019 3100-topic4 (2)
72/97
© Chinese University, CSE Dept. Software Engineering / 4 - >'
Message triplication
Message copies
Message copies transmission
tmin =tmax =
tmin =tmax =
tmin =tmax = 0
0
for all three transitions
PC1
PC2
PC3
c1k1
c2k2
Forwarded message
tvoting1 tvoting2 tvoting3
{
{
{
4igure 8.$
Original message
-
8/17/2019 3100-topic4 (2)
73/97
© Chinese University, CSE Dept. Software Engineering / 4 - >0
Message triplication
Message copies
Message copies transmission
tmin =
tmax =
tmin =tmax =
tmin = 0tmax = 0
PC1
PC2
PC3
c1
k1
c2k2
tvoting
Forwarded message
4igure 8.8
5escripti#e Specifications
-
8/17/2019 3100-topic4 (2)
74/97
© Chinese University, CSE Dept. Software Engineering / 4 - >4
Descrie the esire ######### of a syste" rather
than the esire ###########
( Entity-Geationship Diagra"s
3 ####################
; Logic Specifications 3 ####################
C (geraic Specifications s
-
8/17/2019 3100-topic4 (2)
75/97
© Chinese University, CSE Dept. Software Engineering / 4 - >7
♦ ;asic ee"ents
1 entities - coections of ite"s that share co""on properties.
' reations - connections etween two entities.
0 attrites - characteristics within each entity.
( reation R on two entities A, is a set of pairs Ma, "O,
where !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
(A) Entit&Delationship (ED) 5iagras
-
8/17/2019 3100-topic4 (2)
76/97
© Chinese University, CSE Dept. Software Engineering / 4 - >=
!!!!!!!!!!!Finds of constraints on the relationship R
S2U5EC2
%1ASS
ECD.11E5!IC
CA: E
SE
AGE
SU?BE%2
%.UDSE!I5
:A!ECD.11:EC
4igure 8.< An ED diagra descri"ing
a relationship "etween students and
classes
(A) Entit&Delationship (ED) 5iagras
-
8/17/2019 3100-topic4 (2)
77/97
© Chinese University, CSE Dept. Software Engineering / 4 - >>
( G ;
( G ;
( G ;
( G ;
♦Geations can e partia
♦They can e annotate to efine
3 one to one
3 one to "any
3 "any to one
3 "any to "any
Con inar& Delations
-
8/17/2019 3100-topic4 (2)
78/97
© Chinese University, CSE Dept. Software Engineering / 4 - >@
5irector
ProMect
Eplo&ee
5epartent
AssignedParticipate
@ead.f
5ata 5uration
(A) Entit&Delationship (ED) 5iagras
-
8/17/2019 3100-topic4 (2)
79/97
© Chinese University, CSE Dept. Software Engineering / 4 - >A
♦ S""ary aot EG iagra"s:1 EG iagra"s are a se"ifor"a spec notation.
' De to the ac< of e6pressive power in EG iagra"s,
we nee to a properties as infor"a co""ents.
e.g. co"ine with *ogic specification+ to e shown ater
0 EG iagra"s are a escriptive notation ecase they
state the entities an their properties.
? iey se in ataase appications for a nifie view of
ata. P: what are the "a5or ataase "oes
() 1ogic Specifications
-
8/17/2019 3100-topic4 (2)
80/97
© Chinese University, CSE Dept. Software Engineering / 4 - @
♦ hat is ogic spec
1 ;ase on first-orer theory HT - an e6pression for"a invoving
sy"os in traitiona "athe"atics.
' Logica connectives - an, or, not, i"pies, an ≡ ogica e)ivaence- are se.
0 the type of rest "st e ;ooean.
4 se )antifiers e.g., *e6ists+ ∃, *for a+ ∀. ⇒ )ic< e6a"pes
♦ a variae that occrs in a for"a is free if it is not )antifie.♦ a )antifie variae is on.
♦ if a variaes in a for"a are )antifie, the for"a is cose.
♦ a cose for"a is aways either tre or fase.@ow to o"tain?
♦ the cosre of a for"a is otaine y )antifying a of its free variaes
with the ############ )antifier.
() 1ogic Specifications
-
8/17/2019 3100-topic4 (2)
81/97
© Chinese University, CSE Dept. Software Engineering / 4 - @1
'. x R & and & R implies x R 3
. x * & ≡ & * x3$. for all x+ &+ (x R & and & R implies x R )3
8. x ' T x − '3
. for all x (x ≥ ') or (x ≤ −') or (x * ,)
>: tre or fase
Tre if x is #########F fase if x is ###########
Co"ine with EG iagra"s: See the igre in ne6t page.
CA: E
-
8/17/2019 3100-topic4 (2)
82/97
© Chinese University, CSE Dept. Software Engineering / 4 - @'
*( cass can e6ist ony if then"er of enroe stents isgreater than five, an then"er cannot e6cee thevae B(#E!GHLLBE!T+
∀ in CL(SS
7 ≤ carinaity V a Z Ma,O inE!GHLLED#! W
≤ .B(#E!GHLLBE!T
a: stent : cass
S2U5EC2
%1ASS
ECD.11E5!IC
CA: E
SE
AGE
SU?BE%2
%.UDSE!I5
:A!ECD.11:EC
() 1ogic Specifications
-
8/17/2019 3100-topic4 (2)
83/97
© Chinese University, CSE Dept. Software Engineering / 4 - @0
♦ Specifying co"pete progra"s:
inpt-otpt assertions5efinition/
1et P "e a seuential progra+ letTi'+ i+ H+ inR denote the seuence
of Ps input #alues and To'+o+
H+oR the seuence of Ps output
#alues
A propert&+ or reuireent+ for P isexpressed as
Pre (i'+i+H+in)V
P (!!!!!!!!!!!!!!)
Post(o'+o+H+o+i'+i+H+in)V
where Pre (i'+i
+H+i
n) denotes a 42
forula ha#ing i'+i+H+in as free #aria"lesand Post(o
'+o
+H+o
+i
'+i
+H+i
n)
denotes a
42 forula ha#ing o'+o
+H+o
and+
possi"l&+ i'+i
+H+i
n as free #aria"les.
Pre !!!!!!!!!!!!!!!!!! of P
Post !!!!!!!!!!!!!!!!! of P
Cote/ e#en siple spec pro"les a&reuire an& details and a& "e hard tounderstand
1ogic Specifications for %oplete Progras
-
8/17/2019 3100-topic4 (2)
84/97
© Chinese University, CSE Dept. Software Engineering / 4 - @4
npt-otpt assertions ass"ing integers in the foowing'. exists ( i' * × i( ) V
P
o' * i' i( V
. i' R i( VP
i' * i( × o' o( and o( ≥ , and o( T i( V
$. trueV
P (o * i' or o * i() and o ≥ i' and o ≥ i( V
no constraint on input
1ogic Specifications for %oplete Progras
-
8/17/2019 3100-topic4 (2)
85/97
© Chinese University, CSE Dept. Software Engineering / 4 - @7
8. i' R , and i
R , V
"
(e!ists '+
(i
' * o ×
' and i
* o ×
))
and not
(e!ists h (e!ists '+
(i
' * h ×
' and i
* h ×
) and h R o))V
-
8/17/2019 3100-topic4 (2)
86/97
© Chinese University, CSE Dept. Software Engineering / 4 - @=
Exaple/
input!word(+n) ≡ (for all i ( ≤ i ≤ n) implies alpha"etic(ci))
input!text(+n) ≡ ( i * YZ and in * YZ and
( e!ists F (for all M ('≤ M ≤ F) implies( e!ists h M+ M (input!word( M+ M h M) and
' * ' and F hF ' * n and
(' ≤ M T F) implies ( M)' * M h M and
i M)h M)' * Q Q ) ) ) ) ) )
ci is an alpha"etic character
h M / [length of Mth word\ '
M / starting position of Mth word
⇒ M h M / ending position of Mth word
F/ no. of words
n/ last word ends at
position F hF '/ first word start
fro position '
M'th
word starts fro the ending position of Mth word plus (' for space
charactor at position M h M ')
1ogic Specifications for %oplete Progras
-
8/17/2019 3100-topic4 (2)
87/97
© Chinese University, CSE Dept. Software Engineering / 4 - @>
inpt#te6t",n
Nwe#sha#overco"eN
< ####
"1 #### "' #### "0 ####
h1 #### h' #### h0 ####
"1[h1 #### "'[h' #### "0[h0 ####
⇒ specifying a co"pete progra" )ic
-
8/17/2019 3100-topic4 (2)
88/97
© Chinese University, CSE Dept. Software Engineering / 4 - @@
nter"eiate assertions: aow e6pressions in pre- an post-conitions
assertions to refer to progra" variaes
>. n R , V - n is a constant #alue
pro#edure search(ta"le/ in integer!arra&3 n/ in integer3 eleent/ in integer3found/ out oolean)3
found ≡ (e!ists i ('≤ i ≤ n and ta"le(i) * eleent)) V
N. n R , V
pro#edure re#erse(a/ in out integer!arra&3 n/ in integer)3
for all i (' ≤ i ≤ n) implies (a(i) * old !a(ni')) V
O. n R , Vpro#edure sort(a/ in out integer!arra&3 n/ in integer)3
sorted(a+ n) V+
sorted(a+n) ≡ (for all i ('≤ i T n) implies a(i) ≤ a(i'))
1ogic Specification for Specif&ing %lasses
-
8/17/2019 3100-topic4 (2)
89/97
© Chinese University, CSE Dept. Software Engineering / 4 - @A
♦ nvariant preicates an pre/post conitionsfor each "etho
♦E6a"pe of invariant specifying an arrayBIL i"pe"enting the astract ata type
SETfor all i, j (1 ≤ i ≤ length and 1 ≤ j ≤ length and i≠ j)implies 2"34i5≠2"34 j5
2"3 arra# o si6e length
(assure no 7777777777777 are stored)
1ogic Specification for Specif&ing Conterinating eha#iors
-
8/17/2019 3100-topic4 (2)
90/97
© Chinese University, CSE Dept. Software Engineering / 4 - A
♦ E6a"pe of non-ter"inating syste"s
###############
♦ E6a"pe: procer [ cons"er [ ffer ♦
nvariant specifies that whatever has eenproce is the concatenation of what has eenta
-
8/17/2019 3100-topic4 (2)
91/97
© Chinese University, CSE Dept. Software Engineering / 4 - A1
3 The principe of separation of concerns for spec:
Separate fnctiona specs fro" perfor"ance specs,fro" ser interface specs, etc.
3 non-fnctiona spec
? the attrite of a syste" which cannot e provie y
########################## 3 Separation of concerns "ay rest in sing ifferent
notations for specifying ifferent aspects of a syste"
? E.g., ( oc"ent proction syste" with two views 3
? DD: shows ata epenencies? SB: specifies orer of e6ections
5ata 4low 6iew (')
-
8/17/2019 3100-topic4 (2)
92/97
© Chinese University, CSE Dept. Software Engineering / 4 - A'
User
Formattingoptions
PredefinedText skeletons
Customers
Customer data(name, type ofdocument)
PrintDocument
PredefinedFormats
Documentproduction
5ocuent Production Exaple/
%ontrol 4low 6iew ()
-
8/17/2019 3100-topic4 (2)
93/97
© Chinese University, CSE Dept. Software Engineering / 4 - A0
Search inCustomers
Get user name
Get other data fromthe data base
Get other relevant datafrom user interaction
Get appropriate textskeletons frompredefined text library
Print document
Compose the document by choosingformatting options(this involves interaction with the user andaccess to the Formats data base)
(b)
uilding and Using Specifications in Practice
-
8/17/2019 3100-topic4 (2)
94/97
© Chinese University, CSE Dept. Software Engineering / 4 - A4
3 The principe of incre"entaity is no ess i"portant to
spec than to i"pe"entation. ncre"entaity sho eappie in the constrction of spec to the eve of rigoran for"aity.
3 ( spec oc"ent is say a "i6tre of infor"anatra angage sentences, se"ifor"a, figres, an
fy for"aiJe "oes. 3 P: Can we hope for one niversa spec angage
3 (: #######Q Spec angages are harer, "oreco"pe6 than progra""ing angages. e cannot
e6pect there wi e ony one niversa spec angageQ 3 The se of ######## is very i"portant
Specifications for the EndUser
-
8/17/2019 3100-topic4 (2)
95/97
© Chinese University, CSE Dept. Software Engineering / 4 - A7
♦Gigoros specs sho e se as co""onreference for procer an ser
♦They hep re"oving a"igity,inco"peteness, X
♦Can specs e nerstoo y en-ser 3 They can e the starting point for a ##########
3 They can spport so"e for" of ani"ation e.g.,
see Ietri nets
2opic 8 %onclusion (')
♦ Specifications escrie
-
8/17/2019 3100-topic4 (2)
96/97
© Chinese University, CSE Dept. Software Engineering / 4 - A=
♦ Specifications escrie
3 what the sers nee fro" a syste" re)ire"entsspecification
3 the esign of a software syste" esign an architectrespecification
3 the featres offere y a syste" fnctiona specification
3 the perfor"ance characteristics of a syste" perfor"ancespecification
3 the e6terna ehavior of a "oe "oe interfacespecification
3 the interna strctre of a "oe interna strctraspecification
2opic 8 %onclusion ()
-
8/17/2019 3100-topic4 (2)
97/97
© Chinese University, CSE Dept. Software Engineering / 4 - A>
♦Descriptions are given via sitae notations 3 There is no *iea+ notation
♦They "st e "oar
♦They spport co""nication an interaction
etween esigners an sers