dr. naveed riaz design and analysis of algorithms 1 1 formal methods in software engineering lecture...
TRANSCRIPT
Dr. Naveed Riaz
Design and Analysis of Algorithms
11
Formal Methods in Software Engineering
Lecture # 24
Dr. Naveed Riaz
Design and Analysis of Algorithms
22
Use of Formal Methods in SE Branch of computer science in which we argue and
analyze the computer programs using formal techniques.
Programs specification and verification. Constructing programs.
Each step written is valid and lead to a correct solution
Number of tools and techniques are available.
Dr. Naveed Riaz
Design and Analysis of Algorithms
33
Can we properly test the software? Famous saying by Dijesktra -> By testing we can
only prove the present of bug not the absence of bug In order to prove mathematical theorem, counter
examples are provided 1. All numbers are < 1000
You can either provide formal prove or counter example
Overhead with test cases: Not possible to write huge number of test cases
Dr. Naveed Riaz
Design and Analysis of Algorithms
44
Test Cases VS F-M Test two equal Strings .
isEqual (“Cat”, Dog”) – Expected output: False
isEqual (“Testing”, Testing”) – Expected output: True
isEqual (“House”, Home”) – Expected output: False
Many number of possibilities
Dr. Naveed Riaz
Design and Analysis of Algorithms
55
Test Cases VS F-M Programming Exp:.
Equal = strlen(String1)== strlen(String2);
If (equal)
for ( i =0; i<strlen(String1); i++)
equal = String1[i] = = String2 [i];
return equal;
Dr. Naveed Riaz
Design and Analysis of Algorithms
66
Structure Programming Same phenomena can be seen with structure
programming. Usage of flow graph to understand program structure
Components of flow graph (Sequence, selection and loop)
Dr. Naveed Riaz
Design and Analysis of Algorithms
88
Flow Graphs Bubble sort Flow graph
Sorted = false ; //1
While (!sorted){ //2
Sorted = true;
For(int i=0;i<size-1;i++){//3
If(a[i]>a[i+1]){ //4
Swap(a[i]>a[i+1]); //5
Sorted = false;
} //6
}//7
} //8
1
2
3
4
65
7
8
Dr. Naveed Riaz
Design and Analysis of Algorithms
99
Flow Graphs Base upon flow graphs we try to write test cases to test the
different components of flow graph
Limitations of these kind of testing
3 types of test coverage's that we have when using flow graphs
Statement coverage: We make sure that every statement must be executed at least once.
Branch Coverage: Identify branches and try to test all the branches
Path Coverage: Execute all possible paths and then write test cases
Dr. Naveed Riaz
Design and Analysis of Algorithms
1010
Path Coverage overhead For(int i=0; i<N; i++) { //1
If(condition1)
// some statement //2
Else
Some statement //3
//some statement
} //5
How many paths are there
For N iteration?
1
2 3
4
5
Dr. Naveed Riaz
Design and Analysis of Algorithms
1111
Model-based solution We try to develop model of the system
We analyze the correctness of these models using mathematical techniques
What is a Model? Why Model required and How it help us?
Diskstra’s Game
Dr. Naveed Riaz
Design and Analysis of Algorithms
1212
Model-based solution Color of the last ball?
1 Ball Game : Suppose there is only one ball in jar
2 Ball Game: Suppose there is two balls in jar -> 3 possibilities
Both White
Both Black
1 W, 1 B
Dr. Naveed Riaz
Design and Analysis of Algorithms
1414
Model-based solution If even number of white balls -> Last ball color Black
If odd number of white balls -> Last ball color White
Can you verify this for 100 balls in the jar? i.e. Our hypothesis is true or not?
To verify this we need formal proof -> built mathematical model
Dr. Naveed Riaz
Design and Analysis of Algorithms
1515
Mathematical Model If even number of white balls -> Last ball color Black
If odd number of white balls -> Last ball color White
(2 B out, 1 B in ) B-2+1, W=b-1, W
F(B,W) = (2 W out, 1 B in) B+1, W-2
(1 of each out, 1 W in) B-1, W-1+1 = B-1, W
In tow cases we reduces the black ball by 1 and maintain the number of white balls
In third case, we reduce the white ball by two and increases the black ball by 1.
Total number of balls is reduced by exactly one in each move.
Parity of the white ball does not change ( either 0 or 2)
Dr. Naveed Riaz
Design and Analysis of Algorithms
1616
Propositional Calculus Two tools will be used to built mathematical models ?
Logic and Set theory
What is a proposition? Statement which is either true or false e.g. My is name is Ali
(true or false)
A = B (true or false)
Which statement is not a proposition? You should read this book carefully.
Logic is built on proposition
Dr. Naveed Riaz
Design and Analysis of Algorithms
1717
Propositional Calculus Two tools will be used to built mathematical models ?
Logic and Set theory
What is a proposition? Statement which is either true or false e.g. My is name is Ali
(true or false)
A = B (true or false)
Which statement is not a proposition? You should read this book carefully.
Logic is built on proposition
Dr. Naveed Riaz
Design and Analysis of Algorithms
1818
Truth Table Implication
Only false when P (T) and F (F) otherwise implication is
always True.
If P is true only then we can make a statement about Q.
If P is false then we do not need to say any thing about Q.
Originally conditional statement (if or If-then-Else)
P Q P Q
T T T
T F F
F T T
F F T
Dr. Naveed Riaz
Design and Analysis of Algorithms
1919
Truth Table Bi-Conditional – (If and only If)
P > means p-> Q and Q ->P
Outcome is true if P and Q have the same value
If P and Q do not have same values then Bi-conditional is not true
Compare it with Exclusive OR
Can be used for equal statements
P Q P < Q
T T T
T F F
F F T
F T F
Dr. Naveed Riaz
Design and Analysis of Algorithms
2020
Tautology A Compound proposition which is always true,
irrespective of the truth values of the comprising propositions. p V ┐p
Contradiction -> Opposite to tautology. Proposition which is always false
p ˄ ┐p (outcome always false)
It is an important tool to prove the theorem
For example; We can take a hypothesis and then we can show that if we can assume something that end up in a logical contradiction and hence the hypothesis is incorrect else we can prove it.
Dr. Naveed Riaz
Design and Analysis of Algorithms
2121
Logical Equivalence
The proposition P and Q are called logically equivalent if p>q is tautology
It is written as;
P ≡Q
For example ; ┐(p v q) ≡ ┐p ˄ ┐q ( Demorgans Law)
Dr. Naveed Riaz
Design and Analysis of Algorithms
2222
Logic Puzzle The Island of Knights Knaves
Two types of resident -> Knights and Knaves
They have some special characteristics
Knights -> Always speak truth
Knaves -> Always speak lie
Based upon these information we need to solve some problems
Dr. Naveed Riaz
Design and Analysis of Algorithms
2323
Logic problem for the day Some one asks person A,
“Are you a knight?”
He replies, “If I am a knight then I will eat my hat”.
Prove that A has to eat his hat. Use the logic to solve this problem; First you have identify the proposition – then
hypothesis is required Think that what does this mean that a person A make a
statement “S” on island If person A is knight then statement “S” is true else
False
Dr. Naveed Riaz
Design and Analysis of Algorithms
2424
Logic problem for the day Two solution possible: Truth table and Logical
deduction rule First conversion to proposition is required
A is a knight: A
A eats his hat: H
If I am a knight then I will eat my hat.
A=> H
We have seen that ( X S)
Both have the same truth values there for;
(A A => H)
Dr. Naveed Riaz
Design and Analysis of Algorithms
2525
Using Truth Table Truth table column
A H A=> H A (A => H)
A H A=> H
T T T
F T T
T F F
F F T
Dr. Naveed Riaz
Design and Analysis of Algorithms
2626
Using Truth Table Truth table column
A H A=> H A (A => H)
A A=> H A (A => H)
T T T
F T F
T F F
F T F
Dr. Naveed Riaz
Design and Analysis of Algorithms
2727
Using Truth Table Truth table column
A H A=> H A (A => H)
A H A=> H A (A => H)
T T T T
F T T F
T F F F
F F T F
If another H having true result but with False value then?
Dr. Naveed Riaz
Design and Analysis of Algorithms
2828
Problem with Truth Table Any problem with the truth table? Perform good when the number of proposition is
small but if the number of proposition is large then? In truth table number of rows depends on the number
of variables: If we have two variables then … Another method is to built logical argument using
deduction rules.