Transcript PowerPoint

CS 501: Software Engineering
Lecture 10
Techniques for Requirements Definition
and Specification II
1
CS 501 Spring 2002
Administration
2
CS 501 Spring 2002
Formal Specification
Why?
 Precise standard to define and validate software.
Why not?
 May be time consuming
 Methods are not suitable for all applications
3
CS 501 Spring 2002
Formal Specification using
Mathematical Notation
Example:
B1, B2, ... Bk is a sequence of m x m matrices
1, 2, ... k is a sequence of m x m elementary matrices
B1-1 = 1
B2-1 = 21
Bk-1 = k ... 21
The numerical accuracy must be such that, for all k,
BkBk-1 - I < 
4
CS 501 Spring 2002
Formal Specification Using Diagrams
Pascal number syntax
unsigned integer
digit
unsigned number
unsigned integer
+
.
digit
unsigned integer
E
-
5
CS 501 Spring 2002
Formal Specification of Programming
Languages
Pascal number syntax
<unsigned number> ::= <unsigned integer> | <unsigned real>
<unsigned integer> ::= <digit> {<digit>}
<unsigned real> ::= <unsigned integer> . <digit> {<digit>} |
<unsigned integer> . <digit> {<digit>} E <scale factor> |
<unsigned integer> E <scale factor>
<scale factor> ::= <unsigned integer> | <sign> <unsigned integer>
<sign> ::= + | -
6
CS 501 Spring 2002
Formal Specification using Z ("Zed")
Ben Potter, Jane Sinclair, David Till,
An Introduction to Formal Specification and Z
(Prentice Hall) 1991
Jonathan Jacky
The Way of Z
(Cambridge University Press) 1997
7
CS 501 Spring 2002
Two Rules
 Formal specification does not guarantee correctness
 Formal specification does not prescribe the
implementation
8
CS 501 Spring 2002
Example: Specification using Z
Informal: The function intrt(a) returns the largest integer
whose square is less than or equal to a.
Formal (Z):
intrt: N
N
a : N•
intrt(a) * intrt(a) < a < (intrt(a) + 1) * (intrt(a) + 1)
9
CS 501 Spring 2002
Example: Algorithm
Static specification does not describe the
design of the system.
A possible algorithm uses the mathematical
identity:
1 + 3 + 5 + ... (2n - 1) = n2
10
CS 501 Spring 2002
Example: Program
int intrt (int a)
/* Calculate integer square root */
{
int i, term, sum;
term = 1; sum = 1;
for (i = 0; sum <= a; i++)
{
term = term + 2;
sum = sum + term;
}
return i;
}
11
CS 501 Spring 2002
Formal Specification Using Finite
State Machine
A broadly used method of formal specification:
 Event driven systems (e.g., games)
 User interfaces
 Protocol specification
etc., etc., ...
12
CS 501 Spring 2002
Finite State Machine
Example:
Therapy control console
[informal description]
13
CS 501 Spring 2002
State Transition Diagram
Select field
Enter
Patients
Enter
Fields
Start
(ok)
Setup
Beam
on
Ready
Stop
(interlock)
Select patient
14
CS 501 Spring 2002
State Transition Table
Select Select
Enter
Patient Field
Patients
Fields Patients
Setup Patients Fields
Ready Patients Fields
Beam
on
15
ok
Start
Stop interlock
Fields
Setup
Ready
Beam
on
Setup
Ready Setup
CS 501 Spring 2002
Z Specification
STATE ::= patients | fields | setup | ready | beam_on
EVENT ::= select_patient | select_field | enter | start | stop
| ok | interlock
FSM == (STATE X EVENT)
STATE
no_change, transitions, control : FSM
Continued on next slide
16
CS 501 Spring 2002
Z Specification (continued)
control = no_change
transitions
no_change = { s : STATE; e : EVENT • (s, e)
transitions = { (patients, enter)
(fields, select_patient)
s}
fields,
patients, (fields, enter)
setup,
(setup, select_patient) patients, (setup, select_field)
(setup, ok)
ready,
fields,
(ready, select_patient) patients, (ready, select_field) fields,
(ready, start) beam_on, (ready, interlock) setup,
(beam_on, stop)
17
ready, (beam_on, interlock) setup }
CS 501 Spring 2002
Schemas
Schema:
 Enables complex system to be specifed as
subsystems
 The basic unit of formal specification.
 Describes admissible states and operations of a
system.
18
CS 501 Spring 2002
LibSys: An Example of Z
Library system:
 Stock of books
 Registered users.
 Each copy of a book has a unique identifier.
 Some books on loan; other books on shelves available for
loan.
 Maximum number of books that any user may have on
loan.
19
CS 501 Spring 2002
LibSys: Operations
 Issue a copy of a book to a reader.
 Reader returns a book.
 Add a copy to the stock.
 Remove a copy from the stock.
 Inquire which books are on loan to a reader.
 Inquire which readers has a particular copy of a book.
 Register a new reader.
 Cancel a reader's registration.
20
CS 501 Spring 2002
LibSys
Level of Detail:
Assume given sets:
Copy, Book, Reader
Global constant:
maxloans
21
CS 501 Spring 2002
Domain and Range
X
dom m
x
m:X
22
m
ran m
y
Y
Y
domain:
dom m = { x  X :  y  Y  x
y}
range:
ran m = { y  Y :  x  X  x
y}
CS 501 Spring 2002
LibSys: Schema for Abstract States
Library
stock : Copy
Book
issued : Copy
Reader
shelved : F Copy
readers: F Reader
shelved  dom issued = dom stock
shelved  dom issued = Ø
ran issued  readers
r : readers • #(issued  {r}) < maxloans
23
CS 501 Spring 2002
Schema Inclusion
LibDB
stock : Copy
Book
readers: F Reader
LibLoans
issued : Copy
Reader
shelved : F Copy
r : Reader • #(issued  {r}) < maxloans
shelved  dom issued = Ø
24
CS 501 Spring 2002
Schema Inclusion (continued)
Library
LibDB
LibLoans
dom stock = shelved  dom issued
ran issued  readers
25
CS 501 Spring 2002
Schemas Describing Operations
Naming conventions for objects:
Before: plain variables, e.g., r
After: with appended dash, e.g., r'
Input: with appended ?, e.g., r?
Output: with appended !, e.g., r!
26
CS 501 Spring 2002
Operation: Issue a Book
 Inputs: copy c?, reader r?
 Copy must be shelved initially: c?  shelved
 Reader must be registered: r?  readers
 Reader must have less than maximum number of books on loan:
#(issued  {r?}) < maxloans
 Copy must be recorded as issued to the reader:
issued' = issued  {c?
r?}
27
 The stock and the set of registered readers are unchanged:
stock' = stock; readers' = readers
CS 501 Spring 2002
Operation: Issue a Book
Issue
stock, stock' : Copy
Book
issued, issued' : Copy
Reader
shelved, shelved': F Copy
readers, readers' : F Reader
c?: Copy; r? :Reader
[See next slide]
28
CS 501 Spring 2002
Operation: Issue a Book (continued)
Issue
[See previous slide]
shelved  dom issued = dom stock
shelved'  dom issued' = dom stock'
shelved  dom issued = Ø; shelved'  dom issued' = Ø
ran issued  readers; ran issued'  readers'
r : readers  #(issued  {r}) < maxloans
r : readers'  #(issued'  {r}) < maxloans
c?  shelved; r?  readers; #(issued  {r?}) < maxloans
issued' = issued  {c?
r?}
stock' = stock; readers' = readers
29
CS 501 Spring 2002
Schema Decoration
Issue
Library
Library'
c? : Copy; r? : Reader
c?  shelved; r?  readers
#(issued  {r?}) < maxloans
issued' = issued  {c?
r?}
stock' = stock; readers' = readers
30
CS 501 Spring 2002
Schema Decoration
Issue
Library
c? : Copy; r? : Reader
c?  shelved; r?  readers
#(issued  {r?}) < maxloans
issued' = issued  {c? r?}
stock' = stock; readers' = readers
31
CS 501 Spring 2002
The Schema Calculus
Schema inclusion
Schema decoration
Schema disjunction:
^ AddKnownTitle  AddNewTitle
AddCopy =
Schema conjunction:
^ EnterNewCopy  AddCopyAdmin
AddCopy =
Schema negation
Schema composition
32
CS 501 Spring 2002