formal methods in software engineering
DESCRIPTION
Formal Methods in Software Engineering. “And they made their lives bitter with hard bondage … all their service … was with rigour.” Ex 1:14. A Spectrum of Methods. More Formal. OCL and Z. Cleanroom. Traditional Models: Waterfall, Spiral, Incremental. Agile Methods: FDD and SCRUM. - PowerPoint PPT PresentationTRANSCRIPT
Formal Methods in Software Engineering
“And they made their lives bitter with hard bondage … all their service … was with rigour.” Ex 1:14
A Spectrum of Methods
Less Formal
More Formal
Cleanroom
OCL and Z
Traditional Models:Waterfall, Spiral, Incremental
Agile Methods:FDD and SCRUM
Characteristics of Formal Methods
Well-defined specification language Typically based on set-theoretical concepts Specifies by indicating operational conditions:
pre-conditions, post-conditions, and invariants Composed of three components:
syntax, semantics, and relations (operational statements) Emphasis on verification
Of program correctness Of completeness of description Of refinements to different abstractions
Testing De-emphasized
Advantages of Formal Methods
Consistency (fewer contradictions)Precision (less ambiguity)Completeness (extent of definitions more
clearly defined, so all cases handled)Descriptive Uniformity (less mixture
among levels of detail)
Set Theoretical Foundation for Formal Methods
See Section 28.3 Set Operators: , ∩, \, and x Logic Operators: and, or, not, implication Sequences: <a, b, c, d>, head, tail, front, last,
concatenation See Examples for Block Handler: pgs 775 and
788-790 (section 28.6.2) OCL Notation Summary (Table28.1), pg 785 Z Notation Summary (Table 28.2), pg 789
Block Handler Example: Constraints
No block will be marked as both free and used All the sets of blocks in the queue are subsets
of currently used blocks No elements of the queue contain the same
block numbers The collection of used and free blocks make
up the total collection of all blocks There are no duplicates among the free blocks There are no duplicates among the used
blocks
OCL Example: Block Handler
Context BlockHandler inv: (used->intersection(free))-> isEmpty()
Context BlockHandler inv: blockQ->forAll(aBlockSet | used->includesAll(aBlockSet))
Context BlockHandler inv: allBlocks = used->union(free)
Context BlockHandler::remove() pre: blockQ->size() > 0 post: used = used@pre – blockQ@pre->first() AND free = free@pre->union(blockQ@pre-> first()) AND blockQ = blockQ@pre-> excluding(blockQ@pre->first())
1 3 4 6 9
2 5 7 8 10 11 12
2 5 8 11 7
Block Queue
Free
Used
released
Z Example: Block Handler
used, free: powerSet BLOCKS blockQ: seq powerSet BLOCKS used ∩ free = Ø used U free = allBlocks forAll i: dom blockQ : blockQ i
subset used forAll i, j: dom blockQ : i ≠ j →
blockQ i ∩ blockQ j = Ø
removes(): Pre: #blockQ > 0 Post: used’=used–head blockQ
AND free’=free U head
blockQ AND
blockQ’=tail blockQ
1 3 4 6 9
2 5 7 8 10 11 12
2 5 8 11 7
Block Queue
Free
Used
released
Additional Points of Emphasis
Why completeness is difficult to achieve (pg 771)
Controversy over formal methods (pg 771)Areas in which formal methods may apply
(pg 770 – “Why is it important”)Area in which formal methods are difficult to
apply (pg 792)