techniques for the
play

Techniques for the system requirements unambiguous To describe - PDF document

Formal Specification Objectives To explain why formal specification techniques help discover problems in Techniques for the system requirements unambiguous To describe the use of algebraic techniques for interface specification of


  1. Formal Specification Objectives • To explain why formal specification techniques help discover problems in • Techniques for the system requirements unambiguous • To describe the use of algebraic techniques for interface specification of specification software • To describe the use of model-based techniques for behavioural specification Formal methods Topics covered • Formal specification in the software • Formal specification is part of a more general collection of techniques that are process known as ‘formal methods’ • Interface specification • These are all based on mathematical • Behavioural specification representation and analysis of software • Formal methods include – Formal specification – Specification analysis and proof – Transformational development – Program verification 1

  2. Acceptance of formal methods Use of formal methods • Formal methods have not become • Their principal benefits are in mainstream software development reducing the number of errors in techniques as was once predicted systems so their main area of – Other software engineering techniques have applicability is critical systems been successful at increasing system quality. • In this area, the use of formal – Market changes have made time-to-market rather than software with a low error count methods is most likely to be cost- the key factor. Formal methods do not effective reduce time to market – Formal methods are hard to scale up to large systems Specification in the software Specification and design process • Specification and design are Requirements intermingled. Definition • Architectural design is essential to Requirements structure a specification. Specification • Formal specifications are expressed Architectural in a mathematical notation with Design precisely defined vocabulary, syntax Software and semantics. Specification Specification High-level Design Design 2

  3. Specification in the software Specification techniques process • Algebraic approach – The system is specified in terms of its Requirements Formal operations and their relationships Specification Specification • Model-based approach Requirements High-level – The system is specified in terms of a Definition Design state model that is constructed using mathematical constructs such as sets System Architectural Modeling Design and sequences. Operations are defined by modifications to the system’s state Formal specification languages Use of formal specification • Formal specification involves investing Sequential Concurrent more effort in the early phases of software development • This reduces requirements errors as it forces a detailed analysis of the Algebraic Larch Lotos requirements • Incompleteness and inconsistencies can be discovered and resolved Model-based 1. Z 1. CSP • Hence, savings as made as the amount of 2. VDM 2. Petri Nets rework due to requirements problems is 3. B reduced 3

  4. Interface specification Development costs with formal specification • Large systems are decomposed into Validation subsystems with well-defined interfaces Validation between these subsystems Design & Implementation • Specification of subsystem interfaces Design & allows independent development of the Implementation Cost Specification different subsystems • Interfaces may be defined as abstract data types or object classes Specification • The algebraic approach to formal specification is particularly well-suited to interface specification Without formal specification With formal specification The structure of an algebraic Sub-system interfaces specification Interface <Specification Name> (Generic Parameter) objects Sort <name> Imports <list of specification names> Sub-system Sub-system Informal description of the sort and its operations A B Operation signatures setting out the names and the types of the parameters to the operations defined over the sort Axioms defining the operations over the sort 4

  5. Systematic algebraic Specification components specification • Introduction • Algebraic specifications of a system – Defines the sort (the type name) and may be developed in a systematic declares other specifications that are used way • Description – Specification structuring. – Informally describes the operations on the type – Specification naming. • Signature – Operation selection. – Defines the syntax of the operations in the – Informal operation specification interface and their parameters • Axioms – Syntax definition – Defines the operation semantics by defining – Axiom definition axioms which characterise behaviour Interface specification in critical Specification operations systems • Consider an air traffic control system • Constructor operations. Operations where aircraft fly through managed which create entities of the type sectors of airspace being specified • Each sector may include a number of • Inspection operations. Operations aircraft but, for safety reasons, these must be separated which evaluate entities of the type • In this example, a simple vertical being specified separation of 300m is proposed • To specify behaviour, define the • The system should warn the controller if inspector operations for each aircraft are instructed to move so that the separation rule is breached constructor operation 5

  6. A sector object Primitive operations • Critical operations on an object • It is sometimes necessary to introduce additional operations to simplify the representing a controlled sector are specification – Enter. Add an aircraft to the • The other operations can then be controlled airspace defined using these more primitive – Leave. Remove an aircraft from the operations controlled airspace • Primitive operations – Move. Move an aircraft from one – Create. Bring an instance of a sector into height to another existence – Lookup. Given an aircraft identifier, – Put. Add an aircraft without safety checks return its current height – In-space. Determine if a given aircraft is in the sector – Occupied. Given a height, determine if there is an aircraft within 300m of that height Specification commentary Sector specification • Use the basic constructors Create and Put to specify other operations • Define Occupied and In-space using Create and Put and use them to make checks in other operation definitions • All operations that result in changes to the sector must check that the safety criterion holds 6

Recommend


More recommend