when are contracts complete
play

When are contracts complete? In post-condition , for each attribute - PowerPoint PPT Presentation

Nov 23, 2023 •142 likes •226 views

When are contracts complete? In post-condition , for each attribute , specify the relationship between its pre-state value and its post-state value. Writing Complete Contracts Eiffel supports this purpose using the old keyword. This is

  1. When are contracts complete? ● In post-condition , for each attribute , specify the relationship between its pre-state value and its post-state value. Writing Complete Contracts ○ Eiffel supports this purpose using the old keyword. ● This is tricky for attributes whose structures are composite rather than simple : e.g., ARRAY , LINKED LIST are composite-structured. e.g., INTEGER , BOOLEAN are simple-structured. EECS3311: Software Design ● Rule of thumb: For an attribute whose structure is composite, Fall 2017 we should specify that after the update: 1. The intended change is present; and C HEN -W EI W ANG 2. The rest of the structure is unchanged . ● The second contract is much harder to specify: ○ Reference aliasing [ ref copy vs. shallow copy vs. deep copy ] ○ Iterable structure [ use across ] 3 of 25 How are contracts checked at runtime? Account ● All contracts are specified as Boolean expressions. class ACCOUNT deposit ( a : INTEGER ) ● Right before a feature call (e.g., acc.withdraw(10) ): inherit do ANY balance := balance + a ○ The current state of acc is called its pre-state . redefine is_equal end ensure ○ Evaluate pre-condition using current values of attributes/queries. create balance = old balance + a make ○ Cache values of all expressions involving the old keyword in the end feature post-condition . is_equal ( other : ACCOUNT ): BOOLEAN owner : STRING do e.g., cache the value of old balance via old balance ∶ = balance balance : INTEGER Result := ● Right after the feature call: owner ∼ other . owner make ( n : STRING ) and balance = other . balance ○ The current state of acc is called its post-state . do end owner := n ○ Evaluate invariant using current values of attributes and queries. end balance := 0 ○ Evaluate post-condition using both current values and end “cached” values of attributes and queries. 2 of 25 4 of 25

  2. Bank Object Structure for Illustration class BANK create make feature We will test each version by starting with the same runtime object accounts : ARRAY [ ACCOUNT ] make do create accounts . make_empty end structure: account_of ( n : STRING ): ACCOUNT require BANK existing : across accounts as acc some acc . item . owner ∼ n end 0 1 b.accounts do . . . accounts ensure Result . owner ∼ n b end add ( n : STRING ) require ACCOUNT ACCOUNT non_existing : across accounts as acc all acc . item . owner / ∼ n end owner owner “Bill” “Steve” local new_account : ACCOUNT balance 0 balance 0 do create new_account . make ( n ) accounts . force ( new_account , accounts . upper + 1) end end 5 of 25 7 of 25 Roadmap of Illustrations Version 1: Incomplete Contracts, Correct Implementation class BANK We examine 5 different versions of a command deposit_on_v1 ( n : STRING ; a : INTEGER ) require across accounts as acc some acc . item . owner ∼ n end deposit on ( n ∶ STRING ; a ∶ INTEGER ) local i : INTEGER do from i := accounts . lower until i > accounts . upper V ERSION I MPLEMENTATION C ONTRACTS S ATISFACTORY ? loop 1 Correct Incomplete No if accounts [ i ]. owner ∼ n then accounts [ i ]. deposit ( a ) end 2 Wrong Incomplete No i := i + 1 3 Wrong Complete (reference copy) No end ensure 4 Wrong Complete (shallow copy) No num_of_accounts_unchanged : 5 Wrong Complete (deep copy) Yes accounts . count = old accounts . count balance_of_n_increased : account_of ( n ). balance = old account_of ( n ). balance + a end end 6 of 25 8 of 25

  3. Test of Version 1 Version 2: Incomplete Contracts, Wrong Implementation class TEST_BANK class BANK test_bank_deposit_correct_imp_incomplete_contract : BOOLEAN deposit_on_v2 ( n : STRING ; a : INTEGER ) local require across accounts as acc some acc . item . owner ∼ n end b : BANK local i : INTEGER do do comment ("t1: correct imp and incomplete contract") -- same loop as in version 1 create b . make b . add ("Bill") -- wrong implementation: also deposit in the first account b . add ("Steve") accounts[accounts.lower].deposit(a) ensure -- deposit 100 dollars to Steve’s account num_of_accounts_unchanged : b.deposit on v1 ("Steve", 100) accounts . count = old accounts . count Result := balance_of_n_increased : b . account_of ("Bill"). balance = 0 account_of ( n ). balance = old account_of ( n ). balance + a and b . account_of ("Steve"). balance = 100 end check Result end end end Current postconditions lack a check that accounts other than n end are unchanged. 9 of 25 11 of 25 Test of Version 1: Result Test of Version 2 class TEST_BANK test_bank_deposit_wrong_imp_incomplete_contract : BOOLEAN local b : BANK do comment ("t2: wrong imp and incomplete contract") create b . make b . add ("Bill") b . add ("Steve") -- deposit 100 dollars to Steve’s account b.deposit on v2 ("Steve", 100) Result := b . account_of ("Bill"). balance = 0 and b . account_of ("Steve"). balance = 100 check Result end end end 10 of 25 12 of 25

  4. Test of Version 2: Result Test of Version 3 class TEST_BANK test_bank_deposit_wrong_imp_complete_contract_ref_copy : BOOLEAN local b : BANK do comment ("t3: wrong imp and complete contract with ref copy") create b . make b . add ("Bill") b . add ("Steve") -- deposit 100 dollars to Steve’s account b.deposit on v3 ("Steve", 100) Result := b . account_of ("Bill"). balance = 0 and b . account_of ("Steve"). balance = 100 check Result end end end 13 of 25 15 of 25 Version 3: Test of Version 3: Result Complete Contracts with Reference Copy class BANK deposit_on_v3 ( n : STRING ; a : INTEGER ) require across accounts as acc some acc . item . owner ∼ n end local i : INTEGER do -- same loop as in version 1 -- wrong implementation: also deposit in the first account accounts[accounts.lower].deposit(a) ensure num_of_accounts_unchanged : accounts . count = old accounts . count balance_of_n_increased : account_of ( n ). balance = old account_of ( n ). balance + a others unchanged : across old accounts as cursor all cursor . item . owner / ∼ n implies cursor . item ∼ account_of ( cursor . item . owner ) end end end 14 of 25 16 of 25

  5. Version 4: Test of Version 4: Result Complete Contracts with Shallow Object Copy class BANK deposit_on_v4 ( n : STRING ; a : INTEGER ) require across accounts as acc some acc . item . owner ∼ n end local i : INTEGER do -- same loop as in version 1 -- wrong implementation: also deposit in the first account accounts[accounts.lower].deposit(a) ensure num_of_accounts_unchanged : accounts . count = old accounts . count balance_of_n_increased : account_of ( n ). balance = old account_of ( n ). balance + a others unchanged : across old accounts.twin as cursor all cursor . item . owner / ∼ n implies cursor . item ∼ account_of ( cursor . item . owner ) end end end 17 of 25 19 of 25 Test of Version 4 Version 5: Complete Contracts with Deep Object Copy class TEST_BANK class BANK test_bank_deposit_wrong_imp_complete_contract_shallow_copy : BOOLEAN deposit_on_v5 ( n : STRING ; a : INTEGER ) local require across accounts as acc some acc . item . owner ∼ n end b : BANK local i : INTEGER do do comment ("t4: wrong imp and complete contract with shallow copy") -- same loop as in version 1 create b . make -- wrong implementation: also deposit in the first account b . add ("Bill") accounts[accounts.lower].deposit(a) b . add ("Steve") ensure num_of_accounts_unchanged : accounts . count = old accounts . count -- deposit 100 dollars to Steve’s account balance_of_n_increased : b.deposit on v4 ("Steve", 100) account_of ( n ). balance = old account_of ( n ). balance + a Result := others unchanged : b . account_of ("Bill"). balance = 0 across old accounts.deep twin as cursor and b . account_of ("Steve"). balance = 100 all cursor . item . owner / ∼ n implies check Result end cursor . item ∼ account_of ( cursor . item . owner ) end end end end end 18 of 25 20 of 25

  6. Test of Version 5 Exercise ● Consider the query account of (n: STRING) of BANK . class TEST_BANK test_bank_deposit_wrong_imp_complete_contract_deep_copy : BOOLEAN ● How do we specify (part of) its postcondition to assert that the local b : BANK state of the bank remains unchanged: do comment ("t5: wrong imp and complete contract with deep copy") ○ [ × ] accounts = old accounts create b . make ○ [ × ] accounts = old accounts . twin b . add ("Bill") ○ [ × ] b . add ("Steve") accounts = old accounts . deep_twin ○ [ × ] accounts ˜ old accounts -- deposit 100 dollars to Steve’s account ○ [ × ] accounts ˜ old accounts . twin b.deposit on v5 ("Steve", 100) Result := ○ [ ✓ ] accounts ˜ old accounts . deep_twin b . account_of ("Bill"). balance = 0 ● Which equality of the above is appropriate for the and b . account_of ("Steve"). balance = 100 check Result end postcondition? end ● Why is each one of the other equalities not appropriate? end 21 of 25 23 of 25 Test of Version 5: Result Index (1) How are contracts checked at runtime? When are contracts complete? Account Bank Roadmap of Illustrations Object Structure for Illustration Version 1: Incomplete Contracts, Correct Implementation Test of Version 1 Test of Version 1: Result Version 2: Incomplete Contracts, Wrong Implementation Test of Version 2 Test of Version 2: Result 22 of 25 24 of 25

Recommend

Motivating Problem: Complete Contracts Abstractions via Mathematical Models Recall what we

Motivating Problem: Complete Contracts Abstractions via Mathematical Models Recall what we

Motivating Problem: Complete Contracts Abstractions via Mathematical Models Recall what we learned in the Complete Contracts lecture: In post-condition , for each attribute , specify the relationship between its pre-state value and its

278 views • 5 slides
Writing Complete Contracts EECS3311: Software Design Fall 2017 C HEN -W EI W ANG How are

Writing Complete Contracts EECS3311: Software Design Fall 2017 C HEN -W EI W ANG How are

Writing Complete Contracts EECS3311: Software Design Fall 2017 C HEN -W EI W ANG How are contracts checked at runtime? All contracts are specified as Boolean expressions. Right before a feature call (e.g., acc.withdraw(10) ): The

659 views • 25 slides
Board of Directors Operations Committee October 17, 2019 Complete 540 Project Update Rodger

Board of Directors Operations Committee October 17, 2019 Complete 540 Project Update Rodger

Board of Directors Operations Committee October 17, 2019 Complete 540 Project Update Rodger Rochelle, P.E. Chief Engineer 2 Complete 540 Project Update Complete 540 Three Contracts 3 Complete 540 Project Update Design-Build Contracts

810 views • 48 slides
COMPLETE INVENTORY CONTROL SOLUTIONS WHY INVENTORY SOLUTIONS? Secure long-term contracts

COMPLETE INVENTORY CONTROL SOLUTIONS WHY INVENTORY SOLUTIONS? Secure long-term contracts

COMPLETE INVENTORY CONTROL SOLUTIONS WHY INVENTORY SOLUTIONS? Secure long-term contracts Add Value to your Proposition Promote Partnership Grow business in existing accounts Better service your accounts Get your foot in the

706 views • 58 slides
3. Contracts 3.1 Meaning of Contract Law Terms 3.2 Formation of Contracts 3.3 Legal

3. Contracts 3.1 Meaning of Contract Law Terms 3.2 Formation of Contracts 3.3 Legal

3. Contracts 3.1 Meaning of Contract Law Terms 3.2 Formation of Contracts 3.3 Legal Incapacity to Enter Contracts 3.4 Third-Party Beneficiary Contracts 3.5 Assignment and Delegation of Contract Rights and Duties 3.6 Statute of Frauds

1.16k views • 97 slides
words? Now complete activity 1 Use this to help complete activity 2 Now complete activity 2 To

words? Now complete activity 1 Use this to help complete activity 2 Now complete activity 2 To

What is meant by word class? Here are some examples: Noun adjective verb Can you think of any more types of words? Now complete activity 1 Use this to help complete activity 2 Now complete activity 2 To uplevel a sentence is to

1.41k views • 120 slides
Relation with Other Contractual ADR Construction Work Contracts Procurement of Materials

Relation with Other Contractual ADR Construction Work Contracts Procurement of Materials

Compulsory Adjudication Effects, Procedure & Inter- Relation with Other Contractual ADR Construction Work Contracts Procurement of Materials and Labour Contracts Construction Consultancy Contracts Contracts Carried Out

535 views • 34 slides
Contracts 1 Contracts IC 6-1.1-4-17 Subject to the approval of the DLGF, a county

Contracts 1 Contracts IC 6-1.1-4-17 Subject to the approval of the DLGF, a county

Assessment and Software Contracts 1 Contracts IC 6-1.1-4-17 Subject to the approval of the DLGF, a county assessor may employ professional appraisers as technical advisors for assessments in all townships in the county. The DLGF may

266 views • 9 slides
Contracts Hot Topics - Compliant Contracts at the Speed of War Presented By: Ms. Marie Greening

Contracts Hot Topics - Compliant Contracts at the Speed of War Presented By: Ms. Marie Greening

One team, one voice delivering global acquisition insight that matters . Contracts Hot Topics - Compliant Contracts at the Speed of War Presented By: Ms. Marie Greening Chief Operations Officer 26 April 2017 Unclassified Agenda DCMA

240 views • 11 slides
SCE-Proposed QF PPA for Firm Power Contracts (Qualifying Facilities with Expiring Contracts)

SCE-Proposed QF PPA for Firm Power Contracts (Qualifying Facilities with Expiring Contracts)

SCE-Proposed QF PPA for Firm Power Contracts (Qualifying Facilities with Expiring Contracts) CPUC Workshop November 15, 2007 Introduction This presentation provides a summary level overview of key contract attributes contained in SCEs

349 views • 14 slides
Contracts 7 January 2019 OSU CSE 1 Contract Details Contracts in the APIs for OSU CSE

Contracts 7 January 2019 OSU CSE 1 Contract Details Contracts in the APIs for OSU CSE

Contracts 7 January 2019 OSU CSE 1 Contract Details Contracts in the APIs for OSU CSE components include these important features: Parameter modes Two stipulations: Parameter names in requires and ensures clauses always

408 views • 25 slides
10/2/2017 Types of Contracts Transactional Contracts versus Relational Contracts More

10/2/2017 Types of Contracts Transactional Contracts versus Relational Contracts More

10/2/2017 N EGOTIATING P ROFESSIONAL A GREEMENTS F ROM A C ONSULTANT S P ERSPECTIVE Van Collins, JD Nancie Boccio, MBA, JD President/CEO Senior Consultant, American Council of Parametrix Engineering Companies (ACEC) N OVEMBER 2017 S ETTING THE

593 views • 20 slides
Bilateral contracts Bilateral contracts are for a direct exchange of energy between a buyer and a

Bilateral contracts Bilateral contracts are for a direct exchange of energy between a buyer and a

Bilateral contracts Bilateral contracts are for a direct exchange of energy between a buyer and a seller, in a decentralized fashion They may both be producers and/or consumers Most likely a broker is involved... Eventually, the system operator

279 views • 12 slides
City of Alexandria Complete Streets Program What are Complete Streets? Complete Streets are

City of Alexandria Complete Streets Program What are Complete Streets? Complete Streets are

City of Alexandria Complete Streets Program What are Complete Streets? Complete Streets are streets designed for people of all ages and abilities, including children, older adults, and individuals with disabilities. These streets ensure safe and

580 views • 16 slides
Writing Smart Contracts Dionysis Zindros Smart Contracts Day Athens, March 2017 We talked all

Writing Smart Contracts Dionysis Zindros Smart Contracts Day Athens, March 2017 We talked all

Writing Smart Contracts Dionysis Zindros Smart Contracts Day Athens, March 2017 We talked all about what smart contracts are... ...but what does a real smart contract look like? Lets talk about writing actual Smart Contracts with code

809 views • 50 slides
Specification and Analysis of Contracts Lecture 2 Components, Services and Contracts Gerardo

Specification and Analysis of Contracts Lecture 2 Components, Services and Contracts Gerardo

Specification and Analysis of Contracts Lecture 2 Components, Services and Contracts Gerardo Schneider gerardo@ifi.uio.no http://folk.uio.no/gerardo/ Department of Informatics, University of Oslo SEFM School, Oct. 27 - Nov. 7, 2008 Cape

632 views • 45 slides
Specification and Analysis of Contracts Lecture 7 Specification of Deontic Contracts Using

Specification and Analysis of Contracts Lecture 7 Specification of Deontic Contracts Using

Specification and Analysis of Contracts Lecture 7 Specification of Deontic Contracts Using CL Gerardo Schneider gerardo@ifi.uio.no http://folk.uio.no/gerardo/ Department of Informatics, University of Oslo SEFM School, Oct. 27 - Nov. 7,

873 views • 54 slides
Contracts 101 April 2014 619.359.6600 | partnersdocs.com PPO Scorecard 34 Contracts Multiplan

Contracts 101 April 2014 619.359.6600 | partnersdocs.com PPO Scorecard 34 Contracts Multiplan

Contracts 101 April 2014 619.359.6600 | partnersdocs.com PPO Scorecard 34 Contracts Multiplan (Workers Comp) AETNA Health Aetna Medicare Advantage PPO National Provider Network/ Affiliated Health Funds Medavant Pacific Foundation for

506 views • 17 slides
government contracts special update A PUBLICATION OF VENABLE'S GOVERNMENT CONTRACTS TEAM March 12,

government contracts special update A PUBLICATION OF VENABLE'S GOVERNMENT CONTRACTS TEAM March 12,

government contracts special update A PUBLICATION OF VENABLE'S GOVERNMENT CONTRACTS TEAM March 12, 2009 AUTHORS President Obama Issues Memorandum to the Heads of Executive Departments and Paul Debolt

246 views • 3 slides
Management Contracts Next Phase City Council January 28, 2020 1 Terms of Current Contracts

Management Contracts Next Phase City Council January 28, 2020 1 Terms of Current Contracts

Addison Airport Management Contracts Next Phase City Council January 28, 2020 1 Terms of Current Contracts Real Estate Services - SAMI 2 Management Contracts Real Estate: SAMI Effective October 1, 2010 Expires September 30,

285 views • 27 slides
Contracts and the Object Constraint Language Perdita Stevens School of Informatics University of

Contracts and the Object Constraint Language Perdita Stevens School of Informatics University of

Contracts and the Object Constraint Language Perdita Stevens School of Informatics University of Edinburgh Plan 1. Introducing the use of contracts in development 2. Contracts in English 3. Contracts in the Object Constraint Language (part of

651 views • 29 slides
government contracts update A PUBLICATION OF VENABLE'S GOVERNMENT CONTRACTS GROUP March 31, 2009

government contracts update A PUBLICATION OF VENABLE'S GOVERNMENT CONTRACTS GROUP March 31, 2009

government contracts update A PUBLICATION OF VENABLE'S GOVERNMENT CONTRACTS GROUP March 31, 2009 US-Iraq SOFA and Recent Decisions Highlight Risks AUTHORS for US Contractors Supporting US Efforts

425 views • 6 slides
Wireless Technology and Contracts Negotiating AMI and Cell Site Contracts ACWA Legal Affairs

Wireless Technology and Contracts Negotiating AMI and Cell Site Contracts ACWA Legal Affairs

Wireless Technology and Contracts Negotiating AMI and Cell Site Contracts ACWA Legal Affairs Committee CLE Spring Workshop May 8, 2018 Gail A. Karish, Partner, Best Best & Krieger LLP Jim Ollerton, Director of Information Technology, EVMWD

619 views • 61 slides
Complete Knowledge Assumption Often you want to assume that your knowledge is complete. Example:

Complete Knowledge Assumption Often you want to assume that your knowledge is complete. Example:

Complete Knowledge Assumption Often you want to assume that your knowledge is complete. Example: assume that a database of what students are enrolled in a course is complete. We dont want to have to state all negative enrolment facts! The

612 views • 32 slides

More recommend