Upload File

formal mehod

36
An introduction to specification in VDM-SL At the end of this lecture you should be able to: write a formal specification of a system in VDM-SL; correlate the components of a UML class diagram with those of a VDM specification; declare constants and specify functions to enhance the specification; explain the use of a state invariant to place a global constraint on the system; explain the purpose of the nil value in VDM.

Upload: yoges0695

Post on 18-Nov-2015

230 views

Category:

Documents


3 download

Report

DESCRIPTION

Lecture 3

TRANSCRIPT

  • An introduction to specification in VDM-SLAt the end of this lecture you should be able to:write a formal specification of a system in VDM-SL;correlate the components of a UML class diagram with those of a VDM specification;declare constants and specify functions to enhance the specification;explain the use of a state invariant to place a global constraint on the system;explain the purpose of the nil value in VDM.

  • The Incubator case study The temperature of the incubator needs to be carefully controlled and monitored;

    Initially we will specify the software needed to monitor the incubator temperature;

    Later we will specify the software needed to monitor and control the incubator temperature.

    Safety requirements :

  • The UML specificationIncubatorMonitortemp : Integerincrement() decrement()getTemp() : Integer

  • Specifying the state in VDM-SL in VDM-SL the state refers to the permanent data that must be stored by the system, and which can be accessed by means of operations;

    It corresponds to the attributes in the class diagram;

    The state is specified by declaring variables, in a similar manner a programming language and UML.

    Each variables is given a name, and a VDM-SL type.

  • The intrinsic types available in VDM-SL

    :natural numbers (positive whole numbers)1 :natural numbers excluding zero: integers (positive and negative whole numbers): real numbers (positive and negative numbers that can include a fractional part) : boolean values (true or false)Char : the set of alphanumeric characters

  • Specifying the state of the Incubator Monitor Systemstate IncubatorMonitor ofendtemp : UMLVDM-SL

  • Specifying the operations in VDM-SL Each operation specified in VDM-SL as follows:

    the operation headerthe external clausethe preconditionthe postcondition

  • The increment operation increment()ext ?pre ?post ?temp < 10wr ?temp :

  • The decrement operation decrement()ext ?pre ?post ?temp > -10wr ?temp :

  • The getTemp operation getTemp()ext ?pre ?post ?currentTemp : rdtemp : currentTemp = temp TRUE

  • Declaring constantsIt is possible in VDM-SL to specify constants;It is done by using the keyword values;The declaration would come immediately before the state definition:valuesMAX : = 10MIN : = -10MIN

  • Specifying functionsA function is a set of assignments from one set to another;

    The function receives an input value (or values) and maps this to an output value according to some rule;hasPassed467950FALSE

    TRUEThere are two ways in which we can specify a function in VDM-SL

  • Specifying a function explicitly The style of this specification is algorithmic;

    We explicitly define the method of transforming the inputs to the output.Exampleadd: add(x, y) x + y signaturedefinition

  • Specifying a function implicitly We use a pre- and postcondition in the same way as we described for operations;

    A function, however, does not access the state variables.add( )pre ?post ?x, y: : z: z = x + yTRUE

  • An absolute function defined implicitly abs( )pre ?post ?z : r : z

  • An absolute function defined explicitly abs: abs(z) if z < 0 then -z else z

  • Recursive functions Some functions can be neatly specified by a recursive definition, whereby the function calls itself.Examplea factorial function:factorial: factorial(n) if n = 0 then 1 else n x factorial(n - 1)

  • State invariantsBefore we specified local constraint with preconditions.

    We can also specify a global constraint.

    In VDM-SL we incorporate such a restriction into the specification with a function called a state invariant;The invariant definition uses the keyword inv.

    Its signature will be:inv : State

  • Adding a state invariant into the IncubatorMonitor systeminv mk-IncubatorMonitor(t) MIN t MAX

  • Specifying an initialization function An initialization function is given the name init;

    We will assume that when the incubator is turned on, its temperature is adjusted until a steady 5 degrees Celsius is obtained.init mk-IncubatorMonitor(t) t = 5

  • The modified state specificationvaluesMAX : = 10MIN : = -10

    state IncubatorMonitor of temp : inv mk-IncubatorMonitor(t) MIN t MAXinit mk-IncubatorMonitor(t) t = 5end

  • Improving the Incubator System IncubatorController

    requestedTemp : IntegeractualTemp : Integer

    setIInitialTemp(Integer)requestChange(Integer) : Signalincrement() : Signaldecrement() : SignalgetRequestedTemp() : IntegergetActualTemp() : Integer

  • Enumerated typesThe signal sent to the hardware could be one of 3 possible values:an instruction to the hardware to increase the temperature;an instruction to the hardware to decrease the temperature;an instruction to the hardware to do nothing.

    A type that consists of a number of named values is often referred to as an enumerated type;

  • A standard method of marking a UML class as an enumerated type is to add above the type name:Enumerated types in UML

  • In VDM-SL the types clause is the appropriate place to define new types. Enumerated types in VDM-SLtypesSignal = |< DECREASE>|< DO_NOTHING>

    values..state..end

  • The nil value It is common in the programming world for a value to be undefined;VDM-SL allows for this concept by including the possibility of a term or expression having the value nil, meaning that it is undefined;We do that by placing square brackets around the type name: [] natural numbers or nil [] integers or nil. When the incubator system first comes into being, the actual and requested values will be undefined, and must therefore be set to nil;

  • Specifying the IncubatorController statestate IncubatorController ofrequestedTemp : []actualTemp : []

  • The invariant The actual temperature must not be allowed to go outside the range of -10 to +10 degrees; However we need now to allow for the possibility that it could be equal to the nil value;The same is true for the requested temperature. inv mk-IncubatorController (r, a) (MIN r MAX r = nil)(MIN a MAX a = nil)

  • Improving the readability of the spec by using a function inRange( )pre post val : result : result MIN val MAXTRUE inv mk-IncubatorController (r, a) (inRange(r) r = nil) (inRange(a) a = nil)

  • The initialisation function init mk-IncubatorController (r, a) r = nil a = nil

  • Specifying the setInitialTemp operationsetInitialTemp( ) ext pre post tempIn : wractualTemp : []actualTemp = tempIninRange(tempIn)actualTemp = nil

  • The requestChange operation requestChange( )extpre post tempIn : signalOut : SignalrequestedTemp : []wractualTemp : []rdrequestedTemp = tempIn()signalOut = signalOut = signalOut = tempIn < actualTemp tempIn > actualTemp tempIn = actualTemp actualTemp nilinRange(tempIn)

  • The increment operation increment ()ext pre post signalOut : SignalrequestedTemp : []rdactualTemp : []wrsignalOut = signalOut = ()actualTemp < requestedTemp actualTemp = requestedTemp actualTemp < requestedTemp requestedTemp nil actualTemp nil

  • The getRequestedTemp operationgetRequestedTemp() ext prepostcurrentRequested : []requestedTemp : []rdcurrentRequested = requestedTempTRUE

  • The getActualTemp operationgetActualTemp() ext prepostcurrentActual : []actualTemp : []rdcurrentActual = actualTempTRUE

  • A standard template for VDM-SL specifications typesSomeType = ..valuesconstantName : ConstantType = someValuestate SystemName ofattribute1 : Type:attributen : Typeinv mk-SystemName(i1:Type, ..., in:Type) Expression(i1, ..., in)init mk-SystemName(i1:Type, ..., in:Type) Expression(i1, ..., in)end functionsspecification of functions .....operationsspecification of operations .....


UNION’S FORMAL STEP A APPEALbranch142.com/documents/Formal Step A Files/Formal Step A Grieva… · NALC Formal Step A Representative Signature USPS Formal Step A Representative

Access to Formal and Quasi-Formal Credit by …Access to Formal and Quasi-Formal Credit iii Access to Formal and Quasi-Formal Credit by Smallholder Farmers and Artisanal Fishermen:

Impoved ST‑FZI mehod fo pemeabiliy eimaion o inclde he

Formal Language (1A) - Wikimedia€¦ · 22-05-2018  · 5/22/18 formal language formal language. of , . Formal Language (11A) Young Won Lim. Formal Language (11A) Young Won Lim

Educacion formal y no formal

ML RELEVANT FORMAL AND NON-FORMAL …

Pendidikan Formal, Formal, Tidak Formal Presentation)

O'neill,john the jazz mehod for saxophone

I3. educacion formal, no formal e informal

Pendidikan Formal Dan Non Formal

Participación ciudadana formal y no formal

Formal, Semi-Formal, & Informal English

Shape optimisation of an Automotive Rim using FEA and …engineering-sciences.uniroma2.it/MENU/DOC/TESI/2015/HABIB_Thesis... · To carry out the project we used Finite Element Mehod,using

Escola formal informal e não-formal

Pengaturan Ambang Batas Formal (Formal Threshold) Dalam

The interrelatedness of formal, non-formal and informal ... · The interrelatedness of formal, non-formal and informal learning: Evidence from labour market ... A discussion on formal,

Kelebihan dan kelemahan pentaksiran formal dan tidak formal

Ensino Formal-Não Formal e Informal

effluent treatment mehod

Formal – non-formal – informal learning Formal Non- formal Informal PE3 - Trine Pilegaard, HANSENBERG, Denmark - 2009 1 | DISTANCE LEARNING FOR APPRENTICES

3. Makalah Matematika · cognitive development formal bodied fully formal I integrated embodied symbolic embodying symbolism embodiment symbolic formal formal concepts

MULTIGRID METHOD MultiGrid Methods (MGM) Algebraic MultiGrid Method (AMG) Geometric MultiGrid Mehod (GMG)

EDUCAÇÃO AMBIENTAL FORMAL E NÃO FORMAL

Formal Pushdown Automata - Formal Definition and View

LINGUAGEM FORMAL VS INFORMAL Linguagem formal

Educação Formal e Não Formal

familytravelsonabudget.comTuxedo or suit for formal nights Dress shirt for formal nights Tie for formal nights Dress socks for formal nights Dress shoes for formal nights Sport jacket

COMPARACION ENTRE EDUCACION FORMAL, NO FORMAL E INFORMAL

Perbezaan Kawalan Sosial Formal & Tidak Formal

Relaciones entre educación formal, no formal e informal

Formal, non-formal and informal learning in the sciencesw.eatonintl.com/ non-formal and... · Formal, Non-formal and Informal Learning in the Sciences | 13 In the mid- to late 1990s,

Informal & Formal Words List A Informal Formal

Formal moduli problems and formal derived stacksjgrivaux.perso.math.cnrs.fr/articles/fmp.pdf · Formal moduli problems and formal derived stacks Damien Calaque and Julien Grivaux

EDUCACIÓN FORMAL Y EDUCACIÓN NO FORMAL: ACORTANDO …

Berbasis Sekolah Formal Non Formal