school of technology 1 z: operations on schemas david lightfoot based on work of andrew simpson
Post on 21-Dec-2015
215 views
TRANSCRIPT
2School of Technology
Reference
Using Z: Specification, Refinement, and Proof,
Jim Woodcock and Jim Davies,
Prentice-Hall,
1996
(Chapter 11)
3School of Technology
Agenda
• Operation schemas • Input and output • Initialisation schemas • Schema disjunction • Schema conjunction • Schema negation
4School of Technology
The schema language
• The schema language is used to structure and compose mathematical descriptions of systems
• It collates pieces of information, encapsulates them, and names them for re-use
• It is the second component of the Z notation; the first is the mathematical language
5School of Technology
Change of state
• To describe the effect of an operation, we consider two copies of the state schema: one describing the state before, the other describing the state afterwards
• An operation schema describes the relationship between the two states
• The inclusion of two copies of the state ensures that the constraint part of the state schema (the state invariant) is preserved
6School of Technology
Operation schemas
•An operation schema includes two copies of the corresponding state schema: Operation State State …
We use the undecorated state to represent the state before the operation and the primed state to represent the state afterwards
7School of Technology
Example
Purchase0 BoxOffice BoxOffice … s? seating \ dom sold sold = sold {s? c?} seating = seating
8School of Technology
Input and output
An operation may involve inputs and outputs
These are declared in the normal way, although there is a convention regarding their names:
• the name of an input must end in a question mark ?• the name of an output must end in an exclamation
mark !
10School of Technology
Example
Purchase0 BoxOffice BoxOffice s?: Seat c?: Customer s? seating \ dom sold sold = sold {s? c?} seating = seating
11School of Technology
(Delta) and (Xi)
There is another convention regarding operation schemas:
• if a schema describes an operation upon a state described by S, we include S (‘delta S’)in its declaration (in place of S and S)
• if, in addition, the operation leaves the state unchanged we include S (in place of S)
12School of Technology
Example
Purchase0 BoxOffice s?: Seat c?: Customer s? seating \ dom sold sold = sold {s? c?} seating = seating
13School of Technology
Example
• An operation that leaves the state of the box office unchanged:
QueryAvailability BoxOffice available!: available! = # (seating \ dom sold)
14School of Technology
Initialisation
• An initialisation is a special operation for which the before state is unimportant
• Such an operation can be modelled by an operation schema that contains only a decorated copy of the state:
StateInit State …
15School of Technology
Question
• How might we complete the following?
BoxOfficeInit BoxOffice allocation?: Seat …
16School of Technology
BoxOfficeInit
BoxOfficeInit BoxOffice allocation?: Seat seating = allocation? sold =
17School of Technology
Schema disjunction
• If S and T are two schemas then their disjunction, S T is also a schema
• in which the declaration is a merging of the two declarations
• in which the constraint is a disjunction (‘oring’) of the two constraints
18School of Technology
Schema conjunction
• If S and T are two schemas then their conjunction, S T is also a schema
• in which the declaration is a merging of the two declarations
• in which the constraint is a disjunction (‘anding’) of the two constraints
19School of Technology
Schema negation
• If S is a schema then its negation, Sis also a schema
• in which the declaration the same as that of S • in which the constraint is the negation (‘noting’) of the
constraint of S
20School of Technology
Examples
S a: A b: B P
T b: B c: C Q
S T is equivalent to:
a: A b: B c: C P Q
S T is equivalent to:
a: A b: B c: C P Q
22School of Technology
Example
If we define:
NotAvailable BoxOffice s?: Seat s? seating \ dom soldthen the schema disjunction
Purchase0 NotAvailable
describes a total operation
23School of Technology
Constructing operations
• Although disjunction is the obvious operator for constructing operation schemas, conjunction can also be useful
Response ::= okay | sorry
Success r!: Response r! = okay
Failure r!: Response r! = sorry
24School of Technology
Total operation
The operation of purchasing a seat may be described by:
Purchase (Purchase0 Success)
(NotAvailable Failure)
25School of Technology
Question
• How might we complete the following operation?
ReturnTicket0 BoxOffice s?: Seat c?: Customer …
26School of Technology
ReturnTicket0
ReturnTicket0 BoxOffice s?: Seat c?: Customer s? c? sold sold = sold \ {s? c?} seating = seating
27School of Technology
Question
• How might we complete the following operation?
ReturnNotPossible BoxOffice s?: Seat c?: Customer …
28School of Technology
ReturnNotPossible
ReturnNotPossible BoxOffice s?: Seat c?: Customer s? c? sold
29School of Technology
Summary
• We may use operation schemas to describe the effect of operations on the state of our system
• The inclusion of S in an operation schema denotes that the operation will change the state of S
• The inclusion of S indicates that the operation is concerned with the state of S, but will leave it unchanged
• Operation schemas may have input and output • An initialisation schema describes the state of our
system at the beginning of its life • Disjunction and conjunction may be used to combine
operation schemas