Department of Computer Science Agent Communication Z CPSC 601.68/CPSC 599.68 Rob Kremer Department of Computer Science University of Calgary 27/02/2019

CPSC 609.68/599.68: Agent Communications Z A Formal Specification Language: Z based on set theory Types and sets are taken to be the same thing (after all, the denotation of a type is the set of things in the world that conform to that type). ZSL The real Z uses about a million symbols (slight exaggeration), but HTML is limited in it's character set (at least if we want to be platform independent). So we will use a dialect of Z called ZSL due to Xiaoping Jia (1995) which uses only common ASCII characters in glyph combinations to represent all the normal Z symbols. 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Axioms and Schema We can make some declarations, such as x is of type T (x:T), and can put some constraint on this, such as x must conform to predicate P (P(x)).  We write this in a big sideways T: | x:T |-------- | P(x) The above is called an axiom box. If we want to name this, it's called a schema box, and we make the big sideways T a big (right-side-up) E, and write its name in the upper bar.  If we name the schema BaseState, we can write: ---BaseState----------------- | x:T |----------- | P(x) ----------------------------- 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Example If we have established a type Block, and we need to say that there exists something in the world called myBlock that is a Block, and it's made of wood, we might say: | myBlock:Block |------------------- | wooden(myBlock) If we don't want to say that this is the state of the universe, but use it only in certain circumstances and refer to it later, then we make it a schema instead of an axiom: ---idealWorld-------------------- | myBlock:Block |------------------- | wooden(myBlock) --------------------------------- 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Example (continued) Now, we can use the named schema in a new schema: ---wonderfulWorld-------------------- | idealWorld |---------------------- | biggestBlock(myBlock) ------------------------------------- which says that a wonderfulWorld is something that has everything and meets all the conditions of an idealWorld, only that myBlock is also the biggestBlock. This would expand to: ---wonderfulWorld------------------------- | myBlock:Block |----------------------------------------- | wooden(myBlock) /\ biggestBlock(myBlock) ------------------------------------------ 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Logical Operators true false p /\ q p and q (conjunction) p \/ q p or q (disjunction) p => q p implies q (implication) p <=> q p implies q and q implies p (double imp) not p not p (negation) forall x:T | P@Q forall x of type T, expression P is true such that expression Q (universal quantification) exists x:T | P@Q there exists an x of type T for which expression P is true such that expression Q (existential quantification) exists1 x:T | P@Q there exists exactly one x of type T for which expression P is true such that expression Q (uniqueness)   27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Sequence operators operator return type a b c head paramType x tail seq paramType last front 27/02/2019 CPSC 609.68/599.68: Agent Communications

Other symbols operators and structures There are are are lots of other symbols and structures Stuctures include: sets ordered pairs relations functions numbers sequences bags Learning about all of these and all of the operators is beyond the scope of this lecture.  There is lots more to learn about Z too (such as generic schemata, selection, and schema combinators).  But we will skip that... 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Editor Example We want to specify a one-line text editor such as might be used as a text input box in a form or a dialog box.  27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Requirements We need to represent the text and to specify a few operations: insert: place a new character immediately after the cursor. backspace: delete the character immediacy before the cursor forward: move the cursor forward one character back: move the cursor back one character 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Buffer Let's represent the text (call it buffer) as a sequence: ---PrimBuffer---------------------- | buf: seq char ----------------------------------- [A seq (sequence) is an ordered bag of objects of some other type (in this case, char).] But we also need to represent the cursor.  We could do that as a integer index into the buffer, but that would lead to all sorts of complications with splitting the buffer to insert and remove characters in the middle.  27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications The cursor What we are really interested is not the offset of the cursor, but the sub-sequences before and after the cursor.  So let's not bother to represent the cursor, but we'll represent the segments of the buffer before and after the cursor: ---Buffer-------------------------- | PrimBuffer; | before,after: seq char |----------------------- | buf = before concat after ----------------------------------- [concat is an infix binary operator that "joins" two sequences to make one sequence.] 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Initialization Now, we don't have a requirement for it, but we need to specify the state the editor will start as an empty sequence: ---InitBuffer---------------------- | Buffer |----------------------- | buf = << >> ----------------------------------- [The symbol "<< >>" represents the empty sequence.  The symbols "<< 'a' , 'b' >>" represent the the sequence "ab".] 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Proof We don't have to say that before and after are empty sequences because we can prove that they are empty sequences: buf = before concat after  ; given #buf = #before + #after  ; [# is cardinality()] (1), length of concat'ed string is equal to the sum of the length of the 2 strings]  #buf = 0  ; given 0 = #before + #after  ; (2), (3), substitution #before = 0  ; (4), # is always >= 0 before = <<>>  ; (5), the empty seq is the only zero-length seq #after = 0  ; (4), # is always >=0 after=<<>>  ; (7), the empty seq is the only zero-length seq before = <<>> /\ after=<<>>  ; (8), (6), /\-introduction QED. 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Insert preliminaries Now to define insert.  Here we need a parameter (the character to insert).  We can specify parameters by using a special syntactical convention: we put a "?" character after its name.  There are a few such syntactical conventions; the following characters have special meaning when tagged onto the end of variable names: x The state of the variable at the beginning of processing the schema x' The state of the variable at the end of processing the schema x? x is an input parameter x! x is an output parameter 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Insert Now, specifying the insert operator is straightforward ---Insert-------------------------- | delta Buffer; | x?: character |----------------------- | head after' = x?; | tail after' = after; | before' = before  ---------------------------------- [The delta is used to introduce the primed (') versions of the state variables in Buffer.] 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Here, we needed to insert the new character, x, at the beginning of the after sequence.  The declarative way of doing this is to say the head (first element) of the new after sequence is the new character, x; the tail (everything after the head) of the new after is just all of the old after. But why did you bother to state that the old before is the same as the new before (before' = before)? In Z, if you don't say a variable stays the same (or you can't prove it), then it is free to change in any unpredictable way. 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Backspace Now, we can define the backspace operation: ---Backspace------------------------- | delta Buffer |----------------------- | before /= << >>; | before' = front before; | after' = after ------------------------------------- [The Z symbol "/=" is "not equal".] 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Here the statement "before /= <<>>" (before does not equal the empty sequence) is a precondition.  The operation cannot be performed if the condition is not met (you can't backspace past the beginning of the buffer). The second line of the body is just stating that the new before is the front (everything but the last element, last) of the old before. Why is the last statement ("after' = after") there? 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Forward Finally, the definition of forward ---Forward--------------------------- | delta Buffer |----------------------- | after /= << >>; | last before' = head after; | front before' = before; | after' = tail after ------------------------------------- 27/02/2019 CPSC 609.68/599.68: Agent Communications

CPSC 609.68/599.68: Agent Communications Exercises Define Back. Something is wrong with the Insert operation.  What is it?  Fix it.  (Hint: compute the contents of buf after the operations InitBuffer; Insert 'a'; Insert 'b'.  Is this what we would normally expect?) Now that you've fixed the problem in Insert, try proving that any given sequence in buf will not change after an Insert-Backspace operation.  (Don't worry about the exact method of proof or exactly what axioms you can use -- use a reasonable method and assume reasonable axioms.) Similarly, can you prove that (assuming x=last before) buf will be unchanged after a Backspace-Insert x operation? 27/02/2019 CPSC 609.68/599.68: Agent Communications