1 ATM Machine STATE ::= await_card | await_pin | await_2 nd _attempt | eject_card | await_amount | dispense_money EVENT ::= insert_card | enter_good_pin | enter_bad_pin | cancel | enter_amount | done FSM == (STATE X EVENT) ⇸ STATE no_change, control, transitions: FSM no_change = {s: STATE; e: EVENT (s, e) → s } control = no_change transitions Transitions = { (await_card, insert_card) → await_pin, (await_pin, enter_good_pin) → await_amount, (await_pin, enter_bad_pin) → await_2 nd _attempt, (await_pin, cancel) → await_card, (await_2 nd _attempt, enter_good_pin) → await_amount, (await_2 nd _attempt, enter_bad_pin) → eject_card, (eject_card, done) → await_card, (await_amount, cancel) → await_card, (await_amount, enter_amount) → dispense_money, (dispense_money, done) → await_card }

2 ATM – State diagram 1.Await card

3 ATM – State diagram 1.Await card 2. Await pin card

4 ATM – State diagram 1.Await card 3.Await 2 nd pin 2. Await pin card bad pin

5 ATM – State diagram 1.Await card 3.Await 2 nd pin 5.Await amount 2. Await pin card good pin bad pin

6 ATM – State diagram 1.Await card 4. Eject card 3.Await 2 nd pin 5.Await amount 2. Await pin card good pin bad pin

7 ATM – State diagram 1.Await card 4. Eject card 3.Await 2 nd pin 5.Await amount 2. Await pin done card good pin bad pin

8 ATM – State diagram 1.Await card 4. Eject card 3.Await 2 nd pin 6. Dispense money 5.Await amount 2. Await pin done card good pin bad pin good pin amount

9 ATM – State diagram 1.Await card 4. Eject card 3.Await 2 nd pin 6. Dispense money 5.Await amount 2. Await pin done card good pin bad pin good pin amount

10 ATM – State diagram 1.Await card 4. Eject card 3.Await 2 nd pin 6. Dispense money 5.Await amount 2. Await pin done card good pin bad pin good pin amount cancel

11 ATM – State diagram 1.Await card 4. Eject card 3.Await 2 nd pin 6. Dispense money 5.Await amount 2. Await pin done card good pin bad pin good pin amount cancel

12 ATM – State diagram 1.Await card 4. Eject card 3.Await 2 nd pin 6. Dispense money 5.Await amount 2. Await pin done card good pin bad pin good pin amount cancel

13 Insert card Enter good pin Enter bad pin cancelEnter amount Done 1. Await card 2. Await pin 3. Await 2 nd attempt 4. Eject card 5. Await amount 6. Dispense money State transition table

14 Insert card Enter good pin Enter bad pin cancelEnter amount Done 1. Await card 2 2. Await pin 3. Await 2 nd attempt 4. Eject card 5. Await amount 6. Dispense money State transition table

15 Insert card Enter good pin Enter bad pin cancelEnter amount Done 1. Await card 2 2. Await pin 5 3. Await 2 nd attempt 5 4. Eject card 5. Await amount 6. Dispense money State transition table

16 Insert card Enter good pin Enter bad pin cancelEnter amount Done 1. Await card 2 2. Await pin Await 2 nd attempt Eject card 5. Await amount 6. Dispense money State transition table

17 Insert card Enter good pin Enter bad pin cancelEnter amount Done 1. Await card 2 2. Await pin Await 2 nd attempt Eject card 5. Await amount 1 6. Dispense money State transition table

18 Insert card Enter good pin Enter bad pin cancelEnter amount Done 1. Await card 2 2. Await pin Await 2 nd attempt Eject card 5. Await amount Dispense money State transition table

19 Insert card Enter good pin Enter bad pin cancelEnter amount Done 1. Await card 2 2. Await pin Await 2 nd attempt Eject card 1 5. Await amount Dispense money 1 State transition table

20 ATM Machine STATE ::= await_card | await_pin | await_2 nd _attempt | eject_card | await_amount | dispense_money

21 ATM Machine STATE ::= await_card | await_pin | await_2 nd _attempt | eject_card | await_amount | dispense_money EVENT ::= insert_card | enter_good_pin | enter_bad_pin | cancel | enter_amount | done

22 ATM Machine STATE ::= await_card | await_pin | await_2 nd _attempt | eject_card | await_amount | dispense_money EVENT ::= insert_card | enter_good_pin | enter_bad_pin | cancel | enter_amount | done FSM == (STATE X EVENT) ⇸ STATE

23 ATM Machine STATE ::= await_card | await_pin | await_2 nd _attempt | eject_card | await_amount | dispense_money EVENT ::= insert_card | enter_good_pin | enter_bad_pin | cancel | enter_amount | done FSM == (STATE X EVENT) ⇸ STATE no_change, control, transitions: FSM

24 ATM Machine STATE ::= await_card | await_pin | await_2 nd _attempt | eject_card | await_amount | dispense_money EVENT ::= insert_card | enter_good_pin | enter_bad_pin | cancel | enter_amount | done FSM == (STATE X EVENT) ⇸ STATE no_change, control, transitions: FSM no_change = {s: STATE; e: EVENT (s, e) → s }

25 ATM Machine STATE ::= await_card | await_pin | await_2 nd _attempt | eject_card | await_amount | dispense_money EVENT ::= insert_card | enter_good_pin | enter_bad_pin | cancel | enter_amount | done FSM == (STATE X EVENT) ⇸ STATE no_change, control, transitions: FSM no_change = {s: STATE; e: EVENT (s, e) → s } control = no_change transitions

26 ATM Machine STATE ::= await_card | await_pin | await_2 nd _attempt | eject_card | await_amount | dispense_money EVENT ::= insert_card | enter_good_pin | enter_bad_pin | cancel | enter_amount | done FSM == (STATE X EVENT) ⇸ STATE no_change, control, transitions: FSM no_change = {s: STATE; e: EVENT (s, e) → s } control = no_change transitions transitions = { (await_card, insert_card) → await_pin, (await_pin, enter_good_pin) → await_amount, (await_pin, enter_bad_pin) → await_2 nd _attempt, (await_pin, cancel) → await_card,. …}

27 Last word for the formal methods 1.Not widely used in industry 2.Formal specifications can be examined mathematically 3.Informal specifications cannot be 4.A correct program can be shown to meet its specifications 5.Two specifications can be shown to be equivalent 6.Certain forms of incompleteness or inconsistencies can be detected automatically 7.Removes ambiguity 8.Encourages greater care in early stages 9.Focus is mainly on function and data aspects 10.A problem is that the timing, control, behavioural aspects are difficult to represent 11.Also, the methods are often difficult to learn