Developed by Robert Olson Chapter 28 Formal Methods
Developed by Robert Olson Formal Methods The purpose of formal methods are to assist with project specification. These are not widely used in the industry.
Developed by Robert Olson Definition A method is formal if it has a sound mathematical basis, typically given by a formal specification of language.
Developed by Robert Olson Desired Properties Consistency Completeness Lack of amiguity
Developed by Robert Olson Problems of Informal Methods Contradictions Ambiguities Vagueness Incompleteness Mixed levels of abstraction
Developed by Robert Olson Formal Method Concepts Symbol Table Block Handler
Developed by Robert Olson Symbol Table Data invariant State Operation
Developed by Robert Olson Block Handler All sets of blocks held in the queue will be subsets of the collection of currently used blocks No elements of the queue will contain the same block numbers The collection of used and unused blocks will be the total collection of blocks that make up files The collection of unused blocks will have no duplicate block numbers The collection of used blocks will have no duplicate block numbers
Developed by Robert Olson Set Operators # operator returns cardinality: #(a, b, c) = 3 ε operator signals membership: x ε X c operator signals set membership: A c B ∩ operator signals intersection: A ∩ B U operator signals union: A U B X operator signals Cartesian Product: A x B P operator signals power set: P{1,2,3}
Developed by Robert Olson Logic Operators ^ = and V = or ~, `, ‘, ⌐ = not => = implies Hardware failure
Developed by Robert Olson Sequences A sequence is a mathematical structure that models the fact that its elements are ordered. Sequences differ from sets since duplication is allowed.
Developed by Robert Olson Huh? Block Handler Example Define set A as all the blocks in the system #A = number of blocks in the system Define set B as all the unused blocks in the system and set C as all the used blocks A = {B, C} #B < #A B c A
Developed by Robert Olson OCL: Object Constraint Language x,yObtain property y of object x c->f()Apply built in function f to collection c itself. and/or/=/ Standard meanings p implies qIf p then q. Always true if q is true or p is false
Developed by Robert Olson Sample OCL Operations C = {1, 2, 3, 4, 5} C1= {1, 3, 5} C2= {0, 6, 7} c -> size()= 5 c -> isEmpty()= false c -> includesAll(C1)= true c -> excludesAll(C2)= true
Developed by Robert Olson Sample OCL Operations cont. C1 -> intersection(C2)= θ C1 -> union(C2)= {0,1,3,5,6,7} C -> first()= 1 C -> last()= 5 C -> find(x:x ε C and x<4)= {1, 2, 3}
Developed by Robert Olson Z Specification Language S : P XS is declared as a set of Xs x ε Sx is a member of S. S c TS is a subset of T S U TThe union of S and T P ^ QP and Q P => QP implies Q
Developed by Robert Olson Z Specification Language F:X >+> Yf is declared as a partial injection from X to Y dom FThe domain of f ran FThe range of f {x} ∆ FA function like f, except that x is removed from its domain
Developed by Robert Olson Problems with Formal Methods Complicated & Confusing Special Training Expensive Difficult to understand for those who aren’t trained
Developed by Robert Olson Ten Commandments Thou shalt choose the appropriate notation. Thou shalt formalize, but not overformalize. Thou shalt estimate costs. Thou shalt have a formal methods guru on call. Thou shalt not abandon thy traditional developmental methods.
Developed by Robert Olson Ten Commandments cont. Thou shalt document sufficiently. Thou shalt not compromise thy quality standards. Thou shalt not be dogmatic. Thou shalt test, test, and test again. Thou shalt reuse.