Formal Methods in SE Lecture 20. Agenda 2  Relations in Z Specification Formal Methods in SE.

Slides:



Advertisements
Similar presentations
The Logic of Quantified Statements
Advertisements

1 How to transform an analyzer into a verifier. 2 OUTLINE OF THE LECTURE a verification technique which combines abstract interpretation and Park’s fixpoint.
Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 11.
L41 Lecture 2: Predicates and Quantifiers.. L42 Agenda Predicates and Quantifiers –Existential Quantifier  –Universal Quantifier 
Week 1 Chapter 1 + Appendix A Signals carry information Signals are represented by functions Systems transform signals Systems are represented by functions,
Computability and Complexity 8-1 Computability and Complexity Andrei Bulatov Logic Reminder.
9/28/98 Prof. Richard Fikes First-Order Logic Knowledge Interchange Format (KIF) Computer Science Department Stanford University CS222 Fall 1998.
EECS 20 Lecture 3 (January 22, 2001) Tom Henzinger Sets, Tuples, Functions.
1 Math 306 Foundations of Mathematics I Math 306 Foundations of Mathematics I Goals of this class Introduction to important mathematical concepts Development.
1 Predicates and quantifiers Chapter 8 Formal Specification using Z.
EECS 20 Lecture 2 (January 19, 2001) Tom Henzinger Mathematical Language.
Week 1 1.websitewebsite 2.takehome examtakehome 3.Chapter Appendix A.
Discrete Mathematics Math 6A Instructor: M. Welling.
Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 6 The Relational Algebra and Relational Calculus.
Copyright © Cengage Learning. All rights reserved.
CSE115/ENGR160 Discrete Mathematics 01/20/11 Ming-Hsuan Yang UC Merced 1.
Adapted from Discrete Math
Predicates and Quantifiers
True or False Unit 3 Lesson 7 Building Blocks of Decision Making With Additions & Modifications by Mr. Dave Clausen True or False.
Discrete Mathematics Goals of a Discrete Mathematics Learn how to think mathematically 1. Mathematical Reasoning Foundation for discussions of methods.
Discrete Mathematics and Its Applications
A Brief Summary for Exam 1 Subject Topics Propositional Logic (sections 1.1, 1.2) –Propositions Statement, Truth value, Proposition, Propositional symbol,
Lecture 3 [Self Study] Relational Calculus
Logic Specification and Z Schema 3K04 McMaster. Basic Logic Operators Logical negation ( ¬ ) Logical conjunction ( Λ or & ) Logical disjunction ( V or.
INTRODUCTION TO THE THEORY OF COMPUTATION INTRODUCTION MICHAEL SIPSER, SECOND EDITION 1.
CSE314 Database Systems The Relational Algebra and Relational Calculus Doç. Dr. Mehmet Göktürk src: Elmasri & Navanthe 6E Pearson Ed Slide Set.
Chapter 1, Part II: Predicate Logic With Question/Answer Animations.
Pattern-directed inference systems
2.3Logical Implication: Rules of Inference From the notion of a valid argument, we begin a formal study of what we shall mean by an argument and when such.
TIVDM1Modelling unordered collections1 Peter Gorm Larsen.
Second-Order Functions and Theorems in ACL2 Alessandro Coglio Workshop 2015 Kestrel Institute.
TIVDM1VDMTools and Logic1 Peter Gorm Larsen. TIVDM1VDMTools and Logic2 Agenda  Overview of VDMTools ® Functionality Demonstration of VDMTools ® and Rational.
TIVDM1Development process, Logic and VDMTools and Eclipse 1 RT development process, Logic and VDMTools and Eclipse support Peter Gorm Larsen.
Chapter 1, Part II: Predicate Logic With Question/Answer Animations.
Albert Gatt LIN3021 Formal Semantics Lecture 4. In this lecture Compositionality in Natural Langauge revisited: The role of types The typed lambda calculus.
TIVDM1RT Development process, Abstract Syntax Trees and Logic 1 RT development process, Abstract Syntax Trees and Logic Peter Gorm Larsen
Thinking Mathematically
Fall 2008/2009 I. Arwa Linjawi & I. Asma’a Ashenkity 1 The Foundations: Logic and Proofs Predicates and Quantifiers.
Formal Methods in SE Lecture 16 Formal Methods in SE Qaisar Javaid Assistant Professor.
CS 285- Discrete Mathematics Lecture 4. Section 1.3 Predicate logic Predicate logic is an extension of propositional logic that permits concisely reasoning.
Logic UNIT 1.
Types and Programming Languages
1 Logic Our ability to state invariants, record preconditions and post- conditions, and the ability to reason about a formal model depend on the logic.
Albert Gatt LIN3021 Formal Semantics Lecture 3. Aims This lecture is divided into two parts: 1. We make our first attempts at formalising the notion of.
Week 4 - Friday.  What did we talk about last time?  Floor and ceiling  Proof by contradiction.
EEL 5937 Content languages EEL 5937 Multi Agent Systems Lecture 10, Feb. 6, 2003 Lotzi Bölöni.
PREDICATES AND QUANTIFIERS COSC-1321 Discrete Structures 1.
Section 1.4. Propositional Functions Propositional functions become propositions (and have truth values) when their variables are each replaced by a value.
Discrete Mathematical Structures: Theory and Applications 1 Logic: Learning Objectives  Learn about statements (propositions)  Learn how to use logical.
Propositional and predicate logic
Lecture 9: Query Complexity Tuesday, January 30, 2001.
CENG 424-Logic for CS Introduction Based on the Lecture Notes of Konstantin Korovin, Valentin Goranko, Russel and Norvig, and Michael Genesereth.
Logic Hubert Chan [O1 Abstract Concepts] [O2 Proof Techniques]
CSE202 Database Management Systems
3. The Logic of Quantified Statements Summary
Formal Methods in SE Lecture 21.
Further with Hoare Logic Sections 6.12, 6.10, 6.13
CSE15 Discrete Mathematics 01/23/17
Niu Kun Discrete Mathematics Chapter 1 The Foundations: Logic and Proof, Sets, and Functions Niu Kun 离散数学.
Logic Hubert Chan [O1 Abstract Concepts] [O2 Proof Techniques]
Negations of Quantified Statements
Chapter 8 Logic Topics
CSEP590 – Model Checking and Automated Verification
INTRODUCTION TO THE THEORY OF COMPUTATION
(1.4) An Introduction to Logic
Discrete Mathematics and Its Applications Kenneth H
Discrete Mathematics CMP-200 Propositional Equivalences, Predicates & Quantifiers, Negating Quantified Statements Abdul Hameed
Predicates and Quantifiers
Mathematical Language
Presentation transcript:

Formal Methods in SE Lecture 20

Agenda 2  Relations in Z Specification Formal Methods in SE

Domain and Range Restriction 3  A new relation may be created by restricting the domain or range of a relation to a set  The resulting relation only has pairs where the first (domain restriction) or second (range restriction) element is a member of the restricting set. Formal Methods in SE

Domain and Range Restriction 4 Formal Methods in SE

Domain and Range Subtraction 5  Similarly, elements may be subtracted from the domain or range to yield a new relation = ? Formal Methods in SE

Relation Inverse and Relation Image 6 Formal Methods in SE

Contd… 7 Formal Methods in SE

Relation Composition 8 Formal Methods in SE  If the target of one relation matches the source of another, it may be useful to consider their relational composition  The composition of two relations relates objects in the source of the first to objects in the target of the second, provided that some intermediate point exists.

Relation Composition 9 Formal Methods in SE

Relation Example 10 Formal Methods in SE  A project must be located in a city, but any city may have many projects located within it. Many workers can work on a project, and a worker can work on many projects. A worker can have many skills (e.g. preparing material requisitions, checking drawings, etc.), but he/she may only use a given skill on a particular project if that skill is required.

Relation Example 11 Formal Methods in SE  Sets Required  Project a set of projects  City a set of cities  Worker a set of workers  Skill a set of skills  Building Relations  A project must be located in a city, but any city may have many projects located within it.  Many workers can work on a project, and a worker can workon many projects.

Relation Example 12 Formal Methods in SE  A worker can have many skills (e.g. preparing material requisitions, checking drawings, etc.), but he/she may only use a given skill on a particular project if that skill is required.  Model can be visualized as

VDM Formal Methods in SE Qaisar Javaid, Assistant Professor

Formal Specification Languages 14 A formal specification language is a formal language used for expressing models of computing systems. Such languages typically provide support for abstraction and rigour. General Purpose VDM-SL Z RSL Act One Clear Special Purpose CCS CSP Real-Time Logic Deontic Logics Formal Methods in SE

Formal Specification Languages: VDM-SL 15 Vienna Development Method (VDM) Spec Language is VDM-SL ISO Standardised: fully formal Support Tools are available Good record of industrial use Support for abstraction of data and functionality Formal Methods in SE

16 Basic logical operators We build more complex logical expressions out of simple ones using logical connectives: not negation and conjunction or disjunction => implication (if … then …) biimplication (if and only if) Formal Methods in SE

17 Basic logical operators Negation Negation allows us to state that the opposite of some logical expression is true, e.g. The temperature in the monitor mon is not rising: not Rising(mon) A true false not A false true Truth table for negation: Formal Methods in SE

18 Basic logical operators Disjunction Disjunction allows us to express alternatives that are not necessarily exclusive: OverLimit: Monitor -> bool A true false B true false true false A or B true false Formal Methods in SE

19 Basic logical operators Conjunction Conjunction allows us to express the fact that all of a collection of facts are true. Continually over limit: all the readings in the sample exceed 400 C COverLimit: Monitor -> bool COverLimit(m) == m.temps(1) > 400 and m.temps(2) > 400 and m.temps(3) > 400 and m.temps(4) > 400 and m.temps(5) > 400 A true false B true false true false A and B true false Formal Methods in SE

20 Basic logical operators Implication Implication allows us to express facts which are only true under certain conditions (“if … then …”): Safe: If readings do not exceed 400 C by the middle of the sample, the reactor is safe. If readings exceed 400 C by the middle of the sample, the reactor is still safe provided that the reading at the end of the sample is less than 400 C. Safe: Monitor -> bool A true false B true false true false A => B true false true Formal Methods in SE

21 Basic logical operators Biimplication Biimplication allows us to express equivalence (“if and only if”). Alarm: The alarm is to be raised if and only if the reactor is not safe This can be recorded as an invariant property: Monitor :: temps : seq of int alarm : bool inv m == len m.temps = 5 and A true false B true false true false A B true false true Formal Methods in SE

22 Quantifiers For large collections of values, using a variable makes more sense than dealing with each case separately. inds m.temps represents indices (1-5) of the sample The “over limit” condition can then be expressed more economically as: exists i in set inds m.temps & temps(i) > 400 The “continually over limit” condition can then be expressed using “ forall ”: Formal Methods in SE

23 Quantifiers Syntax: forall binding & predicate exists binding & predicate There are two types of binding: Type Binding, e.g. x:nat n: seq of char Set Binding, e.g. i in set inds m x in set {1,…,20} A type binding lets the bound variable range over a type (a possibly infinite collection of values). A set binding lets the bound variable range over a finite set of values. Formal Methods in SE

24 Quantifiers Several variables may be bound at once by a single quantifier, e.g. forall x,y in set {1,…,5} & not m.temp(x) = m.temp(y) Would this predicate be true for the following value of m.temp ? [320, 220, 105, 119, 150] Formal Methods in SE

25 coping with undefinedness Suppose sensors can fail in such a way that they generate the value Error instead of a valid temperature. In this case we can not make comparisons like Error < 400 The logic in VDM is equipped with facilities for handling undefined applications of operators (e.g. if division by zero could occur). Truth tables are extended to deal with the possibility that undefined values can occur, e.g. A true false * not A false true * * represents the undefined value Formal Methods in SE

26 Disjunction in LPF A true false * B true false * true false * true false * A or B true false * true * If one disjunct is true, we know that the whole disjunction is true, regardless of whether the other disjunct is true, false or undefined. Formal Methods in SE

27 Conjunction in LPF A true false * B true false * true false * true false * A and B true false * false * false * If one conjunct is false, we know that the whole conjunction is false, regardless of whether the other disjunct is true, false or undefined. Formal Methods in SE

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.