Abstraction, Specification and Verification. Comp 302, Spring 2005 2 Abstraction Hiding or overlooking detail that is not relevant for the task at hand.

Slides:



Advertisements
Similar presentations
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Advertisements

Mutability SWE 332 Fall 2011 Paul Ammann. SWE 3322 Data Abstraction Operation Categories Creators Create objects of a data abstraction Producers Create.
Data Abstraction II SWE 619 Software Construction Last Modified, Spring 2009 Paul Ammann.
Abstract Data Types Data abstraction, or abstract data types, is a programming methodology where one defines not only the data structure to be used, but.
CSE 331 SOFTWARE DESIGN & IMPLEMENTATION ABSTRACT DATA TYPES II Autumn 2011.
The List Interface Cmput Lecture 14 Department of Computing Science University of Alberta ©Duane Szafron 2000 Some code in this lecture is based.
Specifications Liskov Chapter 9 SWE 619 Last Updated Fall 2008.
CSE 331 Software Design & Implementation Dan Grossman Fall 2014 Data Abstraction: Abstract Data Types (ADTs) (Based on slides by Mike Ernst, David Notkin,
Describing algorithms in pseudo code To describe algorithms we need a language which is: – less formal than programming languages (implementation details.
Cs205: engineering software university of virginia fall 2006 Semantics and Specifying Procedures David Evans
Slides by Vinod Rathnam with material from Alex Mariakakis Kellen Donohue, David Mailhot, and Hal Perkins Midterm Review.
Introduction to Java Appendix A. Appendix A: Introduction to Java2 Chapter Objectives To understand the essentials of object-oriented programming in Java.
REFACTORING Lecture 4. Definition Refactoring is a process of changing the internal structure of the program, not affecting its external behavior and.
Abstract Data Types (ADTs) and data structures: terminology and definitions A type is a collection of values. For example, the boolean type consists of.
Data Structure (Part I) Chapter 2 – Arrays Data Abstraction and Encapsulation in C++ Section 1.3 –Data Encapsulation Also called information hiding.
Liang, Introduction to Java Programming, Sixth Edition, (c) 2007 Pearson Education, Inc. All rights reserved Chapter 22 Java Collections.
1 Abstraction  Identify important aspects and ignore the details  Permeates software development programming languages are abstractions built on hardware.
Cs205: engineering software university of virginia fall 2006 Data Abstraction David Evans
Computer Science and Engineering College of Engineering The Ohio State University Interfaces The credit for these slides goes to Professor Paul Sivilotti.
EECE 310: Software Engineering Iteration Abstraction.
Examples using Arrays. Summing Squares Problem: To compute the sum of the squares of N numbers N is given N values are also given These should be read.
SWE 619 © Paul Ammann Procedural Abstraction and Design by Contract Paul Ammann Information & Software Engineering SWE 619 Software Construction cs.gmu.edu/~pammann/
Arrays An array is a data structure that consists of an ordered collection of similar items (where “similar items” means items of the same type.) An array.
111 Protocols CS 4311 Wirfs Brock et al., Designing Object-Oriented Software, Prentice Hall, (Chapter 8) Meyer, B., Applying design by contract,
Low-Level Detailed Design SAD (Soft Arch Design) Mid-level Detailed Design Low-Level Detailed Design Design Finalization Design Document.
Chapter 18 Java Collections Framework
Design Patterns Gang Qian Department of Computer Science University of Central Oklahoma.
Software Testing Input Space Partition Testing. 2 Input Space Coverage Four Structures for Modeling Software Graphs Logic Input Space Syntax Use cases.
Comp 302: Software Engineering Data Abstractions.
Data Structure Introduction.
Topic 1 Object Oriented Programming. 1-2 Objectives To review the concepts and terminology of object-oriented programming To discuss some features of.
(c) University of Washington15-1 CSC 143 Java List Implementation via Arrays Reading: 13.
© Paul Ammann, 2008 Design by Contract Paul Ammann CS/SWE 332.
BEGINNING PROGRAMMING.  Literally – giving instructions to a computer so that it does what you want  Practically – using a programming language (such.
Type Abstraction Liskov, Chapter 7. 2 Liskov Substitution Principle In any client code, if the supertype object is substituted by a subtype object, the.
Data Abstractions EECE 310: Software Engineering.
CSE 331 Software Design & Implementation Hal Perkins Autumn 2012 Abstract Data Types – Examples / Summary (Based on slides by Mike Ernst and David Notkin)
Type Abstraction SWE Spring October 05Kaushik, Ammann Substitution Principle “In any client code, if supertype object is substituted.
Data Abstraction Gang Qian Department of Computer Science University of Central Oklahoma.
Polymorphism Liskov 8. Outline equals() Revisiting Liskov’s mutable vs. not rule Polymorphism Uniform methods for different types “easy” polymorphism.
ANU COMP2110 Software Design in 2003 Lecture 10Slide 1 COMP2110 Software Design in 2004 Lecture 12 Documenting Detailed Design How to write down detailed.
Data Abstraction SWE 619 Software Construction Last Modified, Spring 2009 Paul Ammann.
Programming Techniques Lec03 Procedural Abstraction Software Engineering Fall 2005.
Polymorphism SWE 619. Outline equals() Revisiting Liskov’s mutable vs. not rule Polymorphism Uniform methods for different types “easy” polymorphism Element.
Iteration Abstraction SWE Software Construction Fall 2009.
CMSC 202 Containers and Iterators. Container Definition A “container” is a data structure whose purpose is to hold objects. Most languages support several.
CSE 331 Software Design & Implementation Hal Perkins Winter 2015 Data Abstraction: Abstract Data Types (ADTs) (Based on slides by Mike Ernst, Dan Grossman,
Type Hierarchies. Type Hieararchy Why?: Want to define family of related types. At the top of the hierarchy, a type whose spec defines behavior common.
CPSC 252 ADTs and C++ Classes Page 1 Abstract data types (ADTs) An abstract data type is a user-defined data type that has: private data hidden inside.
David Evans CS201J: Engineering Software University of Virginia Computer Science Lecture 5: Implementing Data Abstractions.
Reasoning and Design (and Assertions). How to Design Your Code The hard way: Just start coding. When something doesn’t work, code some more! The easier.
1 Stacks Abstract Data Types (ADTs) Stacks Application to the analysis of a time series Java implementation of a stack Interfaces and exceptions.
Prof. I. J. Chung Data Structure #1 Professor I. J. Chung.
Slides by Alex Mariakakis Section 5: Midterm Review.
Programming Techniques Lec05 Data Abstraction (Chapter 5) Software Engineering Fall 2005.
Modular Decomposition, Abstraction and Specifications
EECE 310: Software Engineering
EECE 310: Software Engineering
CSE 331 Software Design & Implementation
Specifications Liskov Chapter 9
Type Abstraction SWE Spring 2009.
EECE 310: Software Engineering
Type Abstraction Liskov, Chapter 7.
Data Abstraction David Evans cs205: engineering software
Iteration Abstraction
SWE 619 Software Construction Last Modified, Fall 2015 Paul Ammann
Lecture 4: Data Abstraction CS201j: Engineering Software
EECE 310: Software Engineering
Type Abstraction SWE Spring 2013.
Software Specifications
Presentation transcript:

Abstraction, Specification and Verification

Comp 302, Spring Abstraction Hiding or overlooking detail that is not relevant for the task at hand Abstraction in software programs Machine language (assembly) C-like languages High-level languages

Comp 302, Spring Two Program Fragments // search upwards found = false; for (int i = 0; i < a.length; i++) if (a[i] == e) { z = i; found = true; } // search downwards found = false; for (int i = a.length-1; i >= 0; i--) if (a[i] == e) { z = i; found = true; }

Comp 302, Spring In a higher-level language found = false; if (found) z = a.indexOf(e);

Comp 302, Spring Abstraction by Specification A specification allows us to separate the body of a procedure (its implementation) from the computation it is intended to perform. int addSquares1(int m, n) { return m*m + n*n; } int addSquares2(int m, n) { if (m == 0) { return n*n; }else if (n == 0) { return m*m; } else { return m*m + n*n; }

Comp 302, Spring Specification int addSquares1(int m, n) { returns the sum of the squares of m and n return m*m + n*n; } int addSquares2(int m, n) { returns the sum of the squares of m and n if (m == 0) { return n*n; }else if (n == 0) { return m*m; } else { return m*m + n*n; }

Comp 302, Spring Pre- and post- conditions float sqrt(float coef) { coef > 0 returns an approximation of the squareroot of coef float ans = coef / 2.0; int i = i; while (i<7) { ans = ans – ((ans * ans – coef)/(2.0 * ans)); i = i+1; } return ans; } Pre-condition: coef > 0. Must hold when the procedure is called Often used to ensure proper operation of procedure Post-condition: Holds at the completion of procedure

Comp 302, Spring Pre- and post-conditions Someone other than the developer of the procedure can use it by understanding the pre- and post-conditions Also called “assume-guarantee” The procedure assumes that the pre-condition is true when it is called, and guarantees that the post-condition holds when it returns.

Comp 302, Spring Specification Abstractions must have precise definitions Specifications We will use informal but precise specifications Possible to have completely formal specification languages but more difficult to read A specification language is not a programming language. Not executable, but shorter and easier to read.

Comp 302, Spring Specifications of Procedural Abstractions Specification of a procedure has two parts Procedure header Semantic specification. Procedure Header Lists arguments, their order and types The type of the result Exceptions thrown Examples: void removeDupls (Vector v); float sqrt (float x); Similar in form to the form of a function definition. f:integer  integer

Comp 302, Spring Semantic Specs of Procedural Abstractions Semantic specification The clause (Precondition) The clause The clause (Postcondition) //REQUIRES: This clause states any constraints on use //MODIFIES: This clause identifies all modified inputs //EFFECTS: This clause defines the behavior Procedure specification: return_type pname (...) //REQUIRES: This clause states any constraints on use //MODIFIES: This clause identifies all modified inputs //EFFECTS: This clause defines the behavior

Comp 302, Spring Specifications of Classes visibility cname { //OVERVIEW: This clause defines the purpose of the class as a whole. visibility static p1... visibility static p2... }

Comp 302, Spring Example public class Arrays { // OVERIEW: This class provides a number of standalone procedures // that are useful for manipulating arrays of ints. public static int search (int[] a, int x) // EFFECTS: If x is in a, returns an index where // x is stored otherwise, returns -1. public static int searchSorted (int[] a, int x) // REQUIRES: a is sorted in ascending order // EFFECTS: If x is in a,returns an index where // x is sorted otherwise returns -1. public static void sort (int [] a) // MODIFIES: a // EFFECTS: Rearranges the elements of a into // ascending order // e.g., if a=[3,1,6,1] before // the call, on return a = [1,1,3,6]. }

Comp 302, Spring Total vs. Partial Procedures Total procedure: No clause Works on all inputs. No restriction. Partial procedures have an clause If inputs don’t satisfy this clause, then no guarantees Partial procedures are less safe Avoid when possible Check clause when not expensive Sometimes partial procedures are more efficient searchSorted

Comp 302, Spring The _post notation public static void sort (int [] a) // MODIFIES: a // EFFECTS: Rearranges the elements of a into // ascending order // For example, if a=[3,1,6,1], a_post = [1,1,3,6].

Comp 302, Spring clause public static int[] boundArray (int[] a, int n) // EFFECTS: Returns a new array containing the // elements of a in the order they appear in a // except that any elements of a that are greater // than n are replaced by n. clause Can NOT return the input itself even if no element exceeds n Spec says it must return new array

Comp 302, Spring public static void copyLine() // REQUIRES: System.in contains a line of text // MODIFIES: System.in and System.out // EFFECTS: Reads a line of text from System.in, // advances the cursor in System.in to the end of // the line, and writes the line on System.out. Implicit inputs System.in public static final InputStream inInputStream The "standard" input stream. This stream is already open and ready to supply input data. Typically this stream corresponds to keyboard input or another input source specified by the host environment or user System.out public static final PrintStream outPrintStream The "standard" output stream. This stream is already open and ready to accept output data. Typically this stream corresponds to display output or another output destination specified by the host environment or user. For simple stand-alone Java applications, a typical way to write a line of output data is: System.out.println(data)

Comp 302, Spring Implementing Procedures: Example public class Arrays { // OVERVIEW:This class provides a number of standalone procedures // that are useful for manipulating arrays of ints. public static int searchSorted (int [] a, int x) { // REQUIRES: a is sorted in ascending order. // EFFECTS: If x is in a, returns an index where // x is stored; otherwise, returns -1. // uses linear search if (a == null) return -1; for (int i = 0; i < a.length; i++) if (a[i] == x) return i; else if (a[i] > x) return -1; return -1; } //other static methods go here }

Comp 302, Spring public class Arrays { //OVERVIEW:... public static void sort (int[] a) { //MODIFIES:a //EFFECTS:Sorts a[0],..., a[a.length-1] into ascending order. if (a == null) return; quickSort(a, 0, a.length-1); } private static void quickSort(int[] a, int low, int high) { //REQUIRES:a is not null and 0<=low&high<a.length //MODIFIES:a //EFFECTS:Sorts a[low],a[low+1],...,a[high] into ascending order. if (low >= high) return; int mid = partition(a, low, high); quickSort(a, low, high); quickSort(a, mid + 1, high); } …

Comp 302, Spring public class Arrays { // continued private static int partition(int[]a, int i, int j) { // REQUIRES:a is not null and 0 <= i < j < a.length // MODIFIES:Reorders the elemnts in a into two contiguous groups // a[i],...,a[res] and // a[res+1],...,a[j], such that each element in the second group is // at least as each // element of the first group. Returns res. int x = a[i]; while (true) { while (a[j] > x) j--; while (a[i] < x) i++; if (i <j) { //need to swap int temp = a[i]; a[i] = a[j]; a[j] = temp j--;i++; } else return j; } }

Comp 302, Spring Implementing Procedures public class Vectors { // OVERVIEW: Provides useful standalone procedures // for manipulating vectors. public static void removeDupls (Vector v) { // REQUIRES:All elements of v are not null. // MODIFIES:v // EFFECTS:Removes all duplicate elements from v; // uses equals to determine duplicates. // The order of remaining elements may change. if (v == null) return; for (int i = 0; i < v.size(); i++) { Object x = i + 1; int j = i + 1; //remove all dupls of x from the rest of v while (j < v.size()) if (!x.equals(v.get(j))) j++; else { v.set(j, v.lastElement()); v.remove(v.size()-1); } }

Verifying Data Abstractions

Comp 302, Spring Data Abstraction data abstraction = Why data abstractions? When the implementation of the abstraction changes, programs that use it don’t have to change. Only access the object through methods it provides Can avoid making implementation decisions too early Avoid inefficiencies and massive re-implementation Can first define the abstract type with its operations Can then work on using modules Make implementation decisions later

Comp 302, Spring Outline How to specify data abstractions? How to implement data abstractions?

Comp 302, Spring Specifications for Data Abstractions visibility class dname { // OVERVİEW: A brief description of the // behaviour of the type’s objects goes here //constructors //specs for constructors go here //methods //specs for methods go here }

Comp 302, Spring Specification of IntSet (code filled in later) public class IntSet { //OVERVİEW: IntSets are mutable, unbounded sets of integers //A typical IntSet is {x 1,...,x n }. //constructors public IntSet ( ) //EFFECTS: Initialize this to be empty. (no need for MODIFIES clause) //methods public void insert (int x) // MODIFIES: this // EFFECTS: Adds x to the element of this, // i.e., this_post = this + {x} public void remove (int x) // MODIFIES: this // EFFECTS: Removes x from this, i.e., this_post = this – {x} public boolean isIn (int x) // EFFECTS: If x is in this returns true else returns false public int size () // EFFECTS: Returns the cordinality of this public int choose () throws EmptyException // EFFECTS: If this is empty, throws EmptyException // else returns an arbitrary element of this. } mutators observers

Comp 302, Spring Mutability States of immutable objects never change They are created and they stay that way until destroyed Example: Strings Huh? What about String myFirstName = “Serdar”; String myLastName = “Tasiran”; String myFullName = myFirstName + “ “ + myLastName; A new String object is created. The String with “Serdar” in it is never changed. Mutable objects: Example: Arrays. a[i] = 5; If a mutable object is shared, a modification of one modifies the other.

Comp 302, Spring public class Poly { //OVERVIEW: Polys are immutable polynomials with integer coefficients. //A typical Poly is c 0 + c 1 x + c 2 x c n x n //constructors public Poly () //EFFECTS: Initializes this to be zero polynomial public Poly (int c, int n) throws NegativeExponentException // EFFECTS: If n<0 throws NegativeExponentException else initalizes this // to be the Poly cx n. //methods public int degree () // EFFECTS: Returns the degree of this, i.e., the largest exponent with a // non-zero coefficient. Returns 0 if this is zero Poly. public int coeff (int d) // EFFECTS: Returns the coefficient of the term of this whose exponent is // d. public Poly add (Poly q) throws NullPointerException // EFFECTS: If q is null throws NullPointerException else returns the Poly // this +q. public Poly mul (Poly q) throws NullPointerException // EFFECTS: If q is null throws NullPointerException else returns the Poly // *q. public Poly sub (Poly q) Throws NullPointerException // EFFECTS: If q is null throws NullPointerException else returns the Poly // this –q. public Poly minus () //EFFECTS: Returns the Poly – this. }

Comp 302, Spring Using Data Abstractions public static Poly diff (Poly p) throws NullPointerExcepyion { //EFFECTS: If p is null throws NullPointerException //else returns the Poly obtained by differentiating p. Poly q = new Poly (); for (int i = 1; i <= p.degree(); i++) q = q.add(new Poly(p.coeff(i)*i, i - 1)); return q; } public static IntSet getElements (int[] a) throws NullPointerException { //EFFECTS: If a is null throws NullPointerException //else returns a set containing an entry for each //distinct element of a. IntSet s = new IntSet(); for (int i = 0;,< a.length; i++) s.insert(a[i]); return s; }

Comp 302, Spring Implementing Data Abstractions Must select a representation (rep). Examples: A Vector (from java.util) of Integer objects is a possible rep for IntSet A Vector containing Gizmo objects may be the rep for Board in your project. Reps must Support all operations in a simple way Provide efficient implementations Searching an entry should not require looking at all entries, ideally.

Comp 302, Spring A Rep for IntSet Should we allow each element to occur more than once or not If we do, insertion is simple: Just add it at the end of the Vector But remove and isIn take a long time isIn is likely to be called a lot Forbid duplicates in Vector

Comp 302, Spring Implementing Data Abstractions A representation typically has several components Correspond to (non-static) fields in the class definitions These are also called instance variables There is a separate set of them for each object Instance variables must not be visible to users, other classes Make them private Provide methods to access and modify them

Comp 302, Spring public class IntSet { //OVERVIEW: IntSets are unbounded, mutable sets of integers. private Vector els; // the rep //constructors public IntSet () { //EFFECTS: Initializes this to be empty els = new Vector(); } //methods public void insert (int x) { //MODIFIES: this //EFFECTS: Adds x to the elements of this. Integer y = new Integer(x); if (getIndex(y) < 0) els.add(y); } public void remove (int x) { //MODIFIES: this //EFFECTS: Removes x from this. int i = getIndex(new Integer(x)); if (i < 0) return; els.set(i, els.lastElement()); els.remove(els.size() - 1); } public boolean isIn (int x) { //EFFECTS: Returns true if x is in this else returns false. return getIndex(new Integer(x)) } (Continued)

Comp 302, Spring private int getIndex (Integer x) { //EFFECTS: If x is in this returns index where //x appears else returns -1. for (int i = 0; i < els.size(); i++) if (x.equals(els.get(i))) return i; return -1; } public int size () { //EFFECTS: Returns the cardinality of this. return els.size(); } public int choose () throws EmptyException { //EFFECTS: If this is empty throws EmptyException else //returns an arbitrary element of this. if(els.size() == 0) throw new EmptyException(“IntSet.choose”); return els.lastElement(); } }

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.