Presentation is loading. Please wait.

Presentation is loading. Please wait.

Formal Methods in Software Engineering1 Today’s Agenda  Quiz 2 next class  Presentation Schedule  Quick Review  Build Models Using OCL.

Published byAustin McDaniel Modified over 9 years ago

Similar presentations

Presentation on theme: "Formal Methods in Software Engineering1 Today’s Agenda  Quiz 2 next class  Presentation Schedule  Quick Review  Build Models Using OCL."— Presentation transcript:

1 Formal Methods in Software Engineering1 Today’s Agenda  Quiz 2 next class  Presentation Schedule  Quick Review  Build Models Using OCL

2 Formal Methods in Software Engineering2 Quick Review  What are the common types of context? For each type of context, what kind of OCL expressions can be written?

3 Formal Methods in Software Engineering3 Building Models with OCL  Introduction  Completing UML Diagrams  Modeling Tips and Hints  Summary

4 Formal Methods in Software Engineering4 What Is a Model? Simply put, a model is a high level system description. It consists of a consistent, coherent set of model elements, i.e., artifacts written in a well-defined modeling language such as UML and OCL. Question: Why do we want to have a model?

5 Formal Methods in Software Engineering5 View Consistency An UML model consists of several diagrams, each of which presents one view of the model. Multiple views must be consistent. For example, objects in the interaction diagram must be instances of classes present in the class diagram.

6 Formal Methods in Software Engineering6 UML and OCL (1) Both UML diagrams and OCL expressions are part of a model. They are connected by the context definition. Note that OCL expressions can be written in a textual format or attached to the UML diagrams directly.

7 Formal Methods in Software Engineering7 Example LoyaltyAccount points: Integer number: Integer earn (i: Integer) burn (i: Integer) isEmpty(): Boolean Transaction points: Integer date: Date amount: Real program(): LoyaltyProgram account transactions 1 0.. * inv: transactions.card.owner -> size() = 1 pre: i > 0 init: Set {} init: 0 body: points = 0

8 Formal Methods in Software Engineering8 Adding Extra Info OCL expressions can add extra info. to UML diagrams in the following situations:  Elements might be under-specified.  Business rules need to be incorporated.  Interfaces need to be precisely defined.  Ambiguity must be removed.

9 Formal Methods in Software Engineering9 Building Models with OCL  Introduction  Completing UML Diagrams  Modeling Tips and Hints  Summary

10 Formal Methods in Software Engineering10 Discovering Constraints OCL expressions can be used to specify constraints on a class diagram, but where do they come from?  Uniqueness Constraints  Optional & Dynamic Multiplicities  Inheritance  Association Cycles

11 Formal Methods in Software Engineering11 Uniqueness Constraints (1) Recall the following uniqueness constraint: context Person inv: Person::allInstances() -> isUnique (socSecNr) Question: How to determine if the value of a attribute needs to be unique?

12 Formal Methods in Software Engineering12 Uniqueness Constraints (2)  In general, we should ask the question: “Should equality imply identity?”  If two people have the same name, does it mean they are the same person?  If two people have the same social security number, does it mean they are the same person?  One way to identify uniqueness constraints is looking for “sharing”  If an instance can be shared, then it is not unique.

13 Formal Methods in Software Engineering13 Optional Multiplicity (1) An optional multiplicity indicates that an associated object may or may not exist. The existence of an associated object often depends on the state of the objects involved. In this case, it is necessary to use OCL constraints to describe precisely when the optional association may be empty.

14 Formal Methods in Software Engineering14 Optional Multiplicity (2) House value : Money Person socSecNr : Integer salary : Money getMortage (sum : Money security : House) Mortgage principal : Money monthlyPayment : Money startDate : Date endDate : Date 0.. * 1 housesowner mortgages 0..* security1 borrower1 mortgages 0..* inv: mortgages -> notEmpty() implies houses -> notEmpty ()

15 Formal Methods in Software Engineering15 Dynamic Multiplicity (1) A dynamic multiplicity is one that needs to be determined based on another value in the system. In this case, OCL expressions can be use to precisely specify how to determine such a multiplicity.

16 Formal Methods in Software Engineering16 Dynamic Multiplicity (2) Flight Flightnr: Integer availableSeats() : Integer Airplane numOfSeats: Integer 0.. *1 flightsplane Person name: String 0.. * flights passengers context Flight inv: passengers -> size () <= plane.numOfSeats

17 Formal Methods in Software Engineering17 Inheritance (1) GuitarGuitarString ElectricGuitar ClassicGuitar MetalString PlasticString 0.. 10.. * strings 0.. 10.. * 0.. 1 0.. * strings

18 Formal Methods in Software Engineering18 Inheritance (2) GuitarGuitarString ElectricGuitar ClassicGuitar MetalString PlasticString 0.. 10.. * strings context ClassicGuitar inv: strings -> forAll (s | s.oclIsTypeOf(PlasticString)) context ElectricGuitar inv: strings -> forAll (s | s.oclIsTypeOf(MetalString))

19 Formal Methods in Software Engineering19 Association Cycles (1) An association cycle consists of a set of classes and associations such that one can start from one class, navigate through the associations, and return to the same class. Cycles are often the source of ambiguity. The general rule is that cycles should be checked carefully, especially when the multiplicities are higher than one.

20 Formal Methods in Software Engineering20 Association Cycles (2) House value : Money Person socSecNr : Integer salary : Money getMortage (sum : Money security : House) Mortgage principal : Money monthlyPayment : Money startDate : Date endDate : Date 0.. * 1 housesowner mortgages 0..* security1 borrower1 mortgages 0..* The model allows a person to have a mortgage that takes as security a house owned by another person!

21 Formal Methods in Software Engineering21 Association Cycles (3) From Drs. Dwyer and Hatcliff

22 Formal Methods in Software Engineering22 Association Cycles (4) The cycle allows a graduate student to teach and enroll a class at the same time. Therefore, it is desirable to impose the following invariants: context Instructor inv NoTeachingWhileEnrolled: self.person.oclIsKindOf(Graduate) implies teaching->intersection( self.person.taking)-> isEmpty () context Course inv NoTeachingWhileEnrolled: enrolled->intersection(taughtBy.person -> select (isOclKindOf (Graduate))) -> isEmpty ()

23 Formal Methods in Software Engineering23 oclIsTypeOf vs oclIsKindOf The oclIsTypeOf operation returns true only if the type of the object is identical to the argument. The oclIsKindOf operation returns true if the type of object is identical to the argument, or identical to any of the subtypes of the argument. context Person inv: self.oclIsKindOf (Person) = ? inv: self.oclIsTypeOf(Person) = ? inv: self.oclIsTypeOf(Student) = ? inv: self.oclIsKindOf(Student) = ? context Student inv: self.oclIsKindOf (Person) = ? inv: self.oclIsTypeOf(Person) = ? inv: self.oclIsTypeOf(Student) = ? inv: self.oclIsKindOf(Student) = ? inv: self.oclIsTypeOf(Faculty) = ? inv: self.oclIsKindOf(Faculty) = ?

24 Formal Methods in Software Engineering24 Association Cycles (5) From Drs. Dwyer and Hatcliff

25 Formal Methods in Software Engineering25 Association Cycles (6) The waiting list of a course should be empty unless the enrollment is full. context Course inv NoWaitingUnlessFull: waitList->notEmpty() implies enrolled->size = 25

26 Formal Methods in Software Engineering26 Association Cycles (7) Instructor -Title -Number -Time -Room Course -GPA -Probation Student Undergraduate Graduate Faculty -Name -Building -Head -College Department -teaching 1 -taught by 0..* -advisee * -advisor1 -commitee3..5 -grad commitees 0..* -enrolled5..25 -taking3..5 -transcript * * -major1 -majors 1..* -waiting for 0..* -waitlist 0..* -dept1 -faculty1..* * -required 1..* -Name Person -as instructor0..1 -person1 ID -id 11 -prereq*-requiredfor* * -courses 1..* From Drs. Dwyer and Hatcliff

27 Formal Methods in Software Engineering27 Association Cycles (8) Each student should take at least one major course: context Student inv OneCourseFromMajor: taking -> intersection (major.courses) -> notEmpty ()

28 Formal Methods in Software Engineering28 Association Cycles (9) From Drs. Dwyer and Hatcliff

29 Formal Methods in Software Engineering29 Association Cycles (10) An advisor must be on the committees of his advisees: context Faculty inv AdvisorOnCommittee: gradCommittees -> includesAll (advisees)

30 Formal Methods in Software Engineering30 Design by Contract A contract is a precise specification of mutual obligations and benefits between the client and the supplier of a service. Design by contract is a method that emphasizes the precise description of interface semantics. An object is responsible for executing a service if and only if certain conditions are fulfilled.

31 Formal Methods in Software Engineering31 An Example Contract Client (Traveler) Obligation check in 10 minutes before boarding < 3 small carry-ons buy ticket Benefit reach Boston Supplier (Airline) Obligation take traveler to Boston Benefit don’t need to wait for late travelers don’t need to store arbitrary amounts of luggage

32 Formal Methods in Software Engineering32 Why Contract?  Facilitates design  establishes the responsibilities of each object clearly and precisely.  Simplifies implementation  allows certain assumptions to be made.  Helps debugging  clearly identifies the responsible party in case of a failure  Enables automatic reasoning  tools can be developed to automatic checking the conformance of a contract

33 Formal Methods in Software Engineering33 Contract in OCL In OCL, a contract is specified using pre-/post- conditions. Flight takeoff: Time ticketed : Set (Person) destination: Destination Destination takeFlight (Person p, Luggage l) pre: System::currentTime () < takeoff - 10 pre: l.number < 3 pre: ticketed -> includes (p) post: result = destination

34 Formal Methods in Software Engineering34 Building Models with OCL  Introduction  Completing UML Diagrams  Modeling Tips and Hints  Summary

35 Formal Methods in Software Engineering35 Navigation  Avoid complex navigation expressions  makes them easier to read and understand  is consistent with the encapsulation principle context Membership inv: programs.partners.deliveredServices -> forAll (pointsEarned = 0) implies account -> isEmpty () context LoyaltyProgram def: isSaving : Boolean = partners.deliveredServices -> forAll (pointsEarned = 0) context Membership inv: programs.isSaving implies account -> isEmpty ()

36 Formal Methods in Software Engineering36 Choose Context Wisely (1)  If the invariant restricts the value of an attribute of one class, the class containing the attribute is a clear candidate.  If the invariant restricts the values of attributes of more than one class, the class containing any of the attributes are candidates.  If a class can be appointed the responsibility for maintaining the constraint, the class should be the context.  Any invariant should navigate through the smallest possible number of associations.

37 Formal Methods in Software Engineering37 Choose Context Wisely (2) Person Company husband0..1 wife 0..1 0..* employeesemployers 0..* Consider how to write the constraint that two persons who are married to each other are not allowed to work at the same company. context Company inv: employees.wife -> intersection(employees) -> isEmpty()

38 Formal Methods in Software Engineering38 Split and Constraints  A large invariant can often be split into smaller ones at the and operations  easier to read and write  localizes the problem in case of a broken invariant  easier to maintain context LoyaltyProgram inv: participants -> forAll (age() > 0) and partners.deliveredServices -> forAll (pointsEarned = 0) context LoyaltyProgram inv: participants -> forAll (age() > 0) inv: partners.deliveredServices -> forAll (pointsEarned = 0)

39 Formal Methods in Software Engineering39 Use the collect shorthand  Use the collect shorthand whenever possible  the shorthand is easy to read and understand context Person inv: parents.brothers.children -> notEmpty () context Person inv: parents -> collect (brothers) -> collect (children) -> notEmpty ()

40 Formal Methods in Software Engineering40 Always Name Association Ends  Naming association ends is a good practice  indicates the purpose of the associated object  suggests the attribute name to maintain the association

41 Formal Methods in Software Engineering41 Building Models with OCL  Introduction  Completing UML Diagrams  Modeling Tips and Hints  Summary

42 Formal Methods in Software Engineering42 Summary  A model allows one to focus on high level design decisions, rather than low level details.  One way to identify constraints is to look for optional/dynamic multiplicities and cycles.  OCL expressions can also be used to simplify a class diagram.  Design by contract allows the interface of an object to be precisely specified.  The rule of thumb for writing a good OCL spec is to keep the expressions as simple as possible.

Download ppt "Formal Methods in Software Engineering1 Today’s Agenda  Quiz 2 next class  Presentation Schedule  Quick Review  Build Models Using OCL."

Similar presentations

Design by Contract.

Design by Contract.
Lecture 7 Constraints and Invariants Formal Modeling and Analyzing a Flash File System.

Lecture 7 Constraints and Invariants Formal Modeling and Analyzing a Flash File System.
The role of OCL in the Model Driven Architecture Jos Warmer Klasse Objecten

The role of OCL in the Model Driven Architecture Jos Warmer Klasse Objecten
Introducing Formal Methods, Module 1, Version 1.1, Oct., 1998 1 Formal Specification and Analytical Verification L 5.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
1 The Object Constraint Language: Expressing Constraints in the UML (Most slides created by Robert B. France, Professor Department of Computer Science,

1 The Object Constraint Language: Expressing Constraints in the UML (Most slides created by Robert B. France, Professor Department of Computer Science,
OCL2 April 2006 - 1 - A presentation of OCL 2 Object Constraint Language Christian Hein, Fraunhofer FOKUS April 2006.

OCL2 April A presentation of OCL 2 Object Constraint Language Christian Hein, Fraunhofer FOKUS April 2006.
Database Systems: Design, Implementation, and Management Tenth Edition

Database Systems: Design, Implementation, and Management Tenth Edition
Use Case & Use Case Diagram

Use Case & Use Case Diagram
Exercises Set 1 UML. How do you characterize a system/software that is object oriented? Why is UML an object oriented modeling approach ? Why do you want.

Exercises Set 1 UML. How do you characterize a system/software that is object oriented? Why is UML an object oriented modeling approach ? Why do you want.
CS 340 UML Class Diagrams. A model is an abstraction of a system, specifying the modeled system from a certain viewpoint and at a certain level of abstraction.

CS 340 UML Class Diagrams. A model is an abstraction of a system, specifying the modeled system from a certain viewpoint and at a certain level of abstraction.
91.3913Feb 2003 R McFadyen1 Contracts (Ch 13) Used to help understand requirements more completely based on assertions; assertions are applicable to any.

Feb 2003 R McFadyen1 Contracts (Ch 13) Used to help understand requirements more completely based on assertions; assertions are applicable to any.
Use Case Diagram © copyright 2001 SNU OOPSLA Lab..

Use Case Diagram © copyright 2001 SNU OOPSLA Lab..
Lecturer: Sebastian Coope Ashton Building, Room G.18 COMP 201 web-page: Lecture.

Lecturer: Sebastian Coope Ashton Building, Room G.18 COMP 201 web-page: Lecture.
Chapter 3 Collections. Copyright © 2005 Pearson Addison-Wesley. All rights reserved. 3-2 Chapter Objectives Define the concept and terminology related.

Chapter 3 Collections. Copyright © 2005 Pearson Addison-Wesley. All rights reserved. 3-2 Chapter Objectives Define the concept and terminology related.
NJIT Use Case Model Operation Contracts Prepared By: Sumit Sharma.

NJIT Use Case Model Operation Contracts Prepared By: Sumit Sharma.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Lecture 4: The Interface of a Class.

Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Lecture 4: The Interface of a Class.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Lecture 4: The Interface of a Class.

Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer Lecture 4: The Interface of a Class.
Software Requirements

Software Requirements
1 Software Requirements Specification Lecture 14.

1 Software Requirements Specification Lecture 14.
Use Case Analysis – continued

Use Case Analysis – continued

Similar presentations

Ads by Google