Chapter 28 Formal Methods

1
Chapter 28Formal Methods
2
Formal Methods

• The purpose of formal methods are to assist with
  project specification. These are not widely used
  in the industry.

3
Definition

• A method is formal if it has a sound mathematical
  basis, typically given by a formal specification
  of language.

4
Desired Properties

• Consistency
• Completeness
• Lack of amiguity

5
Problems of Informal Methods

• Contradictions
• Ambiguities
• Vagueness
• Incompleteness
• Mixed levels of abstraction

6
Formal Method Concepts

• Symbol Table
• Block Handler

7
Symbol Table

• Data invariant
• State
• Operation

8
Block Handler

• All sets of blocks held in the queue will be
  subsets of the collection of currently used
  blocks
• No elements of the queue will contain the same
  block numbers
• The collection of used and unused blocks will be
  the total collection of blocks that make up files
• The collection of unused blocks will have no
  duplicate block numbers
• The collection of used blocks will have no
  duplicate block numbers

9
Set Operators

• operator returns cardinality (a, b, c) 3
• e operator signals membership x e X
• c operator signals set membership A c B
• n operator signals intersection A n B
• U operator signals union A U B
• X operator signals Cartesian Product A x B
• P operator signals power set P1,2,3

10
Logic Operators

• and
• V or
• , , , not
• gt implies

Hardware failure
11
Sequences

• A sequence is a mathematical structure that
  models the fact that its elements are ordered.
  Sequences differ from sets since duplication is
  allowed.

12
Huh?

• Block Handler Example
• Define set A as all the blocks in the system
• A number of blocks in the system
• Define set B as all the unused blocks in the
  system and set C as all the used blocks
• A B, C
• B lt A
• B c A

13
OCL Object Constraint Language

• x,y Obtain property y of object x
• c-gtf() Apply built in function f to
  collection c itself.
• and/or//lt/gt Standard meanings
• p implies q If p then q. Always true if q is
  true or p is false

14
Sample OCL Operations

• C 1, 2, 3, 4, 5
• C1 1, 3, 5
• C2 0, 6, 7
• c -gt size() 5
• c -gt isEmpty() false
• c -gt includesAll(C1) true
• c -gt excludesAll(C2) true

15
Sample OCL Operations cont.

• C1 -gt intersection(C2) ?
• C1 -gt union(C2) 0,1,3,5,6,7
• C -gt first() 1
• C -gt last() 5
• C -gt find(xx e C and xlt4) 1, 2, 3

16
Z Specification Language

• S P X S is declared as a set of Xs
• x e S x is a member of S.
• S c T S is a subset of T
• S U T The union of S and T
• P Q P and Q
• P gt Q P implies Q

17
Z Specification Language

• FX gtgt Y f is declared as a partial
  injection from X to Y
• dom F The domain of f
• ran F The range of f
• x ? F A function like f, except that x
  is removed from its domain

18
Problems with Formal Methods

• Complicated Confusing
• Special Training
• Expensive
• Difficult to understand for those who arent
  trained

19
Ten Commandments

• Thou shalt choose the appropriate notation.
• Thou shalt formalize, but not overformalize.
• Thou shalt estimate costs.
• Thou shalt have a formal methods guru on call.
• Thou shalt not abandon thy traditional
  developmental methods.

20
Ten Commandments cont.

• Thou shalt document sufficiently.
• Thou shalt not compromise thy quality standards.
• Thou shalt not be dogmatic.
• Thou shalt test, test, and test again.
• Thou shalt reuse.