A Taxonomy for Informatics

1
A Taxonomy for Informatics

• Hans Meijer
• Hanno Wupper
• Katholieke Universiteit Nijmegen

2
Table of Contents

• 1. Foundation of formal methods
• 2. Professional activities
• 3. The Chinese Box principle
• 4. Software Engineering
• 5. Design theorem
• 6. Fault tolerance
• 7. Informatics as a science

3
1. Foundation of Formal Methods

• How can we convince ourselves that a complex
  machine really does what it is supposed to do?
• The rôle of mathematics in engineering

4
(No Transcript)
5
(No Transcript)
6
The Goal
Properties
7
A Technical Solution
has (can)
Machine
Properties
8
The Power of the Written Word
A machine that allows to toast electrically both
sides of some slices of bread as long as the user
desires.
Specification
fulfils
states
Machine
Properties
9
Ambiguity of natural language
10
Describing Structure
A machine that allows to toast electrically both
sides of some slices of bread as long as the user
desires.
satisfies
Schema
Specification
is realisation of
Machine
11
Corner Stones of Formal Methods
Specification
Schema
Properties
Machine
12
Another example
Specification
Schema
Properties
Machine
13
A more modern schema
14
Real-Time requirementsmake things difficult
15
Formal Methods
Specification
Schema
Properties
Machine
16
Formal Methods
Specification
Schema
Mathematics
Reality
Properties
Machine
17
Formal Methods
Specification
Schema
satisfies
fulfils
states
is realisation of
has
Properties
Machine
18
Correctness
Deduction
Induction
Induction
Speci-fication
Proof
Properties
Machine
Schema
Insight
Insight
19
2. Professional Activities

• How can machines be developed so that they most
  certainly will do what they should do?

20
Understanding the Goal
Specification
formalise
Properties
21
Designing a Structure
design
Specification
Schema
creative
automatic
formalise
Properties
22
Building a Machine
design
Specification
Schema
formalise
realise
Properties
Machine
exhibit
23
The right Formalisation?
design
Specification
Schema
formalise
realise
validate
justify
Properties
Machine
exhibit
24
Correct Design?
design
Specification
Schema
verify
formalise
realise
validate
justify
Properties
Machine
exhibit
25
Correct Realisation?
design
Specification
Schema
verify
validate
formalise
realise
validate
justify
Properties
Machine
exhibit
26
The World of the Customer
Specification
formalise
implement
validate
validate
justify
Properties
Machine
exhibit
27
The World of the Developer
design
Specification
Schema
verify
validate
implement
validate
realise
Machine
28
3. The Chinese Box Principle

• How not to get lost in the complexity of
  complicated machines?

29
Divide and Conquer
Schema X(1)
Specification S(0)
S(1,1)
satisfies
S(1,2)
is assembled conforming
states
fulfils
fulfils
fulfils
Properties
has
Machine
30
Divide and Conquer
Schema X(1)
Schema X(1,1)
Specification S(0)
satisfies
S(1,1)
satisfies
Schema X(1,2)
S(1,2)
satisfies
is assembled conforming
states
is realisation of
is realisation of
Properties
has
Machine
31
Divide and Conquer
Schema X(1)
X(1,1)
Specification S(0)
satisfies
S(1,1)
satisfies
X(1,2)
S(1,2)
satisfies
is assembled conforming
states
fulfils
fulfils
fulfils
fulfils
fulfils
Properties
has
Machine
32
4. Software Engineering

• How to program computers?
• A simplified view on reality

33
Divide and Conquer (revisited)
Schema X(1)
Schema X(1,1)
Specification S(0)
satisfies
S(1,1)
satisfies
Schema X(1,1)
S(1,2)
satisfies
is assembled conforming
states
is realisation of
is realisation of
Properties
has
Machine
34
Programmable Machines
Program
Specification S(0)
satisfies
S(0)
satisfies
Schema X(UM)
S(UM)
satisfies
is in memory
states
is loaded into
is realisation of
Properties
Program
has
Computer
35
Activities
design
Specification
Schema
verify
validate
formalise
realise
validate
justify
Properties
Machine
exhibit
36
Software Engineering Activities
design
Specification
Program
verify
validate
formalise
load
validate
justify
Properties
Program
exhibit
37
The View of the Software Engineer
design
realise
compile
Program
Specification
verify
formalise
justify
validate
exhibit
Properties
38
High-Level Programming Languages
design
realise
HLL Program
Specification
verify
formalise
justify
exhibit
validate
Properties
39
Executable Specification Languages
Program
Specification
formalise
exhibit
Properties
40
5. Design Theorem

• What has system design to do with the art of
  mathematics?

41
Divide and Conquer (revisited)
Schema X
Specification S
satisfies
S(1)
S(2)
fulfils
is assembled conforming
states
fulfils
Properties
has
Machine
42
Implementation
?
Specification S
M fulfils S
For all properties P such that S states P
holds M has P.
fulfils
states
Properties
has
Machine
43
Realisation
Schema X
?
Y
S(1)
M is realisation of ((S(1), S(2),), Y)
S(2)
There are m(1), m(2), such that m(1) fulfils
S(1), m(2) fulfils S(2), and M is assembled
from m(1), m(2), conform Y
fulfils
is assembled conforming
fulfils
m(1)
m(2)
Machine
44
Satisfication
Schema X
Specification S
satisfies
S(1)
S(2)
?
((S(1), S(2),), Y) satisfies S
For all M that are a realisation of X holds M
fulfils S
45
Metatheory
fulfils MachBSpec l M Mach, S Spec.
" P Prop. S states P Þ M has P is
realisation of MachBSchema l M Mach,
(s, X) Specn ?Struct(n). m Machn.
(" i 0..n. mi fulfils si) Ù M m
assembled X satisfies SchemaBSpec l
Y Schema, S Spec. " M Mach. M is
realisation of Y Þ M fulfils S
46
From these, we can prove
If a specification states some properties,
if a schema satisfies the specification,
if a machine is a realisation of the schema,
then M will have the stated properties.
M is realisation of X Ù X satisfies S Ù S states
P Þ M has P
47
Design Theorem
Find (s, Y) and S such that the following theorem
can be proved and is useful.
" m Machn. (" i 0..n. mi fulfils si)
Þ (m assembled Y) fulfils S
48
6. Fault Tolerance

• What if a machine does not do
• what it is supposed to do?

49
(No Transcript)
50
Formal Methods (revisited)
M is realisation of X Ù X satisfies S Ù S states
P Þ M has P
( m Machn. (" i 0..n. mi fulfils si)
Ù M m assembled Y ) Ù (s, Y) satisfies
S Ù S states P Þ M has P
correct parts
correctly assembled
correct design
right specification
51
Contraposition
M is realisation of X Ú X satisfies S Ú S
states P? M has P
M has P Þ S states P Ú (s, Y)
satisfies S Ú M (m assembled Y) Ú (i
0..n. mi fulfils si)
specification mistake
design error
assembly mistake
faulty part
52
Faulty Parts
(" i 0..n. mi fulfils si) Þ (m assembled
Y) fulfils S
M has P Þ S states P Ú (s, Y)
satisfies S Ú M (m assembled Y) Ú (i
0..n. mi fulfils si)
faulty part
53
Fault Tolerance
(" i 0..n. mi fulfils si) Þ (m assembled
Y) fulfils S
use better parts
make parts meet their specifications
use more parts
improve the structure
provide less service
weaken the specification
54
Design Decisions
(" i 0..n. mi fulfils si) Þ (m assembled
Y) fulfils S
If the intended design theorem cannot be proved
use better parts
strengthen the parts specifications
use more parts
improve the structure
provide less service
weaken the specification
55
7. Informatics

• A young sciencewhat is its goal?
• A tetrachotomy

56
Theory
Specification
Schema
satisfies
fulfils
states
is realisation of
has
Properties
Machine
57
Theory
fulfils MachBSpec l M Mach, S Spec.
" P Prop. S states P Þ M has P is
realisation of MachBSchema l M Mach,
(s, X) Specn ?Struct(n). m Machn.
(" i 0..n. mi fulfils si) Ù M m
assembled X satisfies SchemaBSpec l
Y Schema, S Spec. " M Mach. M is
realisation of Y Þ M fulfils S
58
Methods
design
Specification
Schema
verify
validate
formalise
realise
validate
Properties
Machine
59
Languages
design
Specification
Schema
creative
automatic
ideal specification language
executable specification language
problem oriented high-level design language
technology-oriented high level design language
low-level schema language
machine language
proof language
wide-spectrum language
c.
c.
c.
60
Tools
Specification
Schema
transformation
generation
consistency check
proof
assembly
simulation
Properties
Machine
translation
c.
c.
c.
61
Fundamental Research Questions

• Theories What can be done?
• Methods How to do?
• Languages How to describe?
• Tools What can be done automatically?

62
The End

• ...of the fractal

63
Index theory, methods, languages
design
Mathe-matics
Specification
Schema
satisfies
verify
Deduction
validate
formalise
fulfils
states
is realisation of
Induction
Induction
validate
realise
justify
Real-ity
Properties
Machine
has
exhibit