e ff ectively using jml
play

E ff ectively Using JML Software Engineering Processes - PowerPoint PPT Presentation

Aug 01, 2023 •23 likes •233 views

E ff ectively Using JML Software Engineering Processes incorporating Formal Specification Joseph Kiniry Department of Computer Science University College Dublin Software Engineering Processes old-school processes CRC and state-chart based

  1. E ff ectively Using JML Software Engineering Processes incorporating Formal Specification Joseph Kiniry Department of Computer Science University College Dublin

  2. Software Engineering Processes old-school processes CRC and state-chart based heavyweight processes all up-front design, use UML or similar lightweight processes unit test-centric (XP), design on-the-fly custom processes use a process that works for you Department of Computer Science 2 University College Dublin

  3. E ff ective JML e ff ectively using JML means e ff ectively using JML tools development process of project (macro- scale) is realized by daily development process (micro-scale) rich tool support must be supported by rich process support code standards and organization support Department of Computer Science 3 University College Dublin

  4. Facets of Critical Software Engineering requires a rich environment that synthesizes all primary facets code standards version and configuration management automated build system unit tests requires developer investment in learning, applying, and understanding the method Department of Computer Science 4 University College Dublin

  5. Non-technical Facets requires social adoption internal tensions caused by mandated changes in process can cause a development team to self-destruct requires institutional support an understanding of the time, resources, and potential results of development with formal methods Department of Computer Science 5 University College Dublin

  6. Specification in Process “Contract the Design” you are given an architecture with no specification, little documentation and you must somehow check the system is correct “Design by Contract” you are designing and building a system yourself, relying upon existing components and frameworks Department of Computer Science 6 University College Dublin

  7. Contract the Design a body of code exists and must be annotated the architecture is typically ill-specified the code is typically poorly documented the number and quality of unit tests is typically very poor the goal of annotation is typically unclear Department of Computer Science 7 University College Dublin

  8. Goals of Contract the Design improve understanding of architecture with high-level specifications improve quality of subsystems with medium-level specifications realize and test against critical design constraints using specification-driven code and architecture evaluation evaluate system quality through rigorous testing or verification of key subsystems Department of Computer Science 8 University College Dublin

  9. A Process Outline for Contract the Design directly translate high-level architectural constraints into invariants key constraints on data models, custom data structures, and legal requirements express medium-level design decisions with invariants and pre-conditions use JML models only where appropriate generate unit tests for all key data values Department of Computer Science 9 University College Dublin

  10. Design by Contract writing specifications first is di ffi cult but very rewarding in the long-run you design the system by writing contracts a refinement-centric process akin to early instruction in Dijkstra/Hoare approach ESC/Java2 works well for checking the consistency of formal designs resisting the urge to write code is hard Department of Computer Science 10 University College Dublin

  11. Goals of Design by Contract work out application design by writing contracts rather than code express design at multiple levels BON/UML JML JML w/ privacy refine design by refining contracts write code once when architecture is stable Department of Computer Science 11 University College Dublin

  12. A Process Outline for Design by Contract outline architecture by realizing classifiers with classes capture system constraints with invariants use JML models only where appropriate focus on preconditions over postconditions develop test suite for your design by writing a data generator for your types Department of Computer Science 12 University College Dublin

  13. Case Study: KOA Tally System Dutch government decided to make remote voting available in 2004 to expatriates remote voting is voting by telephone or via the Internet a consulting firm LogicaCMG designed, developed, tested, and deployed system KUN participated in review of system Department of Computer Science 13 University College Dublin

  14. KOA Tally System: Background a primary recommendation of review was that a 3rd party should re-implement a critical part of the system from scratch government opened up bid on independent implementation of counting/tally component KUN group bid on contract and won key factor in bid was proposed use of formal methods (JML) in application development Department of Computer Science 14 University College Dublin

  15. KOA Architecture three main components, each the responsibility of one developer file and data I/O (E. Hubbers) GUI (M. Oostdijk) core data structures and counting algorithm (J. Kiniry) most of specification and verification e ff ort was focused in the core subsystem Department of Computer Science 15 University College Dublin

  16. Code Standards lightweight code standards for this e ff ort basic rules about identifier naming, documentation, annotation, and spacing each developer had his own idiom avoid enforcement or tool use that causes merge conflicts code standard enforcement with checkstyle http://checkstyle.sourceforge.net/ Department of Computer Science 16 University College Dublin

  17. Version and Config Management version management via CVS policies on commits and merges code must build and specs must be right rules are developer-enforced (not triggers) configuration management via Make, a single class of constants, and runtime switches with more time Java properties and bundles are typically used as well Department of Computer Science 17 University College Dublin

  18. Automated Build System GNU make based build system works on all operating systems single developer responsible for build architecture and major upkeep major targets include: normal build, jmlc build, unit test generation and execution, verification, documentation generation, style checking Department of Computer Science 18 University College Dublin

  19. Unit Testing one developer responsible for unit test architecture and major upkeep each developer responsible for identifying key values of their data types unit test only core classes, not GUI or I/O automatically generate ~8,000 tests ensure 100% coverage for core complements verification e ff ort Department of Computer Science 19 University College Dublin

  20. Verification attempt to verify only core classes focus e ff ort on opportunities for greatest impact and lowest risk results of verification with ESC/Java2.0a7 47% of core methods check with ESC/Java2 10% fail due to Simplify issues 31% of postconditions do not verify due to completeness problems 12% fail due to invariant issues Department of Computer Science 20 University College Dublin

  21. Application Summary File I/O GUI Core classes 8 13 6 methods 154 200 83 NCSS 837 1,599 395 specs 446 172 529 specs: 1:2 1:10 5:4 NCSS Department of Computer Science University College Dublin

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Managing Managing Microservices Microservices E ff ectively E ff ectively Daniel Hall

Managing Managing Microservices Microservices E ff ectively E ff ectively Daniel Hall

Managing Managing Microservices Microservices E ff ectively E ff ectively Daniel Hall (@smarthall) Daniel Hall (@smarthall) About Me About Me Systems Engineer at LIFX Making the 'Internet' in the Internet of Things About This Talk About

556 views • 18 slides
The Bottom Line You are always the adult, you are in control. Save the directive mode for

The Bottom Line You are always the adult, you are in control. Save the directive mode for

How can I communicate e fg ectively? Use the right proxemics to show interest without over doing it. Thursday, November 15, 2012 How can I communicate e fg ectively? Listen, share from your experience, summarize but avoid advice

705 views • 34 slides
Just Do It! Making the Decision to Thoughtfully and E ff ectively Brand and Market Your Synagogue

Just Do It! Making the Decision to Thoughtfully and E ff ectively Brand and Market Your Synagogue

Just Do It! Making the Decision to Thoughtfully and E ff ectively Brand and Market Your Synagogue Prepared by Who We Are Jennifer Stofman Amy Pollack Prepared by The Need When someone asks for your synagogues brochure, do you find

824 views • 38 slides
E ff ectively supporting self - directed learning is one of the critical challenges in

E ff ectively supporting self - directed learning is one of the critical challenges in

E ff ectively supporting self - directed learning is one of the critical challenges in supporting lifelong learning - G. Fischer 1 Do 21st Century Learning Environments Support Self - Directed Learning?: Middle School Students Response

486 views • 33 slides
How to E ff ectively Measure the ROI of Content Marketing Pawan Deshpande, CEO Curata Pawan

How to E ff ectively Measure the ROI of Content Marketing Pawan Deshpande, CEO Curata Pawan

How to E ff ectively Measure the ROI of Content Marketing Pawan Deshpande, CEO Curata Pawan Deshpande, CEO Curata Nov. 6, 2014 Nov. 6, 2014 @TweetsFromPawan @TweetsFromPawan @GetCurata @GetCurata #CMExperts #CMExperts Content Marketing

589 views • 38 slides
Welcome to CRM & Online Marketing for NGO / NFP Grow an audience online, and better manage

Welcome to CRM & Online Marketing for NGO / NFP Grow an audience online, and better manage

Welcome to CRM & Online Marketing for NGO / NFP Grow an audience online, and better manage relationships with your contacts Alex Cumberland Operations Manager, Synergy 8 What's a CRM? "Improve your team's ability to e ff ectively

660 views • 11 slides
A Convolutional Attention Network for Extreme Summarization of Source Code ATTENTION

A Convolutional Attention Network for Extreme Summarization of Source Code ATTENTION

A Convolutional Attention Network for Extreme Summarization of Source Code ATTENTION MECHANISM Attention: Withdrawal from some things in order to deal e ff ectively with others ~William James LIBGDX Cross-platform game and

913 views • 34 slides
Elements of Rhetoric 06.16.15 || English 1301: Composition I || D. Glen Smith, instructor

Elements of Rhetoric 06.16.15 || English 1301: Composition I || D. Glen Smith, instructor

Elements of Rhetoric 06.16.15 || English 1301: Composition I || D. Glen Smith, instructor introduction Rhetoric is the art of using language to communicate eff ectively and has been a major part of Western education since the Ancient Greeks.

120 views • 11 slides
How I Started Using VoiceThread VISUAL THINKING CLASS Exposure to new technologies for learning

How I Started Using VoiceThread VISUAL THINKING CLASS Exposure to new technologies for learning

How I Started Using VoiceThread VISUAL THINKING CLASS Exposure to new technologies for learning EduSoCal10 Hybrid Format Best done face-to-face Sorting CTE vThread More e fg ectively done in the cloud Rethinking My Pedagogy Research

388 views • 3 slides
Rehab strategies for patients with chronic conditions A complete, patient-centered approach to e

Rehab strategies for patients with chronic conditions A complete, patient-centered approach to e

Rehab strategies for patients with chronic conditions A complete, patient-centered approach to e ff ectively treat challenging patients Andy McCormick Clinical faculty for APTA Geriatric Residency Program 2014 tDPT Regis University 2009

1.14k views • 85 slides
Matteo Merli What is Apache Pulsar? Distributed pub/sub messaging Backed by a scalable log

Matteo Merli What is Apache Pulsar? Distributed pub/sub messaging Backed by a scalable log

Guaranteed e ff ectively-once messaging semantic Matteo Merli What is Apache Pulsar? Distributed pub/sub messaging Backed by a scalable log store Apache BookKeeper Streaming & Queuing Low latency Multi-tenant

531 views • 37 slides
Model-Agnostic Meta-Learning Universality, Inductive Bias, and Weak Supervision Chelsea Finn

Model-Agnostic Meta-Learning Universality, Inductive Bias, and Weak Supervision Chelsea Finn

Model-Agnostic Meta-Learning Universality, Inductive Bias, and Weak Supervision Chelsea Finn Why Learn to Learn? - e ff ectively reuse data on other tasks - replace manual engineering of architecture, hyperparameters, etc. - learn to quickly

915 views • 30 slides
Algorithms for Team Formation Evimaria Terzi (Boston University) Team-formation problems Boston

Algorithms for Team Formation Evimaria Terzi (Boston University) Team-formation problems Boston

Algorithms for Team Formation Evimaria Terzi (Boston University) Team-formation problems Boston University Slideshow Title Goes Here Given a task and a set of experts (organized in a network) find the subset of experts that can e fg ectively

1.68k views • 117 slides
Special Education Behavior Meeting 9/23/14 Stephen Rutt Jami Arnold Marsha Knepp John 8th

Special Education Behavior Meeting 9/23/14 Stephen Rutt Jami Arnold Marsha Knepp John 8th

9/25/2014 Special Education Behavior Meeting 9/23/14 Stephen Rutt Jami Arnold Marsha Knepp John 8th grade attended the middle school since 6 th grade loves to socialize, appears to be considered popular by peers. Walks around the

204 views • 19 slides
4/2/2019 Jeopardy (Get to Know Your Flash Drive!) MultiState Training New Orleans, Louisiana

4/2/2019 Jeopardy (Get to Know Your Flash Drive!) MultiState Training New Orleans, Louisiana

4/2/2019 Jeopardy (Get to Know Your Flash Drive!) MultiState Training New Orleans, Louisiana April 5, 2019 Judicial Training Network 1 Faculty Judge Rosemary Leslye E. Orloff Collins (Retired) Judicial Training Network 2 Jeopardy

456 views • 10 slides
Check Sheets Continuous Improvement Toolkit . www.citoolkit.com The Continuous Improvement

Check Sheets Continuous Improvement Toolkit . www.citoolkit.com The Continuous Improvement

Continuous Improvement Toolkit Check Sheets Continuous Improvement Toolkit . www.citoolkit.com The Continuous Improvement Map Managing Deciding & Selecting Planning & Project Management* Risk PDPC Decision Balance Sheet

611 views • 10 slides
Math Time First Grade Get your whiteboard and expo marker out. Weekly Focus: Graphing and Data

Math Time First Grade Get your whiteboard and expo marker out. Weekly Focus: Graphing and Data

Math Time First Grade Get your whiteboard and expo marker out. Weekly Focus: Graphing and Data GOAL: I can record, compare, and interpret data using graphs. Todays Lesson: Tally Charts Practice: Tally Charts Use your whiteboard! Problem

346 views • 9 slides
1 $"+%

1 $"+%

"# $! !

414 views • 6 slides
Image Alignment 16-385 Computer Vision (Kris Kitani) Carnegie Mellon University

Image Alignment 16-385 Computer Vision (Kris Kitani) Carnegie Mellon University

Lucas Kanade Image Alignment 16-385 Computer Vision (Kris Kitani) Carnegie Mellon University http://www.humansensing.cs.cmu.edu/intraface/ How can I find in the image? Idea #1: Template Matching Slow, combinatory, global solution Idea #2:

422 views • 40 slides
EKF, UKF Pieter Abbeel UC Berkeley EECS

EKF, UKF Pieter Abbeel UC Berkeley EECS

EKF, UKF Pieter Abbeel UC Berkeley EECS Many slides adapted from Thrun, Burgard and Fox, ProbabilisAc RoboAcs Kalman Filter Kalman

543 views • 35 slides
Hes not a real smooth function The following function from R R is infinitely

Hes not a real smooth function The following function from R R is infinitely

Hes not a real smooth function The following function from R R is infinitely differentiable everywhere, but the Taylor series at 0 converges nowhere: 0 x 0 f ( x ) = e 1 / x x > 0 Analytic Functions have Taylor Series

159 views • 4 slides
Taylor Expansions of the Value Function Associated with Stabilization Problems Laurent Pfeiffer

Taylor Expansions of the Value Function Associated with Stabilization Problems Laurent Pfeiffer

Taylor expansions and feedback laws Numeric results Elements of analysis Receding-horizon algorithm Taylor Expansions of the Value Function Associated with Stabilization Problems Laurent Pfeiffer Inria-Saclay and CMAP, Ecole Polytechnique

676 views • 38 slides
Noncommutative functions: Algebraic and analytic results Dmitry Kaliuzhnyi-Verbovetskyi 1

Noncommutative functions: Algebraic and analytic results Dmitry Kaliuzhnyi-Verbovetskyi 1

The definition and examples of nc functions NC difference-differential calculus Algebraic and analytic results Noncommutative functions: Algebraic and analytic results Dmitry Kaliuzhnyi-Verbovetskyi 1 Department of Mathematics Drexel

463 views • 23 slides
Holomorphic Embedding Load Flow Method Zack 2/28/2014 Backgound Holomorphic function A

Holomorphic Embedding Load Flow Method Zack 2/28/2014 Backgound Holomorphic function A

Holomorphic Embedding Load Flow Method Zack 2/28/2014 Backgound Holomorphic function A holomorphic function is a complex-valued function of one or more complex variables that is complex differentiable in a neighborhood of every point in

361 views • 10 slides

More recommend