school of computer science engineering unsw
play

School of Computer Science & Engineering UNSW - PowerPoint PPT Presentation

Oct 09, 2022 •340 likes •942 views

School of Computer Science & Engineering UNSW http://www.cse.unsw.edu.au/ An Introduction to the B Method Preconditions and Guards Revised 27th March 2001 Ken Robinson mailto::k.robinson@unsw.edu.au k.robinson@unsw.edu.au Objectives

  1. School of Computer Science & Engineering — UNSW http://www.cse.unsw.edu.au/ An Introduction to the B Method Preconditions and Guards Revised 27th March 2001 Ken Robinson mailto::k.robinson@unsw.edu.au k.robinson@unsw.edu.au

  2. Objectives of this lecture The two concepts of preconditions and guards are frequently confused, but in this lecture we will attempt to show that they are very different.

  3. Objectives of this lecture The two concepts of preconditions and guards are frequently confused, but in this lecture we will attempt to show that they are very different. In part the confusion arises because, in general, only the concept of guard is implemented in commonly used programming languages. Curiously, in a strategy known as defensive programming guards are used where preconditions are needed, and this is most inappropriate.

  4. Objectives of this lecture The two concepts of preconditions and guards are frequently confused, but in this lecture we will attempt to show that they are very different. In part the confusion arises because, in general, only the concept of guard is implemented in commonly used programming languages. Curiously, in a strategy known as defensive programming guards are used where preconditions are needed, and this is most inappropriate. In this lecture we will explore and contrast the concepts of preconditions and guards, in order to understand their intended purpose, and the implications of their use.

  5. Preconditions and Guards In the Simple Library case study we have instances of preconditions and guards.

  6. Preconditions and Guards In the Simple Library case study we have instances of preconditions and guards. Preconditions appeared in preconditioned substitutions. Guards appeared in if-then-else constructs.

  7. Preconditions and Guards In the Simple Library case study we have instances of preconditions and guards. Preconditions appeared in preconditioned substitutions. Guards appeared in if-then-else constructs. Preconditions and guards appear to be similar, but in fact they diametrically opposed concepts.

  8. Experiment 1 Animate the CoffeeClub0 machine developed in the B Method Overview lectures.

  9. Experiment 1 Animate the CoffeeClub0 machine developed in the B Method Overview lectures. Select the FeedBank operation a few times, and observe what happens to the state.

  10. Experiment 1 Animate the CoffeeClub0 machine developed in the B Method Overview lectures. Select the FeedBank operation a few times, and observe what happens to the state. Select the RobBank operation a few times.

  11. Experiment 1 Animate the CoffeeClub0 machine developed in the B Method Overview lectures. Select the FeedBank operation a few times, and observe what happens to the state. Select the RobBank operation a few times. What happens when RobBank is selected when piggybank is 0?

  12. Experiment 1 Animate the CoffeeClub0 machine developed in the B Method Overview lectures. Select the FeedBank operation a few times, and observe what happens to the state. Select the RobBank operation a few times. What happens when RobBank is selected when piggybank is 0? What happens for the following sequence: select RobBank when piggybank is 0; then select FeedBank?

  13. Experiment 1 Animate the CoffeeClub0 machine developed in the B Method Overview lectures. Select the FeedBank operation a few times, and observe what happens to the state. Select the RobBank operation a few times. What happens when RobBank is selected when piggybank is 0? What happens for the following sequence: select RobBank when piggybank is 0; then select FeedBank? What conclusion do you draw from this?

  14. Experiment 2 Modify the FeedBank operation by adding a precondition 42 ≤ piggybank , and remake the machine.

  15. Experiment 2 Modify the FeedBank operation by adding a precondition 42 ≤ piggybank , and remake the machine. Run the animator, and select FeedBank with piggybank equal to 0.

  16. Experiment 2 Modify the FeedBank operation by adding a precondition 42 ≤ piggybank , and remake the machine. Run the animator, and select FeedBank with piggybank equal to 0. What happens?

  17. Experiment 2 Modify the FeedBank operation by adding a precondition 42 ≤ piggybank , and remake the machine. Run the animator, and select FeedBank with piggybank equal to 0. What happens? What conclusions do you draw from this?

  18. What are precondition? Preconditions are assumptions.

  19. What are precondition? Preconditions are assumptions. They are not conditions that are going to be checked.

  20. What are precondition? Preconditions are assumptions. They are not conditions that are going to be checked. They do not prevent access to the substitutions to which they are attached.

  21. What are precondition? Preconditions are assumptions. They are not conditions that are going to be checked. They do not prevent access to the substitutions to which they are attached. On the contrary, a preconditioned substitution assumes the precondition is true. If it is not then the consequence is not defined.

  22. What are precondition? Preconditions are assumptions. They are not conditions that are going to be checked. They do not prevent access to the substitutions to which they are attached. On the contrary, a preconditioned substitution assumes the precondition is true. If it is not then the consequence is not defined. Preconditions are not necessarily correct or incorrect; they may be appropriate or inappropriate.

  23. Experiment 3 Remove the preconditions from the FeedBank and RobBank operations.

  24. Experiment 3 Remove the preconditions from the FeedBank and RobBank operations. Remake the machine.

  25. Experiment 3 Remove the preconditions from the FeedBank and RobBank operations. Remake the machine. Enter the Provers environment and run the AutoProver.

  26. Experiment 3 Remove the preconditions from the FeedBank and RobBank operations. Remake the machine. Enter the Provers environment and run the AutoProver. Look at the undischarged proof obligations, using the BToolProver.

  27. Experiment 3 Remove the preconditions from the FeedBank and RobBank operations. Remake the machine. Enter the Provers environment and run the AutoProver. Look at the undischarged proof obligations, using the BToolProver. What conclusions do you draw?

  28. Experiment 4 Modify the RobBank operation to have a guard.

  29. Experiment 4 Modify the RobBank operation to have a guard. RobBank = IF amount <= piggybank THEN piggybank := piggybank - amount END Remake.

  30. Experiment 4 Modify the RobBank operation to have a guard. RobBank = IF amount <= piggybank THEN piggybank := piggybank - amount END Remake. Examine any undischarged proof obligations.

  31. Experiment 4 Modify the RobBank operation to have a guard. RobBank = IF amount <= piggybank THEN piggybank := piggybank - amount END Remake. Examine any undischarged proof obligations. What conclusions do you draw?

  32. Conclusions from experiments We could conclude from the preceding experiments that it doesn’t matter for the RobBank operation whether we use a guard or a precondition. Both lead to proof obligations that are discharged.

  33. Conclusions from experiments We could conclude from the preceding experiments that it doesn’t matter for the RobBank operation whether we use a guard or a precondition. Both lead to proof obligations that are discharged. But that might lead us into a false sense of security.

  34. Conclusions from experiments We could conclude from the preceding experiments that it doesn’t matter for the RobBank operation whether we use a guard or a precondition. Both lead to proof obligations that are discharged. But that might lead us into a false sense of security. For example, we might want to explore when RobBank(1) followed by FeedBank(1) is equivalent to doing nothing.

  35. Conclusions from experiments We could conclude from the preceding experiments that it doesn’t matter for the RobBank operation whether we use a guard or a precondition. Both lead to proof obligations that are discharged. But that might lead us into a false sense of security. For example, we might want to explore when RobBank(1) followed by FeedBank(1) is equivalent to doing nothing. This is true for all values of the initial value of piggybank, except 0.

  36. Conclusions from experiments We could conclude from the preceding experiments that it doesn’t matter for the RobBank operation whether we use a guard or a precondition. Both lead to proof obligations that are discharged. But that might lead us into a false sense of security. For example, we might want to explore when RobBank(1) followed by FeedBank(1) is equivalent to doing nothing. This is true for all values of the initial value of piggybank, except 0. The exception is due to the behaviour of RobBank(amount), and hence this operation should have a precondition amount ≤ piggybank .

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Blockchain for Cyberphysical Systems Salil Kanhere School of Computer Science and Engineering

Blockchain for Cyberphysical Systems Salil Kanhere School of Computer Science and Engineering

Blockchain for Cyberphysical Systems Salil Kanhere School of Computer Science and Engineering UNSW Sydney Australia E: salil.kanhere@unsw.edu.au W: www.salilkanhere.net Acknowledgements UNSW : Ali Dorri, Sidra Malik, Chuka Oham, Pooja Gupta,

1.55k views • 83 slides
Comprehensive Mobile Bandwidth Traces from Vehicular Networks Computer Science Engineering Ayub

Comprehensive Mobile Bandwidth Traces from Vehicular Networks Computer Science Engineering Ayub

Comprehensive Mobile Bandwidth Traces from Vehicular Networks Computer Science Engineering Ayub Bokani University of New South Wales (UNSW), Sydney, Australia Web: www.cse.unsw.edu.au/~abokani/ Email: Ayub.Bokani@unsw.edu.au Joint work with

629 views • 17 slides
Harvesting Martian Resources to create fuel, water, oxygen and building materials.

Harvesting Martian Resources to create fuel, water, oxygen and building materials.

School of Mining Engineering Mars Mining Operation Optimiser - M 2 O 2 Carlos Tapia Cortez - School of Mining Engineering - UNSW A/Prof. Serkan Saydam - School of Mining Engineering - UNSW Dr Laurent Sibille - Ascentech Enterprises, Inc. KSC

497 views • 28 slides
Introduction Dr. Basem Suleiman Web Application Engineering School of Computer Science and

Introduction Dr. Basem Suleiman Web Application Engineering School of Computer Science and

Cloud Computing An Introduction Dr. Basem Suleiman Web Application Engineering School of Computer Science and Engineering UNSW Cloud Computing, Dr. Basem Suleiman 1 The Internet - Web Applications https://support.office.com/en-us/

409 views • 36 slides
System Modelling and Design Refining Software Engineering Ken Robinson School of Computer

System Modelling and Design Refining Software Engineering Ken Robinson School of Computer

Outline System Modelling and Design Refining Software Engineering Ken Robinson School of Computer Science &amp; Engineering The University of New South Wales, Sydney Australia Ken Robinson 2009 c mailto::k.robinson@unsw.edu.au Rodin

896 views • 67 slides
Electrical Engineering, Computer Science, and Computer Engineering degrees at WSU Behrooz A.

Electrical Engineering, Computer Science, and Computer Engineering degrees at WSU Behrooz A.

School of Electrical Engineering School of Electrical Engineering and Computer Science and Computer Science Electrical Engineering, Computer Science, and Computer Engineering degrees at WSU Behrooz A. Shirazi Huie-Rogers Chair and Director

536 views • 53 slides
Harvey A. Cohen School of Computer Science and Computer Engineering La Trobe University

Harvey A. Cohen School of Computer Science and Computer Engineering La Trobe University

IMAGE RESTORATION VIA N-NEAREST NEIGHBOUR CLASSIFICATION Harvey A. Cohen School of Computer Science and Computer Engineering La Trobe University Melbourne Victoria Australia 3083 Email: H.Cohen@latrobe.edu.au WWW:

390 views • 12 slides
A half-baked approach to an embedded device driver framework in Esterel Timothy Bourke and Leonid

A half-baked approach to an embedded device driver framework in Esterel Timothy Bourke and Leonid

1 A half-baked approach to an embedded device driver framework in Esterel Timothy Bourke and Leonid Ryzhyk School of Computer Science and Engineering, UNSW and National ICT Australia Arcot Sowmya Ihor Kuz UNSW Asia, Singapore National

1.78k views • 69 slides
Introduction to Agents John Lloyd School of Computer Science College of Engineering and Computer

Introduction to Agents John Lloyd School of Computer Science College of Engineering and Computer

Introduction to Agents John Lloyd School of Computer Science College of Engineering and Computer Science Australian National University Topics Agents and agent architectures Historical issues Philosophical issues Reference:

972 views • 39 slides
Thinking and Autonomy Prasad Tadepalli School of Electrical Engineering and Computer Science

Thinking and Autonomy Prasad Tadepalli School of Electrical Engineering and Computer Science

6/7/2018 Thinking and Autonomy Prasad Tadepalli School of Electrical Engineering and Computer Science Oregon State University Turing Test (1950) The interrogator C needs to decide if he is talking to a computer A or a human B. If he is

191 views • 7 slides
HPC and I/O Subsystems Ratan K. Guha School of Electrical Engineering and Computer Science

HPC and I/O Subsystems Ratan K. Guha School of Electrical Engineering and Computer Science

HPC and I/O Subsystems Ratan K. Guha School of Electrical Engineering and Computer Science University of Central Florida Orlando, FL 32616 Overview My Experience and Current Projects Top 10 Supercomputers Cluster Computers Node

797 views • 13 slides
Minimum Disclosure Counting for the Alternative Vote Roland Wen and Richard Buckland School of

Minimum Disclosure Counting for the Alternative Vote Roland Wen and Richard Buckland School of

Minimum Disclosure Counting for the Alternative Vote Roland Wen and Richard Buckland School of Computer Science and Engineering The University of New South Wales Sydney, Australia {rolandw,richardb}@cse.unsw.edu.au VOTE-ID 2009 Outline

365 views • 24 slides
Can Labor close the greenhouse gap? Dr Mark Diesendorf Honorary Associate Professor UNSW Sydney

Can Labor close the greenhouse gap? Dr Mark Diesendorf Honorary Associate Professor UNSW Sydney

School of Photovoltaic &amp; Renewable Energy Engineering, UNSW Sydney, 15 May 2019 Can Labor close the greenhouse gap? Dr Mark Diesendorf Honorary Associate Professor UNSW Sydney Email: m.diesendorf@unsw.edu.au Web :

699 views • 24 slides
Overview of the Coq Proof Assistant Nicolas Magaud School of Computer Science and Engineering

Overview of the Coq Proof Assistant Nicolas Magaud School of Computer Science and Engineering

Overview of the Coq Proof Assistant Nicolas Magaud School of Computer Science and Engineering The University of New South Wales Guest lecture Theorem Proving Outline 2 Some Theoretical Background Constructive Logic Curry-Howard

435 views • 21 slides
Advanced Laser Doped Solar Cells School of Photovoltaic &amp; Renewable Energy Engineering UNSW

Advanced Laser Doped Solar Cells School of Photovoltaic &amp; Renewable Energy Engineering UNSW

Advanced Laser Doped Solar Cells School of Photovoltaic &amp; Renewable Energy Engineering UNSW 22 nd May 2014 Brett Hallam Overview Introduction Laser doping Continuous Wave Laser Doping for Deep Junction Formation Modelling

612 views • 45 slides
Masked Ballot Voting for Receipt-Free Online Elections Roland Wen and Richard Buckland School of

Masked Ballot Voting for Receipt-Free Online Elections Roland Wen and Richard Buckland School of

Masked Ballot Voting for Receipt-Free Online Elections Roland Wen and Richard Buckland School of Computer Science and Engineering The University of New South Wales Sydney, Australia {rolandw,richardb}@cse.unsw.edu.au VOTE-ID 2009 1 / 35

509 views • 35 slides
THE JACOBIAN &amp; CHANGE OF VARIABLES MATH 200 GOALS Be able to convert integrals in

THE JACOBIAN &amp; CHANGE OF VARIABLES MATH 200 GOALS Be able to convert integrals in

MATH 200 WEEK 10 - WEDNESDAY THE JACOBIAN &amp; CHANGE OF VARIABLES MATH 200 GOALS Be able to convert integrals in rectangular coordinates to integrals in alternate coordinate systems MATH 200 DEFINITION Transformation: A

1.19k views • 30 slides
POLARDB for MyRocks Extending shared storage to MyRocks Zhang, Yuan Alibaba Cloud Apr, 2018

POLARDB for MyRocks Extending shared storage to MyRocks Zhang, Yuan Alibaba Cloud Apr, 2018

POLARDB for MyRocks Extending shared storage to MyRocks Zhang, Yuan Alibaba Cloud Apr, 2018 About me Yuan Zhang database engineer Work at Ailbaba for 5 years Focus on MySQL &amp; MyRocks email

2.07k views • 33 slides
Purdue School of Engineering and Technology IUPUI Deans Industry Advisory Council April 2,

Purdue School of Engineering and Technology IUPUI Deans Industry Advisory Council April 2,

DIAC Meeting Purdue School of Engineering and Technology IUPUI Deans Industry Advisory Council April 2, 2015 2015 Goals and Objectives l Continue to Support School Initiatives l Use Long Range Plan to develop this years priorities

400 views • 12 slides
Combined mean-field and semiclassical limits of large fermionic systems Li CHEN Joint work with

Combined mean-field and semiclassical limits of large fermionic systems Li CHEN Joint work with

Setting and introduction from many particle Schr odinger to Vlasov Reformulation of the many body Schr odinger equation by using Husimi measures and the main result Proof strategy and Uniform estimates Combined mean-field and semiclassical

729 views • 27 slides
Fostering cooperation and synergies while avoiding unnecessary duplication of facilities Dr

Fostering cooperation and synergies while avoiding unnecessary duplication of facilities Dr

Panel 1B, 13 September 2018 Fostering cooperation and synergies while avoiding unnecessary duplication of facilities Dr Beryl Morris, TERN Director ICRI 2018, Vienna TERN is supported by the Australian Government through the National

355 views • 12 slides
GBIF MONTHLY UPDATE March 2016 GBIF BY THE NUMBERS 648,781,852 species occurrence records

GBIF MONTHLY UPDATE March 2016 GBIF BY THE NUMBERS 648,781,852 species occurrence records

GBIF MONTHLY UPDATE March 2016 GBIF BY THE NUMBERS 648,781,852 species occurrence records 15,516 datasets 798 data-publishing institutions http://www.gbif.org | 03 MAR 2016 GBIF BY THE NUMBERS: FEB 2016 +4,494,896 species occurrence

581 views • 20 slides
Ext xtraction for Biocollections using Ensembles of f OCRs caro Alzuru, Rhiannon Stephens,

Ext xtraction for Biocollections using Ensembles of f OCRs caro Alzuru, Rhiannon Stephens,

Quality-aware Human-Machine Text xt Ext xtraction for Biocollections using Ensembles of f OCRs caro Alzuru, Rhiannon Stephens, Andra Matsunaga, Maurcio Tsugawa, Paul Flemons, and Jos A.B. Fortes 15 th eScience International Conference

486 views • 19 slides
Who really pays for environmental crime? S entencing in Environmental Prosecutions

Who really pays for environmental crime? S entencing in Environmental Prosecutions

Who really pays for environmental crime? S entencing in Environmental Prosecutions Introduction Environmental offences have been created by legislation by the Commonwealth and all S tates and Territories. Environment Prot ect ion and

293 views • 15 slides

More recommend