Specif ication in the sof tware Specif ication and design process - - PDF document

specif ication in the sof tware specif ication and design
SMART_READER_LITE
LIVE PREVIEW

Specif ication in the sof tware Specif ication and design process - - PDF document

Jun 20, 2023 725 likes •783 views

Formal Specif ication Objectives To explain why f ormal specif ication techniques help discover problems in Techniques f or the system requirements unambiguous To describe the use of algebraic techniques f or interf ace specif

slide-1
SLIDE 1

1

Formal Specif ication

  • Techniques f or the

unambiguous specif ication of sof tware

Objectives

  • To explain why f ormal specif ication

techniques help discover problems in system requirements

  • To describe the use of algebraic

techniques f or interf ace specif ication

  • To describe the use of model- based

techniques f or behavioural specif ication

Topics covered

  • Formal specif ication in the sof tware

process

  • I nterf ace specif ication
  • Behavioural specif ication

Formal methods

  • Formal specif ication is part of a more

general collection of t echniques t hat are known as ‘f ormal met hods’

  • These are all based on mathematical

representation and analysis of sof tware

  • Formal methods include

– Formal specif ication – Specif ication analysis and proof – Transf ormational development – Program verif ication

Acceptance of f ormal methods

  • Formal methods have not become

mainstream sof tware development techniques as was once predicted

– Other sof tware engineering techniques have been successf ul at increasing system quality. – Market changes have made time- to- market rather than sof tware with a low error count the key f actor. Formal methods do not reduce time to market – Formal methods are hard to scale up to large systems

Use of f ormal methods

  • Their principal benef its are in

reducing the number of errors in systems so their main area of applicability is critical systems

  • I n this area, the use of f ormal

methods is most likely to be cost- ef f ective

slide-2
SLIDE 2

2

Specif ication in the sof tware process

  • Specif ication and design are

intermingled.

  • Architectural design is essential to

structure a specif ication.

  • Formal specif ications are expressed

in a mathematical notation with precisely def ined vocabulary, synt ax and semantics.

Specif ication

Specif ication and design

Requirements Def inition Requirements Def inition Requirements Specif ication Requirements Specif ication Architectural Design Architectural Design Sof tware Specif ication Sof tware Specif ication High- level Design High- level Design Design I ncreasing Contractor I nvolvement Decreasing Client I nvolvement

Specif ication in the sof tware process

Requirements Def inition Requirements Def inition Requirements Specif ication Requirements Specif ication System Modeling System Modeling Architectural Design Architectural Design Formal Specif ication Formal Specif ication High- level Design High- level Design

Specif ication techniques

  • Algebraic approach

– The system is specif ied in terms of it s

  • perations and t heir relationships
  • Model- based approach

– The system is specif ied in terms of a state model t hat is construct ed using mathemat ical constructs such as sets and sequences. Operations are def ined by modif icat ions to the system’s state

Formal specif ication languages

  • 1. CSP
  • 2. Petri Nets
  • 1. Z
  • 2. VDM
  • 3. B

Model- based Lotos Larch Algebraic Concurrent Sequential

Use of f ormal specif ication

  • Formal specif ication involves investing

more ef f ort in the early phases of sof tware development

  • This reduces requirements errors as it

f orces a detailed analysis of t he requirements

  • I ncompleteness and inconsist encies can

be discovered and resolved

  • Hence, savings as made as t he amount of

rework due to requirement s problems is reduced

slide-3
SLIDE 3

3

Specif ication Specif ication Design & I mplementation Design & I mplementation

Validation Validat ion

Without f ormal specif ication With f ormal specif ication Cost

Development costs with f ormal specif ication

I nterf ace specif ication

  • Large systems are decomposed into

subsystems with well- def ined interf aces between t hese subsystems

  • Specif ication of subsystem int erf aces

allows independent development of the dif f erent subsystems

  • I nterf aces may be def ined as abstract

data types or object classes

  • The algebraic approach to f ormal

specif ication is particularly well- suited to interf ace specif icat ion

Sub- system interf aces

Sub- system A Sub- system A Sub- system B Sub- system B I nterf ace

  • bjects

The structure of an algebraic specif ication

Sort <name> I mports <list of specif ication names> Sort <name> I mports <list of specif ication names> I nf ormal description of the sort and its operations I nf ormal description of the sort and its operations Operation signatures setting out the names and the types of the parameters to the operations def ined

  • ver the sort

Operation signatures setting out the names and the types of the parameters to the operations def ined

  • ver the sort

Axioms def ining the operations over the sort Axioms def ining the operations over the sort <Specif ication Name> (Generic Parameter)

Specif ication components

  • I ntroduction

– Def ines the sort (the type name) and declares other specif ications that are used

  • Descript ion

– I nf ormally describes the operations on the type

  • Signature

– Def ines the syntax of the operations in the interf ace and their parameters

  • Axioms

– Def ines the operation semantics by def ining axioms which characterise behaviour

Systematic algebraic specif ication

  • Algebraic specif ications of a system

may be developed in a systematic way

– Specif ication struct uring. – Specif ication naming. – Operation select ion. – I nf ormal operat ion specif ication – Syntax def inition – Axiom def inition

slide-4
SLIDE 4

4

Specif ication operations

  • Constructor operations. Operations

which create entities of the type being specif ied

  • I nspection operations. Operations

which evaluate entities of the type being specif ied

  • To specif y behaviour, def ine the

inspector operations f or each constructor operation

I nterf ace specif ication in critical systems

  • Consider an air traf f ic control system

where aircraf t f ly through managed sectors of airspace

  • Each sector may include a number of

aircraf t but , f or saf ety reasons, these must be separated

  • I n this example, a simple vert ical

separat ion of 300m is proposed

  • The system should warn the controller if

aircraf t are instruct ed to move so t hat the separation rule is breached

A sector object

  • Critical operations on an object

representing a controlled sector are

– Enter. Add an aircraf t t o the controlled airspace – Leave. Remove an aircraf t f rom t he controlled airspace – Move. Move an aircraf t f rom one height to another – Lookup. Given an aircraf t identif ier, return its current height

Primitive operations

  • I t is sometimes necessary to introduce

additional operations to simplif y the specif ication

  • The ot her operations can then be

def ined using these more primitive

  • perations
  • Primit ive operations

– Create. Bring an instance of a sector into existence – Put. Add an aircraf t without saf ety checks – I n- space. Determine if a given aircraf t is in the sector – Occupied. Given a height, determine if there is an aircraf t within 300m of that height

Sector specif ication

Enter (S, CS, H) = if In-space (S, CS ) then S exception (Aircraft already in sector) elsif Occupied (S, H) then S exception (Height conflict) else Put (S, CS, H) Leave (Create, CS) = Create exception (Aircraft not in sector) Leave (Put (S, CS1, H1), CS) = if CS = CS1 then S else Put (Leave (S, CS), CS1, H1) Move (S, CS, H) = if S = Create then Create exception (No aircraft in sector) elsif not In-space (S, CS) then S exception (Aircraft not in sector) elsif Occupied (S, H) then S exception (Height conflict) else Put (Leave (S, CS), CS, H)

  • - NO-HEIGHT is a constant indicating that a valid height cannot be returned

Lookup (Create, CS) = NO-HEIGHT exception (Aircraft not in sector) Lookup (Put (S, CS1, H1), CS) = if CS = CS1 then H1 else Lookup (S, CS) Occupied (Create, H) = false Occupied (Put (S, CS1, H1), H) = if (H1 > H and H1 - H ≤ 300) or (H > H1 and H - H1 ≤ 300) then true else Occupied (S, H) In-space (Create, CS) = false In-space (Put (S, CS1, H1), CS ) = if CS = CS1 then true else In-space (S, CS) sort Sector imports INTEGER, BOOLEAN Enter - adds an aircraft to the sector if safety conditions are satisfed Leave - removes an aircraft from the sector Move - moves an aircraft from one height to another if safe to do so Lookup - Finds the height of an aircraft in the sector Create - creates an empty sector Put - adds an aircraft to a sector with no constraint checks In-space - checks if an aircraft is already in a sector Occupied - checks if a specified height is available Enter (Sector, Call-sign, Height) → Sector Leave (Sector, Call-sign) → Sector Move (Sector, Call-sign, Height) → Sector Lookup (Sector, Call-sign) → Height Create → Sector Put (Sector, Call-sign, Height) → Sector In-space (Sector, Call-sign) → Boolean Occupied (Sector, Height) → Boolean SECTOR

Specif ication commentary

  • Use the basic const ructors Create

and Put to specif y other operations

  • Def ine Occupied and I n- space using

Create and Put and use them to make checks in other operation def initions

  • All operations that result in changes

to the sector must check that the saf ety criterion holds