Introduction to Formal Methods Preconditions Postconditions and Invariants
- Slides: 11
Introduction to Formal Methods; Preconditions, Postconditions, and Invariants Revisited; Z language Example (Pressman) 1
What are formal methods? Formal methods are mathematically based. They are an attempt to deal with contradictions, ambiguities, vagueness, incomplete statements, and mixed levels of abstraction. They are most valuable for systems which have: --safety concerns (e. g. , airplane systems, medical devices) --security concerns 2
Formal techniques: --use set theory, logic to specify systems --increase probability of complete, consistent, unambiguous specifications --have high start-up costs; may require high overhead; some concepts (e. g. , timing, reliability) difficult or impossible to capture in formal systems --do not replace more traditional approaches 3
Ten commandments of formal methods "Ten Commandments" of formal methods (Pressman, Software Engineering, A Practitioner's Approach): 1. Choose the appropriate notation 2. Formalize but don't overformalize 3. Estimate costs 4. Have a formal methods "guru" on call 5. Do not abandon traditional development methods 6. Document sufficiently 7. Don't compromise quality standards 8. Do not be dogmatic 9. Test, test, …. 10. Reuse 4
Preconditions, postconditions, invariants Earlier we looked at adding statements to ensure correct program behavior: precondition: logical condition that a caller of an operation guarantees before making the call postcondition: logical condition that an operation guarantees upon completion invariant: logical condition that is preserved by transformations These conditions are all expressed as logical statements --they can be quantified ( , ) --they can be used to support testing at different levels 5
What is Z? A complete formal system We will use an example formal specification language: Z system described through a set of "schemas”, which have data invariant(s) state(s) operations-- with precondition(s) / postcondition(s) 6
Z example (1) Example (from Pressman, Software Engineering, A Practitioner’s Approach): “Block Handler” Unused (free) blocks 2 5 7 8 10 11 12 13469 2 Used blocks 5 8 11 7 Blocks released to queue when files deleted Queued for entry into Unused 7
Some Z notation Z specification: set -------Block. Handler-----------intersection used, free: BLOCKS Block. Queue: seq P BLOCKS union ------------------------ sequence used free = contained in “then” used free = All. Blocks and. i: dom Block. Queue i used i, j : dom Block. Queue. i j Block. Queue i Block. Queue j = in for all implies empty set intersection 8
Z example (2) Z specification: -------Block. Handler-----------used, free: BLOCKS Block. Queue: seq P BLOCKS -----------------------used free = All. Blocks i: dom Block. Queue i used i, j : dom Block. Queue. i j Block. Queue i Block. Queue j = 9
Z example (3) -----Remove. Block------------- Block. Handler --------------------------#Block. Queue > 0, used’ = used head Block. Queue free’ = free head Block. Queue’ = tail Block. Queue -------------------------------Add. Block--------------- Block. Handler Ablocks? : BLOCKS --------------------------Ablocks? used, used’ = used free’ = free Block. Queue’ = Block. Queue ^ (Ablocks? ) --------------------------- 10
Modifications 1. What if Block. Queue is replaced by Block. Stack? 2. What are postconditions for the operations? 11
Precondition postcondition invariant
Class invariants
Preconditions for an insider threat
Weakest preconditions
Describing syntax
Direct wax pattern technique
It is an intentional organized and structured
Unit 3 formal informal and nonformal education
Formal education and non formal education venn diagram
Formal amendment chapter 3 section 2
What is formal methods
Z notation in software engineering
