State ModelBased Approaches II Software Specification Lecture 36

(State) Model-Based Approaches II Software Specification Lecture 36 Prepared by Stephen M. Thebaut, Ph. D. University of Florida

Specification using “Z” Z is a mature and expressive notation for modelbased specification. It combines formal and informal descriptions and incorporates graphical highlighting. The basic building blocks of Z-based specifications are schemas. Schemas identify state variables and define constraints and operations in terms of those variables. Software Engineering, 5 th Edition. Chapter 11

Schemas are comprised of three parts: name, signature, and predicate. – The signature declares (state) entities introduced in a schema and their type. Signature declarations are given in the form identifier: type. – The predicate defines logical relationships between entities in the declaration. Z is based on the predicate calculus + typed sets. Software Engineering, 5 th Edition. Chapter 11

Graphical Layout of a Schema Name Signature Predicate Software Engineering, 5 th Edition. Chapter 11

Schemas (cont’d) Schemas describe state entities or operations on state entities. – To describe state entities, declared variables comprise the entities while predicates specify their invariant properties. – To describe operations, declarations consist of initial and final state variables, inputs, and outputs, while predicates specify the relations among them. Software Engineering, 5 th Edition. Chapter 11

Example 1 Specification of a generic container entity: modeled as natural numbers Container contents: N capacity: N contents capacity invariant property Software Engineering, 5 th Edition. Chapter 11

Example 1 (cont’d) Specification of a generic indicator entity: Indicator light: {off, on} reading: N danger_level: N light = on reading danger_level Software Engineering, 5 th Edition. Chapter 11

Example 1 (cont’d) Specification of a storage tank entity: Storage_tank Container Indicator reading = contents capacity = 500 danger_level = 50 Predicates on separate lines are separated by an implicit “AND”. Software Engineering, 5 th Edition. Chapter 11

Example 1 (cont’d) Expanded specification of a storage tank entity: Storage_tank contents: N capacity: N light: {off, on} reading: N danger_level: N contents capacity light = on reading danger_level reading = contents capacity = 500 danger_level = 50 Software Engineering, 5 th Edition. Chapter 11

Example 1 (cont’d) Specification of a nominal storage tank fill operation: “Delta” indicates that values of one or more variables will be changed. Fill-OK “? ” indicates that amount is an INPUT. Storage-tank amount? : N contents + amount? capacity contents’ = contents + amount? “dash” indicates the value of contents AFTER the operation Software Engineering, 5 th Edition. Chapter 11

Example 1 (cont’d) Specification of an exceptional storage tank fill operation: “Xi” indicates that NO variables will be changed by the operation. Over. Fill “!” indicates that r is an OUTPUT. Storage-tank amount? : N r!: seq CHAR capacity < contents + amount? r! = “Insufficient tank capacity – Fill cancelled” Software Engineering, 5 th Edition. Chapter 11

Example 1 (cont’d) Complete specification of the storage tank fill operation: Fill-OK V Over. Fill Software Engineering, 5 th Edition. Chapter 11

Example 2 Specification of a simple Library system: set of books held by library Library set of (book, borrower) pairs “Powerset Book”: the set of sets of books Each book on loan is mapped to a borrower. stock: Book on. Loan: Book Borrower dom on. Loan stock Note use of typed sets. books on loan are a subset of existing stock G Kontoya and I. Sommerville 1998

Example 2 (cont’d) Specification of the borrow operation: Borrow Library book? : Book reader? : Borrower book? stock book? dom on. Loan’ = on. Loan {(book? , reader? )} stock’ = stock G Kontoya and I. Sommerville 1998

Example 2 (cont’d) Operation for adding a new book to current stock: New Library book? : Book stock’ = stock {book? } on. Loan’ = on. Loan G Kontoya and I. Sommerville 1998

Example 2 (cont’d) Operation for returning a book to the library: Return Library book? : Book “Overriding” operator book? dom on. Loan’ = dom on. Loan book? stock’ = stock G Kontoya and I. Sommerville 1998

Exercise 4 Modify the storage tank specification by adding a fill warning light which indicates when the tank is close to capacity. This should be switched on when the contents are some high percentage of the capacity. Software Engineering, 5 th Edition. Chapter 11

Key Points Model-based specification relies on a state model of the system using mathematical entities such as the predicate calculus and typed sets. Functions / operations may be specified by defining their effect on system state. Software Engineering, 5 th Edition. Chapter 11

Key Points (cont’d) It is normal to specify functions / operations incrementally and then combine the fragments to produce a complete specification. Z specifications are comprised of a number of schemas that introduce typed names and define predicates over those names. They are distinguished from surrounding text by graphical highlighting. Software Engineering, 5 th Edition. Chapter 11

Key Points (cont’d) Schemas are building blocks which may be combined and used in other schemas. The effect of including schema A in schema B is that schema B inherits the names and predicates of schema A. Software Engineering, 5 th Edition. Chapter 11

(State) Model-Based Approaches II Software Specification Lecture 36 Prepared by Stephen M. Thebaut, Ph. D. University of Florida