Formal SpecificationFormal methodsAcceptance of formal methodsUse of formal methodsSpecification in the software processSpecification and designSlide 9Specification techniquesUse of formal specificationDevelopment costs with formal specificationInterface specificationSub-system interfacesThe structure of an algebraic specificationSystematic algebraic specificationOperations on a list ADTList specificationRecursion in specificationsInterface specification in critical systemsA sector objectPrimitive operationsSector specificationSpecification commentary9.3 Behavioural specificationThe structure of a Z schemaAn insulin pumpInsulin pump schemaModelling the insulin pumpSchema invariantThe dosage computationDOSAGE schemaOutput schemasSlide 38Schema consistencyKey pointsSlide 41©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 1Formal SpecificationTechniques for the unambiguous specification of software©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 4Formal methodsFormal specification is part of a more general collection of techniques that are known as ‘formal methods’These are all based on mathematical representation and analysis of softwareFormal methods include•Formal specification•Specification analysis and proof•Transformational development•Program verification©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 5Acceptance of formal methodsFormal methods have not become mainstream software development techniques as was once predicted•Other software engineering techniques have been successful at increasing system quality. Hence the need for formal methods has been reduced•Market changes have made time-to-market rather than software with a low error count the key factor. Formal methods do not reduce time to market•The scope of formal methods is limited. They are not well-suited to specifying and analysing user interfaces and user interaction•Formal methods are hard to scale up to large systems©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 6Use of formal methodsFormal methods have limited practical applicabilityTheir principal benefits are in reducing the number of errors in systems so their main area of applicability is critical systemsIn this area, the use of formal methods is most likely to be cost-effective©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 7Specification in the software processSpecification and design are inextricably intermingled.Architectural design is essential to structure a specification.Formal specifications are expressed in a mathematical notation with precisely defined vocabulary, syntax and semantics.©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 8Specification and designArchitectur aldesignRequir ementsspecificationRequir ementsdefinitionSoftwarespecificationHigh-leveldesignIncreasing contractor involvementDecreasin g client involvementSpecificationDesign©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 9Specification in the software processRequirementsspecificationFormalspecificationSystemmodellingArchitecturaldesignRequirementsdefinitionHigh-le veldesign©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 10Specification techniquesAlgebraic approach•The system is specified in terms of its operations and their relationshipsModel-based approach•The system is specified in terms of a state model that is constructed using mathematical constructs such as sets and sequences. Operations are defined by modifications to the system’s state©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 12Use of formal specificationFormal specification involves investing more effort in the early phases of software development This reduces requirements errors as it forces a detailed analysis of the requirements Incompleteness and inconsistencies can be discovered and resolvedHence, savings as made as the amount of rework due to requirements problems is reduced©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 13Development costs with formal specificationSpecificationDesign andImplementationValidationSpecificationDesign andImplementationValidationCostWithout formalspecificationWith formalspecification©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 14Interface specificationLarge systems are decomposed into subsystems with well-defined interfaces between these subsystemsSpecification of subsystem interfaces allows independent development of the different subsystemsInterfaces may be defined as abstract data types or object classesThe algebraic approach to formal specification is particularly well-suited to interface specification©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 15Sub-system interfacesSub-systemASub-systemBInterfaceobjects©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 16The structure of an algebraic specificationsort < name >imports < LIST OF SPECIFICATION NAMES >Informal description of the sor t and its oper ationsOperation signatures setting out the names and the types ofthe parameters to the operations defined over the sortAxioms defining the operations o ver the sor t< SPECIFICA TION NAME > (Generic Parameter)©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 19Systematic algebraic specificationAlgebraic specifications of a system may be developed in a systematic way•Specification structuring. •Specification naming. •Operation selection. •Informal operation specification•Syntax definition•Axiom definition©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 21Operations on a list ADTConstructor operations which evaluate to type List•Create, Cons and TailInspection operations which take list as a parameter and return some other type•Head and Length.©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 9 Slide 22List specificationHead (Create) = Undefined exception (empty list)Head (Cons (L, v)) = if L = Create then v else Head (L)Length (Create) = 0Length (Cons (L, v)) = Length (L) + 1Tail (Create ) = CreateTail (Cons (L, v)) = if L = Create then Create else Cons (Tail (L), v)sort Listimports INTEGERCreate ListCons (List, Elem) ListHead (List)
or
We will never post anything without your permission.
Don't have an account? Sign up