1 / 143

Requirements Specification and Verification Using Z

CEIT. AUT. Requirements Specification and Verification Using Z. A. Rasoolzadegan July, 2009. Z (pronounced `zed') - Introduction. Named after Zermelo-Fränkel set theory A formal specification language based on set theory and first order predicate logic

berrier
Download Presentation

Requirements Specification and Verification Using Z

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CEIT AUT Requirements Specification and Verification Using Z A. Rasoolzadegan July, 2009

  2. Z (pronounced `zed') - Introduction • Named after Zermelo-Fränkel set theory • A formal specification language based on set theory and first order predicate logic • Makes it easier to write mathematical description of complex dynamic systems such as software, • Originally proposed by Abrial in 1977 with the help of Steve Schuman and Bertrand Meyer • Developed further at the Programming Research Group at the Oxford University Computing Laboratory (OUCL) and elsewhere since the late 1970s,

  3. Introduction (Cont.) • Mathematical Language • set theory • standard set operators, set comprehensions, Cartesian products, and power sets. • mathematical logic • first order predicate calculus • Schemas language • used to describe • the state of a system, • the ways in which that state may change • system properties

  4. Introduction (Cont.) • We may refine a specification, yielding another description that is closer to executable code, • We may reason about these specifications using the proof techniques of mathematical logic, • Z is not intended for the description of non- functional properties neither for timed & concurrent behavior • Various tools for formatting, type-checking and aiding proofs in Z are available, • The ISO completed a Z standardization effort in 2002

  5. The importance of proof • At the specification stage: • help us to understand the requirements upon a system, and • can assist us in identifying any hidden assumptions • At the design stage: • can show us not only that a design is correct, • but also why it is correct. • At the implementation stage: • help us to ensure that a piece of code behaves according to the specification • A significant contribution to quality improvement

  6. The importance of proof (Cont.) • A specification without proofs • is untested: • it may be inconsistent; • it may describe properties that were not intended, or omit those that were; • it may make inappropriate assumptions.

  7. The logical language of Z • Propositional Logic • Predicate Logic

  8. Propositional Logic Propositional connectives

  9. Propositional Logic (Cont.) • These inference rules form part of the natural deduction system that we use to conduct our proofs: modus ponens rule

  10. Propositional Logic (Cont.)

  11. Exp. Disjunction is commutative: Proof:

  12. Proof:

  13. Proof:

  14. Proof:

  15. The logical language of Z • Propositional Logic • Predicate Logic

  16. Predicate Logic • Is a powerful technique to expressing the universal and existential statements (quantified predicates)

  17. Predicate Logic (Cont.) Aspecialcase:

  18. Predicate Logic (Cont.) A special case:

  19. to denote the unique object x from a such that p

  20. Set Theory • Mathematical objects are often seen as well-defined collections of other objects • The Z notation is based upon set theory • Specifications in Z find their meanings as operations upon sets • All the set theory we require for specification, refinement, and proof: • the notions of • set membership, • extension, • Comprehension, • the power set and • Cartesian product constructors. the set of finite subsets of a

  21. Set Theory (Cont.) • Some axioms of Zermelo-Fraenkel set theory: • This inference rule is supported by two axioms of Zermelo-Fraenkel (specification &replacement):

  22. Set Theory (Cont.)

  23. Exp. Proof:

  24. Object Definition in Z • In the Z notation, there are several ways of defining an object: • declarations, • abbreviations, • axioms, • free types and • schemas.

  25. Object Definition in Z - Declarations • The simplest way to define an object • If the object is a given set, or basic type: • introduces a new basic type called Type • If the object is a variable: • introduces a new variable x, drawn from the set A • If this set is not Z, it must be defined elsewhere in the specification

  26. Object Definition in Z - Abbreviations • Introduces a new name for term: • Generic abbreviations:

  27. Object Definition in Z - Axiomatic definitions • where the predicate expresses the constraints upon the object or objects introduced in the declaration. • Axiomatic definition of the set of natural numbers:

  28. Object Definition in Z - Axiomatic definitions Generic definitions: Exp. Generic definition to define the subset symbol:

  29. Proof:

  30. Relations • In a formal specification, it is often necessary to describe relationships between objects • Binary Relations: • Elements of relations: • If R is a relation of type , and A is any subset of X , then denotes the domain restriction of R to A:

  31. Relations (Cont.) • If B is any subset of Y , then denotes the range restriction of R to B: • domain subtraction of A from R • range subtraction of B from R:

  32. Relations (Cont.) • If R is a relation of type , and A is any subset of X , then denotes the relational image of A under R: • Relational inverse: • Relational composition:

  33. Functions • Partial functions: • Total functions:

  34. Functions (Cont.)

  35. Functions (Cont.) • Function description using Lambda notation:

  36. Functions on relations

  37. Functions (Cont.) • Overriding: • Set of all finite functions from A to B:

  38. Properties of functions

  39. Functions (Cont.) • Size/Cardinality:

  40. Sequences • If X is a set, then the set of all finite sequences of objects from X is defined by the following abbreviation:

  41. Sequences(Cont.) Filter:

  42. Functions on sequences Usingrecursionprinciple: Exp.

  43. Proof:

  44. Structural induction Construct a proof that filter is distributive using structural induction: Inductive hypothesis: Induction:

  45. Proof Lemma1 & Lemma2 using the following rules: Lemma1 Lemma2

  46. Object Definition in Z • In the Z notation, there are several ways of defining an object: • declarations, • abbreviations, • axioms, • free types and • schemas.

  47. FreeTypes Exp. 1: Exp. 2: recursivetypedefinition Exp. 3:

  48. FreeTypes (Cont.) axiomaticdefinition: constants constructorfunctions • Any subset of T that contains all of the constants and is closed under the constructors must be the whole of T. • A set S is closed under d and E if the image of E.S = T. under d is within S itself.

  49. Object Definition in Z • In the Z notation, there are several ways of defining an object: • declarations, • abbreviations, • axioms, • free types and • schemas.

  50. Schemas Exp:

More Related