INTRODUCTION TO Formal Methods PDF

LECTURE 6: INTRODUCTION TO
FORMAL METHODS
Software Engineering
Mike Wooldridge
Lecture 6
1 What are Formal Methods?

Formal methods is that area of computer
science that is concerned with the
application of mathematical techniques to
the design and implementation of
computer hardware and (more usually)
software.
That part of computer science
concerned with the application of
mathematical methods to the
production of computer software.
(Jones, 1986)
Why bother with formal methods?
1. The correctnesss problem:
producing software that is correct
is famously difficult;
by using rigorous mathematical
techniques, it may be possible to
make provably correct software.
2. Programs are mathematical objects;
they are expressed in a formal
language;
Mike Wooldridge
Lecture 6
they have a formal semantics;

programs can be treated as
mathematical theories.
Mike Wooldridge
Lecture 6
Diller (1988) suggests there are two main

parts to formal methods:
1. Formal specification.
Using mathematics to specify the
desired properties of a computer
system.
2. Formal verification.
Using mathematics to prove that a
computer system satisfies its
specification.
To which many would add:
3. Automated programming.
Automating the process of program
generation.
Mike Wooldridge
Lecture 6
Mike Wooldridge
ADVANTAGES
Lecture 6
Formal methods can eliminate ambiguity.

A key problem with informal
specifications is the inherent ambiguity of
textual descriptions; using mathematics
can eliminate such ambiguity.
Mathematics is concise.
Complex properties can be expressed
succinctly.
Mathematics offers power.
There is little that cannot in some way be
described and reasoned about using
maths.
Mike Wooldridge
Lecture 6
Maths facilitates proof.

The ability to prove properties of a system
is potentially very valuable.
Formal specifications, etc., can be manipulated
by computer.
CASE tools;
automated specification checkers (e.g.,
CADIZ);
automated programming.
Formal methods lead to a deep understanding
of systems.
The precision and detail required brings a
deep understanding of whats going on.
Mike Wooldridge
Lecture 6
Mike Wooldridge
OBJECTIONS/MISCONCEPTIONS
Lecture 6
Formal methods eliminate the need for testing.

People can get get sums wrong!
Formal methods eliminate the need for natural
language.
Ultimately, maths is just symbols: English
is needed to relate these symbols to reality.
You need a PhD to use formal methods.
All maths looks hard until you get used to
it. . .
Mike Wooldridge
10
Lecture 6
Mike Wooldridge
11
APPROACHES TO FORMAL
SPECIFICATION
Lecture 6
There are two schools of thought on

formal specification:
1. Property based;
2. Model based.
Mike Wooldridge
13
Lecture 6
Property Based Specification
In property based specification, you

describe the operations you can perform
on a system, and the relationships
between operations.
A property oriented specification consists
of:
a signature part which defines the syntax
of operations (what parameters they
take and return);
an equations part, which define the
semantics of the operations via a set of
equations called axioms.
Mike Wooldridge
14
Lecture 6
EXAMPLES OF PROPERTY ORIENTED

SPECIFICATION TECHNIQUES.
algebraic specification of abstract data
types (Hoare, 1969).
the OBJ language (Futatsugi et al., 1985).
Mike Wooldridge
15
Lecture 6
Model Based Specification
In model based specification, you use the

tools of set theory, function theory and
logic to build an abstact model of a system.
You can then specify the operations that
may be performed on your model, either
explicitly, or implicitly (in terms of preand post-conditions).
The model we construct is:
high-level;
idealized;
free of implementation bias (hopefully!)
Mike Wooldridge
16
Lecture 6
A model based specification consists of:

a definition of the set of states a system
may be in;
definitions for the legal operations that
may be performed on your system,
indicating how these change current
state.
EXAMPLES.
the Z specification language (Abrial,
1980; Hayes 1987; Spivey 1988);
the VDM (Vienna Development
Method) specification language (Jones
1980, 1986).
Mike Wooldridge
17
Lecture 6
Mike Wooldridge
18
THE Z SPECIFICATION LANGUAGE
Lecture 6
The Z specification language is a

semi-graphical notation for writing formal
specifications.
It was developed at Oxford University
programming research group in the late
1970s.
It has been adopted by IBM as their main
formal specification tool (so its not just an
academic toy!)
It was used to specify the IBM Customer
Information Control System (CICS) a
major piece of software.
Mike Wooldridge
20
Lecture 6
Mike Wooldridge
21
SOFTWARE TOOLS FOR Z
Lecture 6
There are at least three software tools for

developing Z specifications:
FUZZ. Developed at Oxford by Spivey
et al, in late 1980s.
CADIZ. Developed at York University,
also in late 1980s (its what we have
here);
ZED. Developed at Pennsylvania state
University
Mike Wooldridge
23
Lecture 6
Briefly, CADIZ will:

take a Z specification in plain-text
(ASCII) form;
perform some simple semantic checks
on it;
typeset (pretty print) it, so that the
schemas can be printed out;
allow simple interactive browsing of
specifications.
Mike Wooldridge
24

INTRODUCTION TO Formal Methods PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

INTRODUCTION TO Formal Methods PDF

Uploaded by

Copyright:

Available Formats

LECTURE 6: INTRODUCTION TO

1 What are Formal Methods?

they have a formal semantics;

Diller (1988) suggests there are two main

Formal methods can eliminate ambiguity.

Maths facilitates proof.

Formal methods eliminate the need for testing.

There are two schools of thought on

Property Based Specification

In property based specification, you

EXAMPLES OF PROPERTY ORIENTED

Model Based Specification

In model based specification, you use the

A model based specification consists of:

THE Z SPECIFICATION LANGUAGE

The Z specification language is a

SOFTWARE TOOLS FOR Z

There are at least three software tools for

Briefly, CADIZ will:

You might also like