Scribd Logo
Upload

Welcome to Scribd!

  • Rodin Introduction

    Uploaded by

    Muhammad Jameel
    13 views12 pages
    This document provides an introduction to the Rodin platform for formal specifications. It discusses key concepts like axioms versus theorems, modeling events, proof obligations to verify properties are maintained, and using Rodin to specify and model systems formally. An example bank account model is presented to illustrate these concepts.

    Original Description:

    Rodin Tutorial

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides an introduction to the Rodin platform for formal specifications. It discusses key concepts like axioms versus theorems, modeling events, proof obligations to verify properties are maintained, and using Rodin to specify and model systems formally. An example bank account model is presented to illustrate these concepts.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    13 views12 pages

    Rodin Introduction

    Uploaded by

    Muhammad Jameel
    This document provides an introduction to the Rodin platform for formal specifications. It discusses key concepts like axioms versus theorems, modeling events, proof obligations to verify properties are maintained, and using Rodin to specify and model systems formally. An example bank account model is presented to illustrate these concepts.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    Tutorial

    Introduction to the
    Rodin Platform for Formal Specifications
    Post-Tactic Configurations
    p q
    hypothesis goal
    I
    prove True ✓

    Fake ✓

    .H ^ a H ✓
    the
    Bank System: Requirements Document > tracing R
    d"
    ✓ f.
    -

    T" model


    .

    here assumed
    y£Ño

    ::÷÷÷→÷÷÷÷
    mum

    I
    instance E-constraints: Axioms
    PwHh°p%of
    _É<_ balance ← to?
    . .
    ] Coo
    R-properties: Theorems

    to prove
    µÉ°
    '

    axioms
    + HEEL usingand/or theorems
    O
    .

    wert 't"" subject


    / too
    .

    function
    .

    holding
    0
    ( ↳ ThinkRanko on

    ☒pot ""
    a

    ↳ cash drawer possible ofcombinations
    candle
    A property .

    ¥ .
    E cached
    "

    balance

    { Laid 230 ) acid , 460 )

    Awaccounts adf.EE#kfk3s-2D3b@Aaant-DZ
    , ,


    "
    I ↳ b should
    not be relation
    ;t¥µe"
    qq.fi#aii*EF+b
    a
    *

    should be a function
    forjustification,
    ↳ ④ → ?→
    don" →
    or

    see lecture W2
    :{aunts
    act
    .
    Axiom vs. Theorem

    used to
    prove theorems
    → axiofjpwofsneeded.my be

    theorem
    proof needed
    >

    ( ( c- N± c > 0

    axmlxcxm2.IM/mn
    hypotheses

    positive
    number thmI
    { ✗ I7C-2AX > 0 } f
    goal
    Event Action

    V : = value
    4.
    a variable
    assignment .
    Proof Obligation: INITIALIZATION/inv1/INV
    btshed

    !
    :-C #% ; y "¥! É Éx *w
    !
    events
    maintain her

    (
    . µ,
    by
    sufficient
    "

    shofdwhdedstabt.sk ""

    Account
    BX4E
    → I
    Event B
    -

    modeling
    events
    ↳ guards

    t . I T
    True
    ?a%daabkdI
    → event enabled
    to invoke
    ↳ Fake event disabled
    Java

    methods

    programming ↳ preconditions
    (
    exception )
    ↳ True →
    method exec
    .

    ↳ False →
    exceptions thrown .
    partial↳ tune
    →zT
    .

    b c- Account relation
    L

    -33
    { cold , 240) , Ched ,
    -2¥ ,
    laces ,
    46 ) }

    dom (b) =
    { aid ,
    aid , aus }
    withdraw from ack

    b a- { ( acid , KEELE) }
    t.tt
    Rodin :
    black) := black) to -
    Proof Obligation: withdraw/act1/WD well-defined mess

    preconditions

    ?

    mating
    of satisfied .

    being

    i "}
    hypotheses
    b¥{(aÉ¥function ""
    ⇐ addga.cl
    "" aedomcb,
    app ✓

    precondi tion
    "
    "

    ←x÷¥i¥ aedonlb
    )
    .

    ↳ at ACCOUNT ✗ VENI
    affair
    "
    don → doncb)
    .

    a c-
    g. b(a)
    e. 200

    ( ENV 3) x
    -

    soo

    accounts
    '
    balance values >
    credit limit
    ( x

    V-a.ae doneb) bad > -


    C
    ?⃝
    b (a) : = b (a) -
    V
    Proof Obligation: withdraw/inv3 "l

    b 4- { ( as bad -
    V) }
    Ha .
    a c- dom ( ☒ bea) > C -

    value b4 { (as bad v1}


    -

    Ywn%É¥¥!É%¥
    do,

    dad,
    TN3 assumed to hold
    >

    ( Exercise )


    [
    hold
    proved
    → be to
    Tab to

    You might also like