Formal methods engineeringA short overview

BasicsThe course was given by Hussein Zedan (Leicester, UK) over one week = 30 hoursProblem classes and assessment was done by Dragan Maulovi (our own associate professor)Problem classes in two sessions = 15 hours

AgendaPart I - Rationale: Why do we model?Part II - Finite state machines (as the assembly language of modeling)Part III StatechartsPart IV - Time in statecharts

Students backgroundShould know a lot of FSMsUse them in:compiler construction OOA/D dynamic viewBut had no idea that FSMs are assembly language of modeling and that they may have wider application areas

Problem classes

Coursework 1You are given the following vending machine specification: The machine has one slot (for inserting coins) and two buttons for selecting the type of coffee. The vending machine dispenses only two sizes of coffee: big, which costs 50p and small size costing 25p.The machine may cheat as it does not return change (nonetheles it gives coffee!).Once a coin is inserted, the customer can not get it back.After inserting the coins, the customer presses the coffee of choice. If the right amount of money was inserted, the coffee will be dispensed otherwise, the machine waits. Once the coffee is dispensed, all inserted coins are dropped in a money box and the machine waits for the next customer.The machine can accept 5p, 10p and 20p only.The existing machine only dispenses black coffee and that a customer is provided with milk cartons and/or portions of sugar, both free of charge. However, the company decided to automate these processes (milk and sugar) by designing a milk and a sugar machine! Both machines have only one button each that is if pressed a carton of milk and/or a portion of sugar will be dispensed, respectively.

Coursework 2 - 1Give a Statechart for following informal specification. The objective is to specify a fault-tolerant solution for a computation service P that can be characterised as follows:P inputs data provided by a producer on channel A.For each input x on A, a computation y = f (x) is performed by P and delivered via channel B to a consumer.We assume a synchronous communication between server and environment: The producer will only send a new job after having received a NEXT-message from the server computer indicating that P has finished the previous computation.

Coursework 2 - 2Give a Statechart for a Traffic-light Controller, the informal description of which is as follows:There are two sets of lights: one is positioned over the main road (MAIN) entering the cross-junction, and the other is over the secondary road (SEC). During the daytime the controller operates according to one of two possible programs (option externally determined):Program A gives two minutes for the vehicles on MAIN, and half a minute for the vehicles on SEC, alternating.Program B gives half a minute for the vehicles in SEC once a signal SEC FULL goes on (the SEC FULL signal coming from an external sensor).

ToolsJFlaphttp://www.jflap.org/Statemate

Feedback