Formal Methods - Lecture01.pdf

Nazir Ahmad Zafar

M. Sc. Mathematics:

Quaid-i-Azam University, Islamabad, 1991

M. Phil Mathematics:

Quaid-i-Azam University, Islamabad, 1993,

M. Sc. Nuclear Engineering:

Quaid-i-Azam University, Islamabad,1994,

PhD. Computer Science:

Kyushu University, Japan, 2004.Dr. Nazir A. Zafar Formal Methods

Formal Methods

Dr. Nazir A. Zafar Formal Methods

Lecture No. 1

Introduction


Introduction to Formal Approaches

Approaches based on mathematical tools for specifying properties of software systems

These techniques usually drawn from areas of discrete mathematics, such as

Logic,

Set theory,

Graph theory etc.

Formal Methods have rigorous tool support

Formal methods increase quality of software



Presently more than 90 tools/languages

Z, VDM, Petri-nets, B, RAISE, CCS, CSP, ..

Notation Coverage, Description v.s. Proof

Sets, Relations, Mapping etc.

Useful tools and a first step to abstraction

Modeling example:

Reference models

Basis for rigorous discussion & analysis

Community over Internet: http://archive.comlab.ox.ac.uk/formal-methods.html



Existing methods offer large amounts of text, pictures, and diagrams, but these are often imprecise and ambiguous.

Important information is hidden among irrelevant details.

Design flaws are discovered too late, making them expensive or impossible to correct.

One way to improve the quality of software is changing the software design

An alternative is using Formal Approaches at all stages of software development.



Formal methods can be used to produce precise, unambiguous specification at every level of software development

Information is structured and presented at an appropriate level of abstraction.

Some approaches can be used to subsequent processes i.e., testing, and maintenance.

Use of formal methods may be argued as expensive but experience applying Formal methods shows, it actually reduces costs.



Formal methods can be applied in any area of computer science and engineering

Example are: Software engineering, information security, Data bases e.g. use of the relational calculus

in database theory Formal methods can be used for the description

of state of a statement and properties defining relationship between change of states

It includes a theory of refinement that allows mathematics to be used at every stage of program development


Software Development using Formal Methods

Validation: Are we building the right system?

Verification: Are we building the system right?


An Introduction to Z Notations

Abstract data types and sequential programs Describes state space of a system, operations over it

Operation are relations over pair of state spaces Advancing to object oriented-ness Z is based upon set theory and mathematical logic.

Set theory used includes set operators, set comprehensions, cartesian products, power sets.

Mathematical logic is a first order predicate calculus.

Together, they make up a mathematical language that is easy to learn and to apply.

However, this language is only one aspect of Z.



Another aspect is the way in which the mathematics can be structured.

Mathematical objects and their properties can be collected together in schemas which are patterns of declaration and constraint.

The schema language can be used to describe the state of a system, and the ways in which that state may change.

It is also used to describe system properties, and to reason about possible refinements



A characteristic feature of Z is: types Every object in mathematical language has a

unique type, represented as a maximal set in the current specification.

This provides a useful link to programming Notion of types means, in an algorithm, type of

object can be checked in specification Several type-checking tools exist e.g. Z/eves A third aspect is, we use natural languages to

relate the mathematics to objects in real world A well-written specification should be perfectly

obvious to the readerDr. Nazir A. Zafar Formal Methods


A fourth aspect is refinement.

We may develop a system by constructing a model of a design, using simple mathematical data types to identify the desired behavior.

We may then refine this description by constructing another model which respects the design decisions made, and yet is closer to implementation.

This process of refinement can be continued until executable code is produced.



Z is not intended for the description of non-functional properties, such as usability, performance, size, and reliability.

Neither it is intended for the description of timed or concurrent behavior.

However, there are other formal methods that are well suited for these purposes.

We may use these methods combining with Z to relate state and state-change information as a complement


An Example : Designing A Birthday Book

For a moment, we choose a simple system, e.g., a birthday book

It is a system which records peoples birthdays, and is able to issue a reminder when the birthday comes

We require names and dates. At this stage do not care how names and dates will be implemented.

[NAME], [DATE] OR [NAME, DATE]

Given known is the set of names with birthdays recordedbirthday is a function which, when applied to certain name, gives the birthday of associated one.


Requirements

Formal Specification1. Define a book2. Possible operations

add a new person in the birthday book Deleting an existing person from the book Finding date of a person whose name is given Issuing a reminder when birthday of a particular

person comes


Defining A Birthday Book

[NAME, DATE ]

BirthdayBookknown : P NAME

birthday : NAME DATE

known = dom birthday


Changing State

Decoration

BirthdayBookknown : P NAME

birthday : NAME DATE

known = dom birthday


Recording Birthday of a New Comer

AddBirthdayBirthdayBookBirthdayBookname? : NAMEdate? : DATE

name? known birthday = birthday U {name? date?}



AddBirthday BirthdayBookname? : NAMEdate? : DATE

name? known birthday = birthday U {name? date?}



AddBirthdayknown : P NAMEbirthday : NAME DATE Known : P NAMEBirthday : NAME DATE name? : NAMEdate? : DATE

known = dom birthdayKnown = dom birthdayname? known birthday = birthday U {name? date?}


Finding Birthday of a Person

FindBirthdayknown : P NAMEbirthday : NAME DATEname? : NAMEdate! : DATE

name? known date! = birthday (name?)


Issuing a Reminder

Remindknown : P NAMEbirthday : NAME DATE today? : DATE cards! : P NAME

cards! = {n : known | birthday (n) = today?}

Note: today? Is (Input variable) andcards! (output variable)


Chapter No. 2

Propositional Logic


Propositional Logic

Definition: Propositional logic deals with the statement of alleged facts which must be either true or false, but not both.

Example 2.1: The following statements are propositions:

A tomato is a fruit. An orange is a fruit. Oranges are not the only fruit.


Logical Connectives

In logical language, propositions may be connected in various ways.

Table shows five propositional connectives, in descending order of operator precedence

Symbol Name Pronunciation

negation not conjunction and disjunction or implication implies equivalence if and only if


Logical Connectives and compound propositions

p q r p r is equivalent to version (((p) q) r) (p r)

Example 2.21. (jaffa cakes are biscuits)2. your cat is rich your dog is good looking3. economy has recovered minister is lying4. Jim is thirty-something Jim is under forty5. Jim is thirty-something Jim is under forty


Conjunction

The conjunction p q is true only if p and q both are true otherwise false

The conjunction follows the commutative property i.e. p q = q p

p q p q

t t tt f ff t ff f f


Disjunctions

The disjunction p q is false if both p and q are false otherwise true

The disjunction follows the commutative property as well, i.e., p q = q p

p q p q

t t tt f tf t tf f f


Implications

The p is antecedent and q is consequent The antecedent is stronger than consequent. Commutative property does not hold, i.e.,

(p q) (q p)

p q p qt t tt f ff t tf f t


Example 2.7: Prove (p q r) (p (q r))

p q r (p q r) (p (q r))t t t t t t t t tt t f t f t f f tt f t f t t t t t t f f f t t t t tf t t f t t t t tf t f f t t t f tf f t f t t t t tf f f f t t t t t


Equivalence

The equivalence p q means p q & q pCommutative property does hold, i.e.,

(p q) = (q p)

p q p qt t tt f ff t ff f t


Negation

p is true if and only if p is false. The truth table is simple

It is to be noted that (p p) = false(p p) = true

p pt f

f t


de Morgans Laws

1. (p q) = p q)

p q p q (p q) p q p q

t t t f f f ft f f t f t tf t f t t f tf f f t t t t


de Morgans Laws

2. (p q) = p q)

p q p q (p q) p q p q

t t t f f f ft f t f f t ff t t f t f ff f f t t t t


Tautologies and Contradictions

Tautology : Propositions which evaluate to t in every combination of their propositional variables are known as tautologies

Contradiction : If, on the other hand, propositions evaluate to fin every combination, then they are known as contradictions.

Note: Of course, negation of a contradiction is a tautology, and vice versa.


Examples 2.12

Examples of Tautologies:1. p p 2. p p3. p (q p)

Examples of Contradiction1. p p)2. p p3. (p (q p))


Examples 2.13

Prove that following are tautologies p q p q (p q) p q (p q) p q


Lecture No. 1Chapter No. 2

Formal Methods - Lecture01.pdf

Documents

formal approaches approaches

formal methods validation

zafar formal methodslecture

database theory formal

set theory

software engineering

nazir ahmad zafarm

graph theory

Transcript of Formal Methods - Lecture01.pdf

Formal Methods Diffusion: Formal Methods Diffusion

Formal Methods Guide - EWICS

SD3049 Formal Methods in Software Engineering - Formal Metho… · 7. Stages in Formal Methods . Chapter 1- Formal Methods 6/64 Revise Software Development When creating a software

Formal Methods. Contents What are Formal Methods? Definition Myths History Types of formal methods Use of mathematics Do we really need Formal Methods?

Formal Methods and Cryptography

Formal Methods of developement

Advanced Formal Methods

Comparative Formal Methods

Formal Methods in Software Engineering Applications of Formal Methods Lecture 31.

Validation and Analysis of Formal Methods using an Airbag ... · PDF fileValidation and Analysis of Formal Methods ... Validation and Analysis of Formal Methods using an Airbag Control

Formal Methods for SPIDER - GitHub Pages › talks › spider_fm.pdf · 2020-04-27 · Outline Introduction Safety-Critical Systems Formal Methods Conclusion Formal Methods for SPIDER

Formal Methods: Practice and Experience · \myths" about formal methods [Hall 1990]. Wing explained the underlying con-cepts and principles for formal methods to newcomers [Wing 1990].

Formal Methods Formal Methods. Why formal methods? Informal methods are open to interpretation and ambiguity, and often incomplete and inconsistent.

Formal Methods in SE Software Verification Using Formal Methods By: Qaisar Javaid, Assistant Professor Formal Methods1.

Formal Methods - An Overview

Formal Methods and Software Engineeringlangerak/fmse/fmse.pdf · Why formal methods A formal speciﬁcation is precise, unambiguous, structured, consistent, abstract. Beneﬁts: •

An Introduction to Formal Methods for the Development of ...€¦ · 2 Formal methods What are formal methods: In software engineering, formal methods are mathematically based techniques

Formal Methods and Testing

Overview of Formal Methods

Formal Methods in SE Lecture 16 Formal Methods in SE Qaisar Javaid Assistant Professor.