IFAD. VDMTools Validated. Design through Modelling. Overview of VDM -SL/++ IFAD. IFAD A/S Forskerparken 10 DK-5230 Odense M Denmark.

Similar documents
VDM-10 Language Manual

Second release of the COMPASS Tool Tool Grammar Reference

Professor Peter Gorm Larsen Engineering College of Aarhus Computer Technology & Embedded Systems Agenda

Data types for mcrl2

Object Oriented Issues in VDM++

A First Look at ML. Chapter Five Modern Programming Languages, 2nd ed. 1

RSL Reference Manual

It is better to have 100 functions operate one one data structure, than 10 functions on 10 data structures. A. Perlis

K Reference Card. Complete example

SML A F unctional Functional Language Language Lecture 19

Z Notation. June 21, 2018

11. The map types. The outline of this part: What is a map? The type constructor Operators Specification using map

Haskell 98 in short! CPSC 449 Principles of Programming Languages

Decaf Language Reference Manual

Appendix A 20-sim Summary

SMURF Language Reference Manual Serial MUsic Represented as Functions

Pascal: operations on basic data structures (selection) (I) 2.3 Accessing and manipulating data

CS 320: Concepts of Programming Languages

Haskell through HUGS THE BASICS

Haskell Overview II (2A) Young Won Lim 8/9/16

Basic types and definitions. Chapter 3 of Thompson

CSK. VDMTools. The Rose-VDM++ Link CSK

CSE 20 DISCRETE MATH. Winter

Pace University. Fundamental Concepts of CS121 1

CS Bootcamp Boolean Logic Autumn 2015 A B A B T T T T F F F T F F F F T T T T F T F T T F F F

The PCAT Programming Language Reference Manual

Graphical Interface and Application (I3305) Semester: 1 Academic Year: 2017/2018 Dr Antoun Yaacoub

Index. Cambridge University Press Functional Programming Using F# Michael R. Hansen and Hans Rischel. Index.

Recursion and Induction: Haskell; Primitive Data Types; Writing Function Definitions

CSCE 314 TAMU Fall CSCE 314: Programming Languages Dr. Flemming Andersen. Haskell Functions

CSC312 Principles of Programming Languages : Functional Programming Language. Copyright 2006 The McGraw-Hill Companies, Inc.

CS109A ML Notes for the Week of 1/16/96. Using ML. ML can be used as an interactive language. We. shall use a version running under UNIX, called

The SPL Programming Language Reference Manual

Scheme Quick Reference

LOGIC AND DISCRETE MATHEMATICS

The syntax of the OUN language

Haskell Overview II (2A) Young Won Lim 8/23/16

C++ Important Questions with Answers

CSE 20 DISCRETE MATH. Fall

SOFTWARE ENGINEERING DESIGN I

COP4020 Programming Languages. Functional Programming Prof. Robert van Engelen

Copyright 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley. Chapter 6 Outline. Unary Relational Operations: SELECT and

[Ch 6] Set Theory. 1. Basic Concepts and Definitions. 400 lecture note #4. 1) Basics

Formal Methods. CITS5501 Software Testing and Quality Assurance

Programming Languages Third Edition

CSC Discrete Math I, Spring Sets

four last forms can be transformed to first form axiomatic versus operational interpretation c Anne E. Haxthausen, Spring OH4 p.

Scheme Quick Reference

Shell CSCE 314 TAMU. Functions continued

CHPSIM. Version 2.0. A Simulator and Debugger for the CHP Language. User Manual. Written by Marcel van der Goot and Chris Moore

B.6 Types and Overloading

Functional Programming in Haskell Part I : Basics

CMSC 330: Organization of Programming Languages. Operational Semantics

IC Language Specification

2. The object-oriented paradigm!

Appendix B: Alloy Language Reference B.1 Lexical Issues

CS 440: Programming Languages and Translators, Spring 2019 Mon

CSE115 / CSE503 Introduction to Computer Science I. Dr. Carl Alphonce 343 Davis Hall Office hours:

n n Try tutorial on front page to get started! n spring13/ n Stack Overflow!

VDM RT for Co simulation. John Fitzgerald Peter Gorm Larsen

GNU ccscript Scripting Guide IV

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter p. 1/27

Translation of a Subset of RSL into Java p.1/35

Denotational Semantics. Domain Theory

VDMJ. Nick Battle, Fujitsu.

CS 164 Handout 11. Midterm Examination. There are seven questions on the exam, each worth between 10 and 20 points.

IFAD. VDMTools. The VDM++ to Java Code Generator IFAD

NEER ENGI SEMANTICS OF THE VDM REAL-TIME DIALECT. Electrical and Computer Engineering Technical Report ECE-TR-13

Contents. Figures. Tables. Examples. Foreword. Preface. 1 Basics of Java Programming 1. xix. xxi. xxiii. xxvii. xxix

Haskell Introduction Lists Other Structures Data Structures. Haskell Introduction. Mark Snyder

The List Datatype. CSc 372. Comparative Programming Languages. 6 : Haskell Lists. Department of Computer Science University of Arizona

Babu Madhav Institute of Information Technology, UTU 2015

CS 320: Concepts of Programming Languages

Abstract Interpretation

(Refer Slide Time: 4:00)

On Academic Dishonesty. Declarative Computation Model. Single assignment store. Single assignment store (2) Single assignment store (3)

Lecture no

SMT-LIB for HOL. Daniel Kroening Philipp Rümmer Georg Weissenbacher Oxford University Computing Laboratory. ITP Workshop MSR Cambridge 25 August 2009

Instantiation of Template class

The type checker will complain that the two branches have different types, one is string and the other is int

Programming Languages and Techniques (CIS120)

Overloading, Type Classes, and Algebraic Datatypes

CPS 506 Comparative Programming Languages. Programming Language Paradigm

Exercises on ML. Programming Languages. Chanseok Oh

MATH 139 W12 Review 1 Checklist 1. Exam Checklist. 1. Introduction to Predicates and Quantified Statements (chapters ).

Functional Logic Design Patterns

A.1 Numbers, Sets and Arithmetic

CMSC 330: Organization of Programming Languages. Rust Basics

CIS 771: Software Specifications. Lecture: Alloy Logic (part D)

Handout 10: Imperative programs and the Lambda Calculus

Functional Logic Programming Language Curry

Mathematics for Computer Scientists 2 (G52MC2)

Rushikesh K Joshi. Department of Computer Science and Engineering Indian Institute of Technology Bombay

Summary of Course Coverage

AP COMPUTER SCIENCE JAVA CONCEPTS IV: RESERVED WORDS

Discrete Mathematics Lecture 4. Harper Langston New York University

TEMPO RELEASE NOTES I O A. Recent Fixes (v0.1.4) 3. Known Issues (v0.1.4) 4. Language changes (v0.1.4) 4. v0.1.4 (BETA) 12/14/2006

Functional Logic Programming. Kristjan Vedel

TIME-BASED CONSTRAINTS IN THE OBJECT CONSTRAINT LANGUAGE OCL

Engineering Design w/embedded Systems

Transcription:

VDMTools Validated Design through Modelling Overview of VDM -SL/++ www.ifad.dk A/S Forskerparken 10 DK-5230 Odense M Denmark 1

VDM-SL ISO Standard 1996 for flat language Different module proposals A de-facto standard module approach Imports Exports Parameterisation Instantiation 2

VDM-SL Module Outline module <module-name> parameters imports instantiations exports... definitions state types values functions operations... end <module-name> Interface Definitions 3

VDM++ Class Outline class <class-name> instance variables... Internal object state types values functions operations Definitions... thread... Dynamic behaviour sync... end <class-name> Synchronization control 4

VDM++ Overview Access Modifiers and Constructors Instance Variables Types Functions Expressions,Patterns,Bindings Operations Statements Concurrency 5

Access Modifiers VDM++ Class Members may have their access specified as public, private or protected. The default for all members is private Access modifiers may not be narrowed e.g. a subclass can not override a public operation in the superclass with a private operation in the subclass. static modifiers can be used for definitions which are independent of the object state. 6

Constructors Each class can have a number of constructors Syntax identical to operations with a reference to the class name in return type The return does not need to be made explicitly Can be invoked when a new instance of a class gets created 7

VDM++ Overview Access Modifiers and Constructors Instance Variables Types Functions Expressions,Patterns,Bindings Operations Statements Concurrency 8

Instance Variables (1) Used to model attributes Consistency properties modelled as invariants class Person types string = seq of char instance variables name: string := []; age: int := 0; inv 0 <= age and age <= 99; end Person 9

Instance Variables (2) Used to model associations Object reference type simply written as the class name, e.g. Person Multiplicity using VDM-SL data types class Person... instance variables name: string := []; age: int := 0; employer: set of Company... end Person class Company... end Company 10

Instance Variable Access Instance variables can only be accessed directly from within the object they belong to. To read/write instance variables from outside access operations must be defined class Person... instance variables name: string := [];... operations public GetName: : () ==> string GetName () == return name end Person 11

VDM++ Overview Access Modifiers and Constructors Instance Variables Types Functions Expressions,Patterns,Bindings Operations Statements Concurrency 12

Type Definitions Basic types Boolean Numeric Tokens Characters Quotations Invariants can be added Compound types Set types Sequence types Map types Product types Composite types Union types Optional types Function types 13

Boolean not b a and b a or b a => b a <=> b a = b a <> b Negation Conjunction Disjunction Implication Biimplication Equality Inequality bool -> bool bool * bool -> bool bool * bool -> bool bool * bool -> bool bool * bool -> bool bool * bool -> bool bool * bool -> bool Quantified expressions can also be considered to be basic operators but we will present them together with the other general expressions 14

Numeric (1) -x Unary minus abs x floor x x + y x - y x * y x / y x div y x rem y x mod y x ** y Absolute value Floor Sum Difference Product Division Integer division Remainder Modulus Power real -> real real -> real real -> int real * real -> real real * real -> real real * real -> real real * real -> real int * int -> int int * int -> int int * int -> int real * real -> real 15

Numeric (2) x < y x > y x <= y x >= y x = y x <> y Less than Greater than Less or equal Greater or equal Equal Not equal real * real -> bool real * real -> bool real * real -> bool real * real -> bool real * real -> bool real * real -> bool 16

Product and Record Types Product type definition: A1 * A2 * * An Construction of a tuple: mk_(a1,a2,,an) Record type definition: A :: selfirst : A1 selsec : A2 seln : An Construction of a record: mk_a(a1,a2,...,an) 17

Set Operators e in set s1 Membership e not in set s1 Not membership s1 union s2 s1 inter s2 s1 \ s2 s1 subset s2 s1 psubset s2 s1 = s2 s1 <> s2 card s1 dunion s1 dinter s1 power s1 Union Intersection Difference Subset Proper subset Equality Inequality Cardinality Distr. union Distr. intersection Finite power set A * set of A -> bool A * set of A -> bool set of A * set of A -> set of A set of A * set of A -> set of A set of A * set of A -> set of A set of A * set of A -> bool set of A * set of A -> bool set of A * set of A -> bool set of A * set of A -> bool set of A -> nat set of set of A -> set of A set of set of A -> set of A set of A -> set of set of A 18

Map Operators dom m rng m m1 munion m2 m1 ++ m2 merge ms s <: m s <-: m m :> s m :-> s m(d) inverse m m1 = m2 m1 <> m2 Domain Range (map A to B) -> set of A (map A to B) -> set of B (map A to B) * (map A to B) -> map A to B (map A to B) * (map A to B) -> map A to B set of (map A to B) -> map A to B set of A * (map A to B) -> map A to B set of A * (map A to B) -> map A to B Merge (map A to B) * (map A to B) -> Override (map A to B) * (map A to B) -> Distr. merge Dom. restr. to Dom. restr. by set of A * (map A to B) -> map A to B Rng. restr. to Rng. restr. by Map apply Map inverse Equality Inequality (map A to B) * set of A -> map A to B (map A to B) * set of A -> map A to B (map A to B) * A -> B inmap A to B -> inmap B to A (map A to B) * (map A to B) -> bool (map A to B) * (map A to B) -> bool 19

Sequence Operators hd l tl l len l elems l inds l l1 ^ l2 conc ll l(i) l ++ m l1 = l2 l1 <> l2 Head Tail Length Elements Indexes Concatenation Distr. conc. Seq. application seq1 of A -> A seq1 of A -> seq of A seq of A -> nat seq of A -> set of A seq of A -> set of nat1 seq of A * seq of A -> seq of A seq of seq of A -> seq of A seq1 of A * nat1 -> A Seq. modification seq1 of A * map nat1 to A -> seq1 of A Equality Inequality seq of A * seq of A -> bool seq of A * seq of A -> bool 20

Comprehension Notation Convenient comprehensions exist for sets, maps and sequences: Set comprehension: { elem bind-list & pred } e.g. { x * 2 x in set {1,,10} & x mod 2 = 0} Map comprehension: { maplet bind-list & pred } e.g. { x -> f(x) x in set s & p(x)} Sequence comprehension: [ elem setbind & pred ] e.g. [ l(i) ** 2 I in set inds l & l(i) < 10] The set binding is restricted to sets of numeric values, which are used to find the order of the resulting sequence 21

Invariants DT inv_dt Even = nat inv n == n mod 2 = 0 SpecialPair = nat * real inv mk_(n,r) == n < r DisjointSets = set of set of A inv ss == forall s1, s2 in set ss & s1 <> s2 => s1 inter s2 = {} 22

VDM++ Overview Access Modifiers and Constructors Instance Variables Types Functions Expressions,Patterns,Bindings Operations Statements Concurrency 23

Function Definitions (1) Explicit functions: f: A * B * * Z -> R1 * R2 * * Rn f(a,b,,z) == expr pre preexpr(a,b,,z) post postexpr(a,b,,z,result) Implicit functions: f(a:a, b:b,, z:z) r1:r1,, rn:rn pre preexpr(a,b,,z) post postexpr(a,b,,z,r1,,rn) Implicit functions cannot be executed by the VDM interpreter. 24

Function Definitions (2) Extended explicit functions: f(a:a, b:b,, z:z) r1:r1,, rn:rn == expr pre preexpr(a,b,,z) post postexpr(a,b,,z,r1,,rn) Extended explicit functions are a non-standard combination of the implicit colon style with an explicit body. Preliminary explicit functions: f: A * B * * Z -> R1 * R2 * * Rn f(a,b,,z) == is not yet specified pre preexpr(a,b,,z) post postexpr(a,b,,z,result) 25

VDM++ Overview Access Modifiers and Constructors Instance Variables Types Functions Expressions,Patterns,Bindings Operations Statements Concurrency 26

Expressions Let and let-be expressions If-then-else expressions Cases expressions Quantified expressions Set expressions Sequence expressions Map expressions Tuple expressions Record expressions Is expressions Define expressions Lambda expressions Special VDM++ Expressions New and Self expressions Class membership expressions Object comparison expressions Object reference expressions 27

Patterns and Pattern Matching Patterns are empty shells Patterns are matched thereby binding the pattern identifiers There are special patterns for Basic values Pattern identifiers Don t care patterns Sets Sequences Tuples Records but not for maps 28

Bindings A binding matches a pattern to a value. A set binding: pat in set expr where expr must denote a set expression. pat is bound to the elements of the set expr A type binding: pat : type Here pat is bound to the elements of type. Type bindings cannot be executed by the Toolbox, because such types can be infinitely large. 29

VDM++ Overview Access Modifiers and Constructors Instance Variables Types Functions Expressions,Patterns,Bindings Operations Statements Concurrency 30

Operation Definitions (1) Explicit operation definitions: o: A * B *... ==> R o(a,b,...) == stmt pre expr post expr Implicit operations definitions: o(a:a, b:b,...) r:r ext rd... wr... pre expr post expr 31

Operation Definitions (2) Preliminary operation definitions: o: A * B *... ==> R o(a,b,...) == is not yet specified pre expr post expr Delegated operation definitions: o: A * B *... ==> R o(a,b,...) == is subclass responsibility pre expr post expr 32

Operation Definitions (3) Operations in VDM++ can be overloaded Different definitions of operations with same name Argument types must not be overlapping statically (structural equivalence omitting invariants) 33

VDM++ Overview Access Modifiers and Constructors Instance Variables Types Functions Expressions,Patterns,Bindings Operations Statements Concurrency 34

Statements Let and Let-be statements Define Statements Block statements Assign statements Conditional statements For loop statements While loop statements Call Statements Non deterministic statements Return statements Exception handling statements Error statements Identity statements Special VDM++ Statement start and startlist statements 35

VDM++ Overview Access Modifiers and Constructors Instance Variables Types Functions Expressions,Patterns,Bindings Operations Statements Concurrency 36

Concurrency in VDM++ Objects can be Passive: Change state on request only, i.e. as a consequence of an operation invocation. Active: Can change their internal state spontaneously without any influence from other objects. Active objects have their own thread of control. Why use concurrency in specifications? The real world is highly concurrent. Consequently models of the world are likely to be concurrent too. For efficiency reasons in a multi processor environment. 37

Passive Objects Respond to requests (operation invocations) from active objects (clients). Supply an interface (a set of operations) for their clients. No thread. Can serve several clients. 38

Permission Guards Synchronization for objects is specified using VDM++ s sync clause: sync per <operation-name> => <condition> The per clause is known as a permission guard. condition is a boolean expression, which involves the attributes of the class, that must hold in order for operation-name to be invoked. Permission guards reflecting the bounding of the buffer : sync per GetItem => len buf > 0 per PutItem => len buf < size 39

Further Information John Fitzgerald, Peter Gorm Larsen Modelling Systems, Practical Tools and Techniques in Software Development John Dawes The VDM-SL Reference Guide Derek Andrews, Darrel Ince Practical Formal Methods with VDM Cliff Jones Systematic Software Development with VDM (2nd edition) John Lathan, Vicky Bush, Ian Cottam The Programming Process John Fitzgerald, Peter Gorm Larsen, Paul Mukherjee, Nico Plat Round-trip engineering with VDM++ and UML (forthcomming) 40

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback