Types of Specifications

Similar documents
Assertions, pre/postconditions

AWT COLOR CLASS. Introduction. Class declaration. Field

The Java Modeling Language JML

CSE331 Winter 2014, Midterm Examination February 12, 2014

CSE331 Winter 2014, Midterm Examination February 12, 2014

Code Contracts. Pavel Parízek. CHARLES UNIVERSITY IN PRAGUE faculty of mathematics and physics

AP COMPUTER SCIENCE JAVA CONCEPTS IV: RESERVED WORDS

n Specifying what each method does q Specify it in a comment before method's header n Precondition q Caller obligation n Postcondition

References: internet notes; Bertrand Meyer, Object-Oriented Software Construction; 10/14/2004 1

Testing, Debugging, and Verification

CSE 331 Midterm Exam Sample Solution 2/18/15

Inf1-OOP. Data Types. A Foundation for Programming. type value set operations. Overview. Using Data Types 1. Image Processing

Language Features. 1. The primitive types int, double, and boolean are part of the AP

hwu-logo.png 1 class Rational { 2 int numerator ; int denominator ; 4 public Rational ( int numerator, int denominator ) {

Code Contracts in C#

TRIAL EXAM C Software Engineering using Formal Methods TDA293 / DIT270

Prelim 1 SOLUTION. CS 2110, September 29, 2016, 7:30 PM Total Question Name Loop invariants. Recursion OO Short answer

CSE 331 Summer 2016 Final Exam. Please wait to turn the page until everyone is told to begin.

JASS Java with ASSertions Detlef Bartetzko, Clemens Fischer, Michael Möller, Heike Wehrheim. Presented by Florian Froese (froesef)

CSE 331 Midterm Exam 11/9/15 Sample Solution

CSE 373: Asymptotic Analysis, BSTs. Michael Lee Friday, Jan 12, 2018

CSI33 Data Structures

Image Size vs. File Size. gif File Compression. 1 Review. Slides05 - Pixels.key - September 28, 2015

Plan of the lecture. Quick-Sort. Partition of lists (or using extra workspace) Quick-Sort ( 10.2) Quick-Sort Tree. Partitioning arrays

CSE wi Midterm Exam 2/8/18 Sample Solution

Full file at

COMP-202. Recursion. COMP Recursion, 2011 Jörg Kienzle and others

COMP 202 Recursion. CONTENTS: Recursion. COMP Recursion 1

3. Convert 2E from hexadecimal to decimal. 4. Convert from binary to hexadecimal

Designing Classes. Appendix D. Slides by Steve Armstrong LeTourneau University Longview, TX 2007, Prentice Hall

Backward Reasoning: Rule for Assignment. Backward Reasoning: Rule for Sequence. Simple Example. Hoare Logic, continued Reasoning About Loops

Inf1-OOP. Data Types. A Foundation for Programming. type value set operations. Overview. Using Data Types 1. Image Processing

A foundation for programming. Classes and objects. Overview. Java primitive types. Primitive types Creating your own data types

Objectives for this class meeting. 1. Conduct review of core concepts concerning contracts and pre/post conditions

Question: Total Points: Score:

! An exception is a condition that occurs at execution time and makes normal continuation of the program impossible.

Lecture Notes CPSC 224 (Spring 2012) Today... Java basics. S. Bowers 1 of 8

CS 161 Computer Security

Use the scantron sheet to enter the answer to questions (pages 1-6)

CSE143 Exam with answers MIDTERM #1, 1/26/2001 Problem numbering may differ from the test as given.

Seminar in Software Engineering. DySy. Dynamic Symbolic Execution for Invariant Inference. April 28th Lukas Schwab

Outline. iterator review iterator implementation the Java foreach statement testing

School of Informatics, University of Edinburgh

BIT Java Programming. Sem 1 Session 2011/12. Chapter 2 JAVA. basic

Argument Passing All primitive data types (int etc.) are passed by value and all reference types (arrays, strings, objects) are used through refs.

CMPT-166: Sample Final Exam Answer Key

OO Design Principles

Classes, interfaces, & documentation. Review of basic building blocks

CS Lecture 19: Loop invariants

PREPARING FOR PRELIM 1

CSE wi Midterm Exam 2/8/18. Name UW ID #

CSE 331 Spring 2018 Midterm

CS 251 Intermediate Programming Methods and Classes

CS 251 Intermediate Programming Methods and More

Formale Entwicklung objektorientierter Software

CLASSES AND OBJECTS. Fundamentals of Computer Science I

Programming By Contract: Designing for Correctness

CIS 110 Spring 2013 Make-Up Midterm, 13 February 2013, Answer Key. Miscellaneous

Slide 1 CS 170 Java Programming 1 Multidimensional Arrays Duration: 00:00:39 Advance mode: Auto

CLASSES AND OBJECTS. Fundamentals of Computer Science I

Introduction to Programming (Java) 4/12

COMP 110/L Lecture 24. Kyle Dewey

EXAMINATIONS 2009 MID-TERM TEST. COMP 202 / SWEN 202 Formal Methods of Computer Science / Formal Foundations of Software Engineering WITH ANSWERS

Java Modelling Language (JML) References

CSE 331 Winter 2016 Midterm Solution

Software Engineering Concepts: Invariants Silently Written & Called Functions Simple Class Example

Lecture Static Methods and Variables. Static Methods

Lecture Static Methods and Variables. Static Methods

CSC Java Programming, Fall Java Data Types and Control Constructs

Object-Oriented Programming (OOP) Basics. CSCI 161 Introduction to Programming I

CS61B Lecture #5: Arrays and Objects

Exceptions. CS162: Introduction to Computer Science II. Exceptions. Exceptions. Exceptions. Exceptions. Exceptions

CSE 143. Computer Programming II

Assertions & Design-by-Contract using JML Erik Poll University of Nijmegen

COMP 202 Java in one week

CIS Introduction to Computer Programming Spring Exam 1

CS 1331 Exam 1 ANSWER KEY

1- Write a single C++ statement that: A. Calculates the sum of the two integrates 11 and 12 and outputs the sum to the consol.

Java Modelling Language (JML) References

CSE 331 Final Exam 3/12/12

Solutions to Quiz 1 (March 14, 2016)

Programming with Contracts. Juan Pablo Galeotti, Alessandra Gorla Saarland University, Germany

Array. Prepared By - Rifat Shahriyar

Outline. Introduction. 2 Proof of Correctness. 3 Final Notes. Precondition P 1 : Inputs include

Solutions to Quiz 1 (October 19, 2015)

Fundamentals of Software Engineering

Further directions in program correctness

ESC/Java2 Warnings David Cok, Joe Kiniry, and Erik Poll Eastman Kodak Company, University College Dublin, and Radboud University Nijmegen

a correct statement? You need to know what the statement is supposed to do.

Java: advanced object-oriented features

Documentation Requirements Computer Science 2334 Spring 2016

1 Epic Test Review 2 Epic Test Review 3 Epic Test Review 4. Epic Test Review 5 Epic Test Review 6 Epic Test Review 7 Epic Test Review 8

Overview The Java Modeling Language (Part 1) Related Work

EECS2030 Week 7 worksheet Tue Feb 28, 2017

Introduction to Programming in C Department of Computer Science and Engineering. Lecture No. #44. Multidimensional Array and pointers

Arrays.

5/3/2006. Today! HelloWorld in BlueJ. HelloWorld in BlueJ, Cont. HelloWorld in BlueJ, Cont. HelloWorld in BlueJ, Cont. HelloWorld in BlueJ, Cont.

JML. Java Modeling Language

Formal Specification and Verification

5. Assuming gooddata is a Boolean variable, the following two tests are logically equivalent. if (gooddata == false) if (!

Transcription:

A software specification indicates the task (or some aspect of the task) that is supposed to be performed when software executes. Types of Specifications Class Diagrams Object Diagrams Activity Diagrams (control flow diagrams) Assertions ( ) Others An assertion is a statement of fact that is presumed true relative to a code location(s). Example /** assert: str is a String and str.length > 2 */ assert str instanceof String && str.length > 2;! char firstchar, secondchar, bigchar; firstchar = str.charat(0); secondchar = str.charat(1); if (firstchar > secondchar) { bigchar = firstchar; else { bigchar = secondchar; /** assert: * str.length > 2 * and (str.charat(0) str.charat(1) * implies bigchar == str.charat(0)) * and (str.charat(0) str.charat(1) * implies bigchar == str.charat(1)) */ 1

Assertion Notation Assertions are based on logic and certain program notations (i.e., variable references and possibly non-void method calls). Assertions should NOT contain action verbs. Logical Operators not SubAssertion1! SubAssertion1 and SubAssertion2! SubAssertion1 or SubAssertion2! SubAssertion1 implies SubAssertion2! The subassertion must be false. Both subassertions must be true. One or both subassertion is true. When the first subassertion is true, the second must also be true. Assertion Notation Another logical notation, known as quantification, permits expressing assertions! about data structures. Form (universal quantification)! forall(type var : boundarycondition SubAssertion ) Example forall(integer j : 0 j 3 arr[j] > 0 ) Form (existential quantification)! exists(type var : boundarycondition SubAssertion ) Example exists(integer j : 0 j 3 arr[j] == 7 ) 2

Quantification Examples Assume two arrays of double: arr1 and arr2 and arr1.length == arr2.length == 5! forall (Integer r : 0 r 3 arr1[r] < arr1[r+1] ) forall (w : 0 w 4 arr1[w] == arr2[w] ) exists (k : 0 k 4 arr1[k] == 33 and arr2[k] == 33 ) exists (k : 0 k 4 ( arr1[k] < 0 and forall (j : k < j 4 arr2[k] == arr1[j]) ) ) forall (j,k : 0 j,k 4 and j!= k arr1[j]!= arr2[k] ) Where to place Assertions? An assertion can be located anywhere within executable instructions.! However, some locations have been found most effective:! Class Invariant! Method Precondition! Method Postcondition! Loop Invariant! 3

Example /** class invariant * distanceinmiles > 0 and timeinseconds > 0 */ public class LapTime { private double distanceinmiles, timeinseconds; /** pre: d > 0 and t > 0 * post: distanceinmiles == d and timeinseconds == t */ public LapTime(double d, double t) { distanceinmiles = d; timeinseconds = t; When is each assertion presumed to be true?! /** post: distanceinmiles == 60 * and timeinseconds == 3600 */ public void setto60mph() { distanceinmiles = 60; timeinseconds = 3600; // more methods on later slides Special Postcondition Notations Return value (result)! // Within LapTime class /** post: result == distanceinmiles / (timeinseconds*3600) */ public double milesperhour() { double velocity; velocity = distanceinmiles/(timeinseconds*60*60); return velocity Previous value (@pre)! // Within LapTime class /** post: distanceinmiles == distanceinmiles@pre * 2 */ public void doublethemileage() { distanceinmiles = distanceinmiles * 2; 4

Method Contract Method caller guarantees... precondition & class invariant (at time of method call) Method is required to ensure... postcondition & class invariant (at time of method return) Addendum: A modifies clause can stipulate what alterations are permitted Example: the standard Color class.! java.awt.color - int redness - int blueness - int greenness - int opaqueness «alpha» «constructor» + Color(int r, int g, int b) + Color(float r, float g, float b, float a) «query» + int getred() + Color darker() + Color brighter()... What does this class diagram tell you?! What doesn t it tell you?! Using method contracts, fills in more design details.! 5

java.awt.color Class Specifications Invariant (for every Color object) 0 redness 255 and 0 greenness 255 and 0 blueness 255 and 0 opaqueness 255 Constructor Methods public Color(int r, int g, int b) pre: 0 r 255 and 0 g 255 and 0 b 255 (throws IllegalArgumentException) modifies: redness, greenness, blueness, opaqueness post: redness == r and greenness == g and blueness == b and opaqueness == 255 public Color(float r, float g, float b, float a) pre: 0.0 r 1.0 and 0.0 g 1.0 and 0.0 b 1. 0 and 0.0 a 1.0 (throws IllegalArgumentException) post: redness == r*255 and greenness == g*255 and blueness == b*255 and opaqueness == a*255 java.awt.color Class Specifications (continued) Query Methods public int getred() post: result == redness public Color darker() post: result.redness == redness * 0.7 and result. greenness == greenness * 0.7 and result. blueness == blueness * 0.7 and result. opaqueness == 255 public Color brighter() post: (redness / 0.7) > 255 implies result.redness == 255 and (redness / 0.7) 255 implies result.redness == redness / 0.7 and (greenness / 0.7) > 255 implies result. greenness == 255 and (greenness / 0.7) 255 implies result. greenness == greenness / 0.7 and (blueness / 0.7) > 255 implies result. blueness == 255 and (blueness / 0.7) 255 implies result. blueness == blueness / 0.7 and result. opaqueness == 255... 6

The Sun Documentation Color public Color(int r, int g, int b) Creates an opaque srgb color with the specified red, green, and blue values in the range (0-255). The actual color used in rendering depends on finding the best match given the color space available for a given output device. Alpha is defaulted to 255. Parameters: r - the red component g - the green component b - the blue component Throws: IllegalArgumentException - if r, g or b are outside of the range 0 to 255, inclusive See Also: getred(), getgreen(), getblue(), getrgb() brighter More Sun Documentation public Color brighter()int r, Creates a new Color that is a brighter version of this Color. This method applies an arbitrary scale factor to each of the three RGB components of this Color to create a brighter version of this Color. Although brighter and darker are inverse operations, the results of a series of invocations of these two methods might be inconsistent because of rounding errors. Returns: a new Color object that is a brighter version of this Color. Since: JDK1.0 See Also: darker() 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback