OVERTURE

VDM-SL

i
 TABLE OF CONTENTS
TABLE OF CONTENTS.................................................................................................................i
LIST OF FIGURES.........................................................................................................................ii
1) ABSTRACT.............................................................................................................................1
2) INTRODUCTION....................................................................................................................2
3) FEATURES..............................................................................................................................3
3.1) INSTALLATION:..........................................................................................................10
4) ADVANTAGES.....................................................................................................................15
5) SCENARIO............................................................................................................................16
5.1) FORMAL SPECIFICATIONS:......................................................................................16
5.2) PURPOSE:......................................................................................................................18
6) TAKEAWAYS.......................................................................................................................19
6.1) OBJECTIVES:................................................................................................................19
7) CONCLUSION......................................................................................................................20
8) REFERENCES........................................................................................................................iii

ii
 LIST OF FIGURES

Figure 3.1: The VDM Perspective...................................................................................................3

Figure 3.2: Outline View.................................................................................................................4
Figure 3.3: Import VDM Examples.................................................................................................4
Figure 3.4: Adding New Libraries...................................................................................................5
Figure 3.5: Overture Project Settings..............................................................................................5
Figure 3.6: The Launch Configuration Dialog................................................................................6
Figure 3.7: Debugging Perspective..................................................................................................6
Figure 3.8: Launching the Java Code Generator.............................................................................7
Figure 3.9: Starting Up the Debugger Using the Graphics Plugin..................................................7
Figure 3.10: Downloaded Setup....................................................................................................10
Figure 11: Unzip Folder.................................................................................................................11
Figure 3.12: Extracted Files...........................................................................................................11
Figure 3.13: Launch Workspace....................................................................................................11
Figure 3.14: Blank File Opened.....................................................................................................12
Figure 3.15.....................................................................................................................................12
Figure 3.16: Select Dialect............................................................................................................13
Figure 3.17: Import Projects..........................................................................................................13
Figure 3.18.....................................................................................................................................14
Figure 3.19: Run Configuration.....................................................................................................14

iii
 1) ABSTRACT

This document contain on report on Formal Method. Using formal specification,

how we design a program using specification language. This report also contains a brief
description about tool being used to write specification language. A scenario is also
explained as an example.

1
 2) INTRODUCTION

Formal methods are techniques used to model complex systems as mathematical entities.
By building a mathematically rigorous model of a complex system, designers can not only verify
the system’s properties in a more thorough fashion but also use mathematical proof as a
complement to system testing so as to ensure correct behavior. In software development, formal
methods are mathematical approaches to solving software (and hardware) problems at the
requirements, specification, and design levels. Formal methods are most likely to be applied to
safety-critical or security-critical software and systems, such as avionics software. For sequential
software, examples of formal methods include the B-Method, the Z notation. We use VDM-SL
to program our designed specifications.
The Vienna Development Method (VDM) is one of the longest-established formal
methods for the development of computer-based systems. Originating in work done at the IBM
Laboratory Vienna  in the 1970s, it has grown to include a group of techniques and tools based
on a formal specification language—the VDM Specification Language (VDM-SL).. Support for
VDM includes commercial and academic tools for analyzing models, including support for
testing and proving properties of models and generating program code from validated VDM
models. There is a history of industrial usage of VDM and its tools and a growing body of
research in the formalism has led to notable contributions to the engineering of critical
systems, compilers, concurrent systems and in logic for computer science.

2
 3) FEATURES

Overture is an open source tool, developed by volunteers and built on the

Eclipse platform. The project is managed on GitHub.
 The VDM Explorer view in Overture lets you create, select, and delete Overture projects
and navigate between the files in these projects, as well as adding new files to existing
projects.
 Depending upon the dialect of VDM used in a given project, a corresponding Overture
Editor view will be available to edit the files of your new project. Dialect editors are
sensitive to the keywords used in each particular dialect, and simplify the task of working
on the specification.
 The Outline view, on the right hand side of Figure 3.1, presents an outline of the file
selected in the editor. The outline shows all VDM definitions, such as state definitions,
values, types, functions and operations. The type of each definition is also shown in the
view and the color of the icons in front of the names indicates the accessibility of each
definition.

Figure 3.1: The VDM Perspective

 Clicking on the name of a definition in the outline will navigate to the definition and
highlight the name in the Editor view as shown in the Figure 3.2.

3
 Figure 3.2: Outline View

 The Problems view at the bottom of Figure 3.1 displays information messages about the
projects you are working on, such as warnings and syntax or type checking errors.
 It is possible to import Overture projects by right-clicking in the Explorer view and
selecting Import, followed by General → Existing Projects into Workspace. It is also
possible to automatically import a large collection of existing examples. To do this, right
click the Explorer view and select Import → Overture → Overture Examples. (Figure
3.3)

Figure 3.3: Import VDM Examples

4
 In addition to adding new empty files, overture allows to add existing standard libraries,
e.g. IO, Math, Util, CSV, VDM-Unit. (Figure 3.4)

Figure 3.4: Adding New Libraries

 Overture supports to set Language version, the default is to use the classic version as
shown in Figure 3.5. Alternatively you can select VDM-10 which is a new improved (but
not necessarily backwards compatible) version of the VDM dialects developed by the
Overture VDM Language Board.

Figure 3.5: Overture Project Settings

 Overture provides the feature: execute or debug a VDM model. To do that, you must first
create a launch configuration (Figure 3.6). To do this, go to the main Run menu and
select Run → Run Configurations. Select the type of project you want to launch, click the
New icon to create a new launch specification of that type and give it a name.

5
 Figure 3.6: The Launch Configuration Dialog

 Overture provide different run-time checks, e.g. Dynamic type checks, Invariant checks,
Pre condition checks, Post condition checks, Measure checks.
 The Debug Perspective (in Figure 3.7) contains all the views commonly needed for
debugging in VDM.

Figure 3.7: Debugging Perspective

 Overture allow to add breakpoints in any perspective from the Editor view. Breakpoints
can be normal or conditional.
 Overture provides the syntax for trace definitions.

This icon is used to indicate that the test case has not yet been executed.

This icon is used to indicate that the test case has a pass verdict.

6
 This icon is used to indicate that the test case has an inconclusive verdict.

This icon is used to indicate that the test case has a fail verdict.
 Overture makes it possible to generate Java code for a large subset of VDM-SL and
VDM++ models. In addition to Java, C and C++ code generators are currently being
developed. The Java code generator operates in two different modes:
o Regular mode
o Launch Configuration mode

Figure 3.8: Launching the Java Code Generator

 Overture’s C code generator is under active development. Following items are tested and
known, to the best of the developers’ knowledge, to translate correctly to C.
Classes, Inheritance, Overloading and overriding, Nested constructor calling, The
self expression, Let expressions, is (var, type) testing for basic types, Records,
Products, Sets, sequences and maps, Explicit functions and operations, Loops, I/O
library, flinecount(), freadval [ seq of real ] (), MATH library, etc.
 On some occasions it is convenient to monitor how a VDM++ model’s variables evolve
over time. To support this kind of analysis, a plugin extension to Overture enables
graphics plotting of VDM models, as they are being interpreted.

Figure 3.9: Starting Up the Debugger Using the Graphics Plugin

7
Figure 3.9 (a): Starting Up the Debugger Using the Graphics Plugin

Figure 3.9 (b): Starting Up the Debugger Using the Graphics Plugin

8
 Figure 3.9 (c): Starting Up the Debugger Using the Graphics Plugin

 Overture has a feature for controlling a VDM model with a generic GUI, automatically
generated from the model [Nunes&2011]. In order to use the Generated GUI feature,
simply launch the model as a VDM GUI configuration.

 Annotations were introduced in Overture version 2.7.0 as a means to allow a specifier to

affect the tool’s behavior without affecting the meaning of the specification.
Annotations can be used to affect the following aspects of Overture’s operation:
o The parser (for example) to enable or disable new language features.
o The type checker (for example) to check for overrides or suppress warnings.
o The interpreter (for example) to trace the execution path or variables’ values
o The PO generator to (for example) skip obligations for an area of
specification.
Overture includes some standard annotations: @Override, @Trace, @NoPOG,
@Printf, and @OnFail. One can also add new annotations.

 At the center of the Overture tool there is a Java implementation of VDM forming a core.
This provides a command-line interface that may be valuable as it can be used
independently of the Eclipse interface of Overture.

9
 Overture defines a number of standard Eclipse templates. You can add your own as well.
Some keys of the pre-defined templates are: caseExpression, dclStatement,
defExpression, exists, forall, forallLoop, forallinset, functions, ifthen, functionExplicit,
functionImplicit, module, moduleSkeleton, operationExplicit, operationImplicit, act,
active, class, classSkeleton, etc.

3.1) INSTALLATION:
 Go to website:
http://overturetool.org/
Also download jre 8 to successfully install and run the tool.
https://www.oracle.com/java/technologies/javase-jre8-downloads.html
 Go to “Download” and download the compatible version to your PC.

Figure 3.10: Downloaded Setup

10
 Unzip the downloaded (highlighted) folder and extract all files.

Figure 11: Unzip Folder

 Here are the files extracted:

Figure 3.12: Extracted Files

 Now run the application and launch workspace.

11
 Figure 3.13: Launch Workspace

 This page appears when the application is opened:

Figure 3.14: Blank File Opened

 Now write your own vdm specifications or you can also import built-in
example: go to File and select Import.
 Choose Overture and then Overture examples in the options:

12
 Figure 3.15

 Select the dialect you want to work on.

Figure 3.16: Select Dialect

 Then browse and select the project you want to run.

13
 Figure 3.17: Import Projects

 The selected project will be loaded when you the process.

Figure 3.18

14
  Then, you can run it by going to Run and then to Run configuration.

Figure 3.19: Run Configuration

4) ADVANTAGES

Overture is a community-based open source initiative aimed at providing freely

available tool. Its aim is to develop a framework for interoperable tools that will be useful for
industrial application, research and education. Overture has a strong record of being used in
industrial application, in many cases by practitioners who are not specialists in the underlying
formalism or logic.
Experience with the method suggests that the effort expended on formal modeling and
analysis can be recovered in reduced rework costs arising from design errors. The VDM tool
supports/involves the development and analysis of models to help understand systems and
predict their properties. Good models exhibit abstraction and rigor. Abstraction is the
suppression of detail that is not relevant to the purpose for which a model is constructed. 

15
  The tool supports the modeling of object-oriented and concurrent systems. Support for
VDM includes commercial and academic tools for analyzing models, including support for
testing and proving properties of models and generating program code from validated VDM
models.
There is a history of industrial usage of VDM and its tools and a growing body of
research in the formalism has led to notable contributions to the engineering of critical
systems, compilers, concurrent systems and in logic for computer science.

5) SCENARIO

The scenario is about Country Coloring.  It specifies relationships between countries on
a map where neighboring countries shall be colored differently. Following are the formal
specifications for the mentioned system:

5.1) FORMAL SPECIFICATIONS:

\begin{vdm_al}
types

Country = seq of char;

Relation = set of (Country * Country);

16
 Colour = set of Country;

Colouring = set of Colour;

functions

isRelation: Relation -> bool

isRelation(r) ==
forall mk_(c1,c2) in set r & c1 <> c2;

areNb: Country * Country * Relation -> bool

areNb(cn1,cn2,r) ==
mk_(cn1,cn2) in set r or mk_(cn2,cn1) in set r;

CountriesRel: Relation -> set of Country

CountriesRel(r) ==
dunion {{c1,c2} | mk_(c1,c2) in set r};

sameColour: Country * Country * Colouring -> bool

sameColour(cn1,cn2,cols) ==
exists col in set cols & cn1 in set col and cn2 in set col;

CountriesCol: Colouring -> set of Country

CountriesCol(cols) ==
dunion cols;

isColouring: Colouring -> bool

isColouring(cols) ==
forall col1,col2 in set cols & col1 <> col2 => col1 inter col2 = {};

isColouringOf: Colouring * set of Country -> bool

isColouringOf(cols,cns) ==
CountriesCol(cols) = cns;

nbDistinctColours: Colouring * Relation -> bool

nbDistinctColours(cols,r) ==
forall cn1, cn2 in set CountriesRel(r) &
areNb(cn1,cn2,r) => not sameColour(cn1,cn2,cols);

colMap(r: Relation) cols : Colouring

pre isRelation(r)
post isColouring(cols) and
isColouringOf(cols, CountriesRel(r)) and
nbDistinctColours(cols, r);

canBeExtBy: Colour * Country * Relation -> bool

canBeExtBy(col, c, r) ==
forall c1 in set col & not areNb(c1, c, r);

extndCol: Colouring * Country * Relation -> Colouring

extndCol(cols,c,r) ==
if cols = {}
then {{c}}
else let col in set cols
in

17
 if canBeExtBy(col,c,r)
then { {c} union col } union cols \ {col}
else { col } union extndCol(cols \ {col}, c, r)
measure CardColouring;

CardColouring: Colouring * Country * Relation -> nat

CardColouring(cols,-,-) ==
card cols;

colCntrs: set of Country * Relation -> Colouring

colCntrs(cs, r) ==
if cs = {}
then {}
else let c in set cs
in
extndCol(colCntrs(cs\{c}, r), c, r)
measure CardCountry;

CardCountry: set of Country * Relation -> nat

CardCountry(cs,-) ==
card cs;

colMapExpl: Relation -> Colouring

colMapExpl(r) ==
colCntrs(CountriesRel(r), r)
pre isRelation(r)
\end{vdm_al}

5.2) PURPOSE:
By implementing the formal specifications of the scenario, project behavior
is analyzed and key properties of the project or the key functionalities provided be it can be
tested. As they are mathematically precise, problems in the project requirements can be
discovered. The specifications have a syntax and the semantics falls in one domain so useful
information and objective of the project can be inferred. As we got to know that our project
CountryColouring provides certain functions about the countries location, e.g. they are
neighbors or not. It models different countries and specify them in sets on base of their
colors. And as specified earlier, it is known that countries which are neighbors can’t be put in
same color set. Neighboring countries are put in different colors sets and their relation is
displayed.

18
 6) TAKEAWAYS

By using the tool, abstraction from design considerations is enabled and maximum
focus on high-level, precise and systematic analysis is enabled. The tool allows to describe the
project scenario in VDM-SL as a short, flat specification. The Overture project aims to provide
at least as much functionality as VDM Tools, but built on an open and extensible platform based
on the Eclipse framework. The invariants, operations and the functions in the project were
highlighted and tool provided the Run Configuration to check all these features.

19
6.1) OBJECTIVES:
Formal specification language is different from programming languages because
the syntax and semantics of the specification language are more abstract the syntax and
semantics of programming languages. Formal modeling provide constructs to write
specifications of programming system, while programming languages provide constructs to
write program.
 A VDM-SL model is a system description given in terms of the functionality performed
on data. It consists of a series of definitions of data types and functions or operations
performed upon them.
 Specification Language VDM is Process Oriented and Model Oriented specification type.
 Property Oriented Specification defines the behavior of system indirectly by a set of
properties in the form of axioms that the system must satisfy.
 Model Oriented Specification defines the behavioral of system directly by constructing a
model of system.
 In Object Oriented VDM approach provide Concurrency support.
 It supports the modeling and analysis of software systems at different levels of
abstraction. Using VDM-SL constructs, both data and algorithmic abstractions expressed
in one level can be refined to a lower level to derive a concrete model that is closer to the
final implementation of the system.

7) CONCLUSION

In this report we presented the approach that the overture community has taken in
dealing with request for changing to the VDM of specifications. Formal Specification Languages
are languages that are used to express the formal specification in a language whose vocabulary;
syntax and semantics are formally defined. Use of the formal specification languages reduce the
ambiguity and ensure the completeness and correctness of the software specification. This
approach has been structured and aimed toward making decisions as a community for example

20
formal method of the object oriented version of the language needs to be defined so as recently
board proposed to extend the scope of libraries (before that VDM didn’t have a structure) but
main motivation should be consistency, because models do not rely only on definition but also
on behavior of the libraries.

In this paper we presented the

approach that the Overture community
has taken in deal-
ing with requests for changes to the
VDM-10 family of specification
languages. This
approach has been a structured one
and very much aimed towards making
decisions as a
community. Central in the approach
has been the installation of the
“Overture Language
Board” (LB), which is responsible for
moving language change requests
(Requests for

21
modification: RM) forward and
providing expert knowledge on the
details of the lan-
guage and advising on the RMs. The
LB actively consults the Overture
community
In this paper we presented the
approach that the Overture community
has taken in deal-
ing with requests for changes to the
VDM-10 family of specification
languages. This
approach has been a structured one
and very much aimed towards making
decisions as a
community. Central in the approach
has been the installation of the
“Overture Language
22
Board” (LB), which is responsible for
moving language change requests
(Requests for
modification: RM) forward and
providing expert knowledge on the
details of the lan-
guage and advising on the RMs. The
LB actively consults the Overture
community
In this paper we presented the
approach that the Overture community
has taken in deal-
ing with requests for changes to the
VDM-10 family of specification
languages. This
approach has been a structured one
and very much aimed towards making
decisions as a
23
community. Central in the approach
has been the installation of the
“Overture Language
Board” (LB), which is responsible for
moving language change requests
(Requests for
modification: RM) forward and
providing expert knowledge on the
details of the lan-
guage and advising on the RMs. The
LB actively consults the Overture
community
:

24
25
 8) REFERENCES

 http://overturetool.org/
 https://www.oracle.com/java/technologies/javase-jre8-downloads.html
 https://en.wikipedia.org/wiki/Vienna_Development_Method
 http://overturetool.org/documentation/manuals.html
 http://overturetool.org/download/examples/VDMSL/

iii