CS:5810 Formal Methods in Software Engineering

Sets and Relations

Copyright 2001-22, Matt Dwyer, John Hatcliff, Rod Howell, Laurence Pilard, and Cesare Tinelli.
Created by Cesare Tinelli and Laurence Pilard at the University of Iowa from notes originally developed by Matt Dwyer, John Hatcliff, Rod Howell at Kansas
State University. These notes are copyrighted materials and may not be used in other course settings outside of the University of Iowa in their current form
or modified form without the express written permission of one of the copyright holders. During this course, students are prohibited from selling notes to or
being paid for taking notes by any person or commercial firm without the express written permission of one of the copyright holders.
 These Notes
• review the concepts of sets and relations required to work with
the Alloy language

• focus on the kind of set operation and definitions used in

specifications

• give some small examples of how we will use sets in

specifications

CS:5810 -- Formal Methods in Software Engineering Fall 2022 1

 Sets
A set is a collection of distinct objects

A set’s objects are drawn from a larger domain of objects all of which have
the same type --- sets are homogeneous

Examples: domain
{ 2, 4, 5, 6, … } set of integers
{ red, yellow, blue } set of colors
{ true, false } set of boolean values
{ red, true, 2 } for us, not a set!

CS:5810 -- Formal Methods in Software Engineering Fall 2022 2

 Set Values
The value of a set is the collection of its members

Two sets A and B are equal iff

– every member of A is a member of B
– every member of B is a member of A
Î
Notation:
• x є S denotes “x is a member of S”
• Ø denotes the empty set
CS:5810 -- Formal Methods in Software Engineering Fall 2022 3
 Defining Sets
We can define a set by enumeration
– PrimaryColors := { red, yellow, blue }
– Boolean := { true, false }
– Evens := { …, -4, -2, 0, 2, 4, … }

This works fine for finite sets, but

– what do we mean by “…” ?
– remember, we want to be precise

CS:5810 -- Formal Methods in Software Engineering Fall 2022 4

 Defining Sets
We can define a set by comprehension, that is, by describing a property
that its elements must share
Notation: { x : D | P(x) }

Form a new set of elements drawn from domain D by including exactly the
elements that satisfy predicate (i.e., Boolean function) P

Examples:
{ x : N | x < 10} Naturals less than 10
{ x : Z | (! y : Z | x = 2y) } Even integers
{x:N|x>x} Empty set of natural numbers

CS:5810 -- Formal Methods in Software Engineering Fall 2022 5

 Cardinality
The cardinality (#) of a finite set is the number of its elements

Examples:
– # {red, yellow, blue} = 3
– # {1, 23} = 2
–#Z=?

Cardinalities are defined for infinite sets too but we’ll be mostly concerned
with the cardinality of finite sets

CS:5810 -- Formal Methods in Software Engineering Fall 2022 6

 Set Operations
Union (X, Y sets over domain D): X ! Y " { e: D | e # X $% e # Y }
– {red} ! {blue} = {red, blue}

Intersection: X & Y " { e: D | e # X '() e # Y }

– {red, blue} & {blue, yellow} = {blue}

Difference X \ Y " { e: D | e # X '() e * Y }

– {red, yellow, blue} \ {blue, yellow} = {red}

CS:5810 -- Formal Methods in Software Engineering Fall 2022 7

 Subsets
A subset holds elements drawn from another set
X ! Y +,, every element of X is in Y
Example: { 1, 7, 24 } ! { 1, 7, 17, 24 } !"Z

A proper subset is a non-equal subset

Another view of set equality: A = B +,, (A - B '() B - A)

CS:5810 -- Formal Methods in Software Engineering Fall 2022 8

 Power Sets
The power set of set S, denoted Pow (S), is the set of all subsets
of S:

Pow (S) ! { e | e - S }

Example:
Pow ({a,b,c}) = { ., {a}, {b}, {c}, {a,b}, {a,c}, {b,c}, {a,b,c} }

Note: for any S, . - S and thus . # Pow (S)

CS:5810 -- Formal Methods in Software Engineering Fall 2022 9

 Exercises
These slides include questions that you should be able to solve at
this point

They may require you to think some

You should spend some effort in solving them

… and may in fact appear on exams

CS:5810 -- Formal Methods in Software Engineering Fall 2022 10

 Exercises
1. Specifying using comprehension notation
a) Odd positive integers
b) The squares of integers, i.e. { 0, 1, 4, 9, 16,… }
2. Express the following logic properties on sets without using
the # operator
a) Set has at least one element
b) Set has no elements
c) Set has exactly one element
d) Set has at least two elements
e) Set has exactly two elements
CS:5810 -- Formal Methods in Software Engineering Fall 2022 11
 Set Partitioning
• Sets are disjoint if they share no elements
• We will often take some set S and divide its members into
disjoint subsets called blocks or parts
• We call this division a partition
• Each member of S belongs to exactly one block of the partition

Soup Chips & Salsa

Steak Pizza Sweet & Sour Pork

Cake Apple pie Ice Cream

CS:5810 -- Formal Methods in Software Engineering Fall 2022 12

 Partition Example
Model residential scenarios

Basic domains: Person, Residence

Partitions:
– Partition Person into Child, Adult
– Partition Residence into Home, DormRoom, Apartment

CS:5810 -- Formal Methods in Software Engineering Fall 2022 13

 Exercises
1. Express the following properties of pairs of sets
a) Two sets are disjoint
b) Two sets form a partitioning of a third set

CS:5810 -- Formal Methods in Software Engineering Fall 2022 14

 Expressing Relationships
It’s useful to be able to refer to structured values
– a group of values that are bound together
– e.g., struct, record, object fields

Alloy is a calculus of relations (sets of tuples)

All of our Alloy models will be built using relations
… but first some basic definitions

CS:5810 -- Formal Methods in Software Engineering Fall 2022 15

 Products
Given two sets A and B, the product of A and B, usually denoted A x B, is
the set of all possible pairs (a, b) where a # A and b # B

A x B ≡ { (a, b) | a " A, b " B }

Example:

{ }
(red, true), (red, false),
PrimaryColor x Boolean = (blue, true), (blue, false),
(yellow, true), (yellow, false)

CS:5810 -- Formal Methods in Software Engineering Fall 2022 16

 Binary Relations
A binary relation R between A and B is an element of Pow (A x B),
i.e., R - A x B AxB

domain co-domain
Examples:
Parent : Person x Person = { (John, June), (John, Sam) }
Square : Z x N = { (1, 1), (-1, 1), (-2, 4) }
ClassGrades : Person x { A, B, C, D, F } = { (Kim, A), (Alex, B) }

CS:5810 -- Formal Methods in Software Engineering Fall 2022 17

 Binary Relations
The set of first elements is the definition domain of the relation
– Parent = { (John, Autumn), (John, Sam) }
– defdomain (Parent) = { John } not Person!

The set of second elements is the image of the relation

– image (Square) = { 1, 4 } not N!

What about { (1,blue), (2,blue), (1,red) }

– definition domain? image?
CS:5810 -- Formal Methods in Software Engineering Fall 2022 18
 N-ary Relations
A ternary relation R between A, B and C is an element of
Pow (A x B x C)

Example:
FavoriteBeer : Person x Beer x Price
= { (John, Miller, $2), (Ted, Heineken, $4), (Steve, Miller, $2) }

N-ary relations with n>3 are defined analogously

(n is the arity of the relation)
CS:5810 -- Formal Methods in Software Engineering Fall 2022 19
 Common Relation Structures
One-to-Many “Many” (two) Many-to-One

One

Many

One

One-to-One Many-to-Many
Many

Many

One
One

CS:5810 -- Formal Methods in Software Engineering Fall 2022 20

 Functional Relations
A function is a relation F of arity n+1 containing no two distinct
tuples with the same first n elements,
– i.e., for n = 1, ∄ (a, b1), (a, b2) ∈ F s.t. b1 ≠ b2

Examples:
– { (2, red), (3, blue), (5, red) } ✓
– { (4, 2), (6, 3), (8, 4) } ✓
– { (2, red), (3, blue), (2, blue) } ✘

Instead of F: A1 x A2 x … x An x B we writeF: A1 x A2 x … x An -> B

CS:5810 -- Formal Methods in Software Engineering Fall 2022 21
 Exercises
Which of the following are functions?

1. Parent = { (John, Ann), (John, Sam), (Sam, Joy) }

2. Square = { (1, 1), (-1, 1), (-2, 4) }

3. ClassGrades = { (Todd, A), (Vic, B) }

CS:5810 -- Formal Methods in Software Engineering Fall 2022 22

 Relations vs. Functions
Parent
John Joy Many-to-many
Lorie Sam

1 Square 4
-2 Many-to-one
-1 1
A function is an
X-to-one relation
ClassGrades
Todd A
One-to-one
Vic B

CS:5810 -- Formal Methods in Software Engineering Fall 2022 23

 Special Kinds of Functions
Consider a function f from S to T

f is total if defined for all values of S

f is partial if undefined for some values of S

Examples:
– Squares : Z -> N = {…, (-1,1), (0,0), (1, 1), (2,4), …} total
– SquareRoot : N -> N = { (x, y) : N x N | y2 = x) } partial

CS:5810 -- Formal Methods in Software Engineering Fall 2022 24

 Function Structures
Total Function

Partial Function Undefined for this input

Note: the empty relation over

a non-empty domain is a
partial function

CS:5810 -- Formal Methods in Software Engineering Fall 2022 25

 Special Kinds of Functions
A function f: S -> T is

• injective (one-to-one) if no image element is associated with multiple

domain elements

• surjective (onto) if its image is T

• bijective if it is both injective and surjective

We’ll see that these come up frequently

– can be used to define properties concisely

CS:5810 -- Formal Methods in Software Engineering Fall 2022 26

 Function Structures
Injective Function

Surjective Function

CS:5810 -- Formal Methods in Software Engineering Fall 2022 27

 Exercises
1. What kind of function/relation is Abs?
Abs : Z x N = { (x, y) : Z x N | (x < 0 and y = -x) or (x #"0 and y = x) }

2. How about Squares?

Squares : Z x N = { (x, y) : Z x N | y = x⋅x }

3. How about Rel?

Rel : Z x N = { (x, y) : Z x N | y = 2⋅x if x >= 0,
y = 2⋅(-x) - 1 if x < 0 }

CS:5810 -- Formal Methods in Software Engineering Fall 2022 28

 Special Cases

Relations

Partial Functions

Surjective
Total
Bijective

Injective

CS:5810 -- Formal Methods in Software Engineering Fall 2022 29

 Functions as Sets
Functions are relations and hence sets

We can apply to them all the usual operators

– ClassGrades = { (Todd, A), (Jane, B) }

– #(ClassGrades $ { (Matt, C) }) = 3

CS:5810 -- Formal Methods in Software Engineering Fall 2022 30

 Exercises
1. In the following if an operator fails to preserve a property give
an example
2. What operators preserve function-ness?
%& ' ?
(& $"?
c) \ ?
3. What operators preserve surjectivity?
4. What operators preserve injectivity?
CS:5810 -- Formal Methods in Software Engineering Fall 2022 31
 Relation Composition
Use two relations to produce a new one
– map domain of first to image of second
– Given s: A x B and r: B x C then s ; r : A x C

s ; r ≡ { (a,c) | ∃b s.t. (a,b) ∈ s and (b,c) ∈ r }

Example:
Not limited to
– s = { (red,1), (blue,2) } binary relations
– r = { (1,2), (2,4), (3,6) }
– s ; r = { (red,2), (blue,4) }
CS:5810 -- Formal Methods in Software Engineering Fall 2022 32
 Relation Transitive Closure
Intuitively, the transitive closure r+ of a binary relation r: S x S is the
result of adding a direct link (a,b) to r for every a and b where b is
reachable from a along r :
r+ ≡ r ! (r ; r) ! (r ; r ; r) ! …
Formally, r+ ≡ smallest transitive relation containing r

Example:
– GrandParent = Parent ; Parent
– GrandGrandParent = Parent ; GrandParent
– Ancestor = Parent !"GrandParent !"GrandGrandParent !"#"$"Parent+
CS:5810 -- Formal Methods in Software Engineering Fall 2022 33
 Relation Transpose
Intuitively, the transpose ~r of a relation r: S x T is the relation
obtained by reversing all the pairs in r
~r ≡ { (b,a) | (a,b) ∈ r }

Example:
– ChildOf = ~Parent
– DescendantOf = (~Parent)+

CS:5810 -- Formal Methods in Software Engineering Fall 2022 34

 Exercises
1. What properties, i.e., function-ness, onto-ness, 1-1-ness, are
preserved by these relation operators?
a) composition (;)
b) closure (+)
c) transpose (~)

2. If an operator fails to preserve a property give an example

CS:5810 -- Formal Methods in Software Engineering Fall 2022 35

 Acknowledgements

Some of these slides are adapted from

David Garlan’s slides from Lecture 3 of his course of Software Models entitled
“Sets, Relations, and Functions”
(http://www.cs.cmu.edu/afs/cs/academic/class/15671-f97/www/ )

CS:5810 -- Formal Methods in Software Engineering Fall 2022 36