Lecture 2: Introduction to Formal Specification

Formal Methods of S/W Development

Dr. Saif U. R. Malik

Assistant Professor
Formal Methods (of SW Dev.)
 Formal Methods
Rigorous mathematically-based techniques and tools for
the specification, development, and verification of software
and hardware systems.

 Software Development
The process by which user needs are translated into a
software product. This involves translating user needs
into software requirements, transforming the software
requirements into design, implementing the design in
code, and testing the code1. (5/5 points)
2
1. IEEE Std 610.12-1990, IEEE Standard Glossary of Software Engineering Terminology
Seven Myths by Hall 1

1. FMs can guarantee software is perfect

2. FMs are all about program proving
3. FMs are only useful for safety-critical systems
4. FMs require highly trained mathematicians
5. FMs increase the cost of development
6. FMs are unacceptable to users
7. FMs are not used on real, large scale software

Follow up: Seven More Myths... (Bowen & Hinchey ‘95)

3
1. Anthony Hall ‘90, Seven Myths of Formal Methods
Development Process
Key Activities
 Requirements Analysis
 Design
 Implementation
 Validation & Verification

Process Models
 Waterfall, V-Model, Spiral Model, Incremental
Development, USDP

4
What is a Specification?
 Intermediate product of software development process

Two Types of Specifications

Differences?

Specification impacts Design and Implementation

5
Also viewed as a…
 Basis for Ensuring Correctness
 Correctness defined as product satisfies its specification
 Established by V&V, i.e., impacts testing and verification

 Contractual Agreement
 Client signs off on the SRS

 Means of Communicating Ideas

 Provides a high-level description or big picture
 Acts as a reference point for different stakeholders
6
Desirable Features (Content)
The contents of a specification should be:

 Correct – accurately represents the needs of the user

 Consistent – contains and derives no contradictions

 Complete – covers all possible scenarios and error cases

 Unambiguous (Precise) – provides exact descriptions that

have exactly one meaning, neither more nor less.

 Verifiable – allows specification to be checked to determine

whether or not it satisfies (meets) predefined criteria
7
Desirable Features (Content)
Describes software systems and therefore…
 Structural – captures hierarchical and user relationships
 Behavioral – addresses required functionality and non-
functional aspects such as fault tolerance, safety, security

What about the specification language itself?

What are desirable characteristics of a language?
What is the most important characteristic?
8
Desirable Features (Language)
 Understandability – purpose of a language is to facilitate
communication. For software must handle complexity.

Features that make a language (more) understandable?

 Graphical – visual notations such as diagrams
 Hierarchical – different levels of abstraction
 Composable – divide and conquer

 Expressive – powerful and meaningful descriptions

 Analyzable – amenable(responsive) to machine

manipulation 9
Specification Languages
 Specification languages (like all languages) have a syntax
and semantics

 Syntax provides a set of symbols and a set of grammatical

rules for combining those symbols into sentences; while
semantics ascribe meaning to them.

 A specification language may be classified according to its:

 Foundation – basis upon which it was created
 Applicability – expressiveness for different system types
 Style – format of notation or representations used.
10
Classifications
1. Foundation
 Informal – Natural Language
 Formal – Z, Petri Nets, Temporal Logic
 Semi-Formal – UML Diagrams

2. Applicability
 Sequential – one thread of control
 Concurrent – multiple threads of control
 Real-Time – time critical
 Hybrid – discrete and continuous
11
Classifications (cont’d)
3. Style
 Model-Oriented – explicitly defines states and state
sequences; concrete and useful for implementation

 Property-Oriented – assertions on state sequences

without explicitly writing them out; more abstract

What styles are these:

Z, Finite State Machines, CTL, Petri Nets, LTL

12
Formal Specification
 Formal specification is the use of mathematical notation
to precisely describe what properties a system should have,
without describing how to do it

 A formal specification may define a system as an abstract

data type.

 A formal specification should avoid implementation bias.

13
Formal Spec. Languages
 A Formal Specification Language (FSL) provides the sound
mathematical basis for a formal method.

 Definition: An FSL is a triple < 𝑆𝑦𝑛, 𝑆𝑒𝑚, 𝑆𝑎𝑡 > where,

𝑆𝑦𝑛 and 𝑆𝑒𝑚 are sets and

𝑆𝑎𝑡 ⊆ 𝑆𝑦𝑛 × 𝑆𝑒𝑚 is a relation between them.

 Syn is the syntactic domain of the language

Sem is the semantic domain and
Sat is its satisfies relation.

14
Jeannette M. Wing ‘90, A Specifier’s Introduction to Formal Methods
Formal Spec. Languages (cont’d)
 FSLs provide a notation (syntactic domain), a universe of
objects (semantic domain), and a precise rule defining
which objects satisfy each specification.

 A specification is a sentence written in terms of the syntax,

and an object satisfying a specification is a specificand.

15
Examples of FSLs
 Z (pronounced “Zed”) is based on set theory and first-order
predicate logic. Can be used in both model-oriented and
property-oriented styles. Applies to sequential systems.

 Petri Nets are graphical notations for distributed systems.

They follow a model-oriented style, and have operational
semantics (executable). Applicable to concurrent systems.

 Temporal Logic is used to describe and reason about

propositions qualified over time. It is property-oriented,
and highly abstract. Applicable to concurrent systems.

 Others: VDM, Larch, Concurrent Sequential Processes

16
In this segment of the course…
 Z – Under a Model-Oriented Style
 Low-Level Petri Nets – Place Transition Nets
 Computational Tree Logic* – Includes LTL and CTL

Reading Assignment:
 J. Wing – A Specifier’s Introduction to Formal Methods

17