"Software Engineering--theory, Method and practice"--a summary of the fifth chapter of formal method in software project

The 5th chapter of the formal method in software engineering

in a broad sense, formal methods (formal method) are used to solve the problems in the field of software engineering, including the establishment of accurate mathematical models and the analysis activities of models. In the narrow sense, the formal method is to use formal language, formal specification description, model inference and verification method. The use of formal methods in software engineering practice, as long as the purpose is to ensure the correctness of the software.

The formal transformation strategy in the software life cycle: Common transformation strategy, direct conversion strategy and semi-formal representation of the intermediate transformation strategy.

The modeling process involves three system models: the real world, the model representation and the computer system.

The tasks in the development process include: Model acquisition, model validation, model transformation. The tasks correspond to three activities: formal specification, formal proof and verification, and procedural refinement.

I. Basic concepts of formal methods

Software specifications are descriptions of software system objects, how objects are manipulated, and the behavior of objects.

When the specification is described by non-formal method, it can be called "specification", when the specification is described by formal method, it can be called "formal specification".

From the formal specification to the achievable and executable angle of the target software system, the formalized method can be divided into operation class and description class. The Operation class method is based on state and transfer, and the model can be used to describe the system through the executable model, which is verified by static analysis and model execution, including the risk state machine, statecharts, Petri nets, etc. The description class method is based on the mathematical kilometer and the concept, the state space of the system is given by logic or algebra, and it is highly abstract, which is easy to verify by automatic tool. The methods of describing classes are further divided into: algebra-based methods such as Z, VDM, larch, etc., logic-based methods such as order linear temporal logic (FOLTL), Computational tree (CTL) logic, and so on.

Formal proof and verification techniques mainly include model detection and theorem proving.

The program refinement is the combination of automatic inference and formal method, and the whole process of the concrete computer-oriented program code is pushed from the abstract formal specification.

The basic idea of program refinement is to replace an abstract and procedural weak program with a low level of abstraction and process, and maintain the consistency of function between them.

Second, temporal logic

Kripke structure ternary group m= (W,R,L) is called a model of modal logic, or a Kripke structure (model).

First order linear temporal logic (FOLTL) is an extension of the first order predicate logic. Similar to PLTL,FOLTL is the addition of modal words to the first-order predicate logic: Inevitable, probable, next-time, until.

Computational tree logic (CTL) is a discrete, branch time, propositional temporal logic.

In the CTL, out of the temporal operator is inevitable, possibly, the next moment, until outside, also added the path quantifier : All Future Path (a), at least one path (E).

Third, model detection

Four, Z language

The Z language establishes a state-based model for the system. The three main components of a model are input, output, and state. The language formal specification consists of two parts: Mathematical language description and natural language annotation.

Data abstraction and process abstraction are two kinds of important abstractions in the process of software specification description.

A collection is an entity that consists of elements that have the same attributes.

Power Set A is a collection, then a collection of all the subsets of a is called the power set of set a, which is the PA. By using a primitive type and a power set constructor, a new type is generated, called the power set type of the base type.

Far combined Cartesian product.

The set of relationships and functions of a sequence of pairs is called a two-tuple relationship. For collections x and Y, use X↔y to represent a collection of all relationships of X to Y, that is, x↔y==ρ (XXY), and X is the source set of the relationship R, and Y is the target set of the relationship R.

queues and package queues are a set of ordered objects that are described. A package is a collection of descriptive data objects.

In the z language, the free type is used to recursively define a new type.

The pattern is the basic description unit of the Z language.

Five, Petri Nets

Network structure simulation Communication system This system model is named after Petri nets, and Petri nets refer to the theory developed on the basis of this model.

Any system can be abstracted into two types of elements: States and events.

Petri nets have rich structure description ability, such as sequential relation, concurrency relation, conflict relation and confusion relation.

"Software Engineering--theory, Method and practice"--a summary of the fifth chapter of formal method in software project