DataRefinementandSchemassheldon/cs580/slides17-2.pdf · S} U singZ 17–4 Retrieverelation...
37
Using Z 17–1 Data Refinement and Schemas Using Z Woodcock & Davies Using Z 17–2 A partial operation Recip = [ r , r : R | r ≠ 0 ∧ r = 1/r ]
Transcript of DataRefinementandSchemassheldon/cs580/slides17-2.pdf · S} U singZ 17–4 Retrieverelation...
Using Z 17–1
Data Refinement and Schemas
Using Z
Woodcock & Davies
Using Z 17–2
A partial operation
Recip =̂ [ r , r ′ : R | r ≠ 0 ∧ r ′ = 1/r ]
Usin
gZ
17–3
Mean
ing
•︷
︸︸︷
{Recip
•θS�θS ′}
{r,r ′
:R⊥|
(r≠0∧
r≠⊥∧
r ′=1/r)∨
r=0∨
r=⊥•
θS�θS ′}
Usin
gZ
17–4
Retriev
erelatio
n
Retrieve
Abstra
ctSta
te
Con
creteSta
te
relation
ship
Usin
gZ
17–5
Forw
ardssim
ulatio
n
r={R•θA�θC}
ao=
{AO•(θ
A,i?)
�(θ
A′,o
!)}co=
{CO•(θ
C,i?)
�(θ
C′,o
!)}
ai=
{AI•
θA′}
ci={CI•θC′}
Usin
gZ
17–6
ci⊆ai
o9r
�∀c:C
•c∈
ci⇒c∈
ai
o9r
[byproperty
of⊆
]
�∀C•θC∈
ci⇒θC∈ai
o9r
[bysch
emacalcu
lus]
�∀C•θC∈
ci⇒∃A•θA∈ai∧
θA�θC∈r [b
yproperty
of
o9 ]
�∀C•θC∈{CI•θC′}⇒
∃A•θA∈{AI•
θA′}∧
θA�θC∈{R•θA�θC} [b
ydefinitio
n]
�∀C•CI⇒
∃A•AI∧
R
[bycompreh
ensio
n]
Usin
gZ
17–7
Rules
forfo
rward
ssim
ulatio
n
F-init
∀C•CI⇒
∃A•AI∧
R′
F-corr
∀A;C;C′•
pre
AO∧
R∧
CO⇒
∃A′•
AO∧
R
∀A;C•
pre
AO∧
R⇒pre
CO
Usin
gZ
17–8
Installatio
n
∀C′|
CI•
(∃A′|
AI•
R′)
Usin
gZ
17–9
Preco
nditio
ns
∀A;C|pre
AO∧R′•
pre
CO
Usin
gZ
17–10
Correctn
ess
∀A;C;C′|pre
AO∧R∧CO•(∃
A′•
R′∧
AO)
Usin
gZ
17–11
Whyrefi
ne?
•Implem
entatio
n:thedesign
isnearer
tothelevel
ofthe
program
minglan
guage;
•Effi
ciency:
thespace/tim
etrad
e-off.
Usin
gZ
17–12
Abuild
ingen
trysy
stem
[Staff]
maxen
try:N
Usin
gZ
17–13
Abstract
system
ASystem
=̂[s:P
Staff|#s≤
maxen
try]
ASystem
Init=̂
[ASystem
′|s ′=
∅]
Usin
gZ
17–14
AEn
terBuild
ing
∆ASystem
p?:Sta
ff
#s<maxen
try
p?∉s
s ′=s∪
{p?}
ALea
veBuild
ing
∆ASystem
p?:Sta
ff
p?∈
s
s ′=s\{p
?}
Usin
gZ
17–15
Concrete
system
CSystem
=̂[l:iseq
Staff|#l≤
maxen
try]
CSystem
Init=̂
[CSystem
′|l ′=
〈〉]
Usin
gZ
17–16
CEn
terBuild
ing
∆CSystem
p?:Sta
ff
#l<
maxen
try
p?∉ran
l
l ′=l
〈p?〉
CLea
veBuild
ing
∆CSystem
p?:Sta
ff
p?∈
ranl
l ′=l�(Sta
ff\{p
?})
Usin
gZ
17–17
Refi
nem
ent
ListRetrieveSet
ASystem
CSystem
s=ran
l
Usin
gZ
17–18
Initialisatio
n
∀CSystem
′|CSystem
Init•
(∃ASystem
′|ASystem
Init•
ListRetrieveSet ′)
Usin
gZ
17–19
Operatio
ns
∀ASystem
;CSystem
|pre
AEn
terBuild
ing∧ListR
etrieveSet ′•pre
CEn
terBuild
ing
∀ASystem
;CSystem
;CSystem
′|pre
AEn
terBuild
ing∧ListR
etrieveSet∧CEn
terBuild
ing•
(∃ASystem
′•ListR
etrieveSet ′∧AEn
terBuild
ing)
Usin
gZ
17–20
∀ASystem
;CSystem
|pre
ALea
veBuild
ing∧
ListRetrieveSet ′•
pre
CLea
veBuild
ing
∀ASystem
;CSystem
;CSystem
′|pre
ALea
veBuild
ing∧
ListRetrieveSet∧
CLea
veBuild
ing•
(∃ASystem
′•ListR
etrieveSet ′∧ALea
veBuild
ing)
Usin
gZ
17–21
Amean
mach
ine
AMem
ory=̂[s:seq
N]
AMem
oryInit=̂
[AMem
ory ′|s ′=
〈〉]
Usin
gZ
17–22
AEn
ter
∆AMem
ory
n?:N
s ′=s〈n?〉
AMea
n
ΞAMem
ory
m!:R
s≠〈〉
m!= ∑
#s
i=1 (s
i)#s
Usin
gZ
17–23
Specifi
cation
Operatio
nPreco
nditio
n
AMem
oryInit
true
AEn
tertru
e
AMea
ns≠〈〉
Usin
gZ
17–24
CMem
ory=̂[sum:N
;size
:N]
InitC
Mem
ory=̂[CMem
ory ′|sum′=
0∧size ′=
0]
Usin
gZ
17–25
CEn
ter
∆CMem
ory
n?:N
sum′=
sum+n?
size ′=size+
1
CMea
n
ΞCMem
ory
m!:R
size≠0
m!=
sum
size
Usin
gZ
17–26
Desig
n
Operatio
nPreco
nditio
n
InitC
Mem
orytru
e
CEn
tertru
e
CMea
nsize
≠0
Usin
gZ
17–27
Retriev
erelatio
n
SumSizeR
etrieve
AMem
ory
CMem
ory
sum=
#s∑i=1 (s
i)
size=#s
Usin
gZ
17–28
Initialisatio
n
∀CMem
ory ′|CMem
oryInit•
(∃AMem
ory ′|AMem
oryInit•
SumSizeR
etrieve ′)
Usin
gZ
17–29
Operatio
ns
∀AMem
ory;CMem
ory|
pre
AEn
ter∧Su
mSizeR
etrieve ′•pre
CEn
ter
∀AMem
ory;CMem
ory;CMem
ory ′|pre
AEn
ter∧Su
mSizeR
etrieve∧CEn
ter•(∃
AMem
ory ′•Su
mSizeR
etrieve ′∧AEn
ter)
∀AMem
ory;CMem
ory|
pre
AMea
n∧
SumSizeR
etrieve ′•pre
CMea
n
∀AMem
ory;CMem
ory;CMem
ory ′|pre
AMea
n∧
SumSizeR
etrieve∧CMea
n•
(∃AMem
ory ′•Su
mSizeR
etrieve ′∧AMea
n)
Usin
gZ
17–30
Abstract
pro
gram
varsum,size
:N•
...pro
cen
ter(val
n?:N);
sum,size
:[tru
e,sum′=
sum+n?∧
size ′=size+
1];
pro
cmea
n(res
m!:R
);m!:[
size≠0,m
!=sum/size
]
Usin
gZ
17–31
Code
PROGRAM
MeanMachine(input,output);
VARn,sum,size:
0..maxint;
m:real;
PROC
Enter(n:
0..maxint);
BEGIN
sum
:=sum
+n;
size
:=
size
+1
END;
PROC
Mean(VAR
m:
real);
BEGIN
m:=sum
/size
END;
Usin
gZ
17–32
BEGIN
sum
:=0;
size
:=
0;
WHILE
NOT
eofDO
BEGIN
read(n);
Enter(n)
END;
Mean(m);
write(m)
END.
Usin
gZ
17–33
Abetter
way
?
Mea
nMach
ine
α,ω
:seqN
α≠〈〉
ω= ⟨∑
#αi=1 (α
i)#α
⟩
Usin
gZ
17–34
Dictio
nary
ADict=̂
[ad:P
Word
]
Usin
gZ
17–35
CDict1
cd1:iseq
Word
∀i,j
:dom
cd1 |
i≤j•(cd
1i)≤
W(cd
1j)
Usin
gZ
17–36
CDict2
cd2:seq(P
Word
)
∀i:dom
cd2 •∀
w:(cd
2i)•
#w=i
Usin
gZ
17–37
Word
trees
Word
Tree
::=tree〈〈Letter�→
1Word
Tree〉〉|
treeNode〈〈Letter�→
Word
Tree〉〉
CDict3 =̂
[cd
3:W
ordTree
]
Usin
gZ
17–38
Exam
ple
tree{a�
tree{n�
tree{d�
treeNode∅
,t�
treeNode∅
}},b�
tree{e�
tree{e�
treeNode∅
}},c�
tree{a�
tree{n�
treeNode∅
,t�
treeNode∅
}}}
Usin
gZ
17–39
Usin
gZ
17–40
Exam
ple
tree{t�
tree{i�tree{n
�treeN
ode{y
�treeN
ode∅
}}}}
Usin
gZ
17–41
Initialisatio
n
∀C′;A′|
CI∧
R′•
AI
Usin
gZ
17–42
Preco
nditio
ns
∀C|(∀
A|R•pre
AO)•
pre
CO
Usin
gZ
17–43
Correctn
ess
∀C|(∀
A|R•pre
AO)•
(∀A′;C′|
CO∧R′•
(∃A•R∧AO))
Usin
gZ
17–44
Rules
forback
ward
ssim
ulatio
n
B-init
∀A;C•CI∧
R⇒
AI
B-corr
∀C•(∀
A|R•pre
AO)⇒
∀A′;C′•
CO∧R′⇒
∃A•R∧
AO
∀C•(∀
A|R•pre
AO)⇒
pre
CO
Usin
gZ
17–45
Phoen
ix
[T]
Booked
::=yes|
no
Phoen
ix
ppool
:PT
bkd
:Booked
Usin
gZ
17–46
Phoen
ixoperatio
ns
PBook
∆Ph
oenix
bkd=
no
ppool
≠∅
bkd
′=yes
ppool ′=
ppool
Usin
gZ
17–47
PArrive
∆Ph
oenix
t!:T
bkd=
yes
ppool
≠∅
bkd
′=no
t!∈ppool
ppool ′=
ppool\{t!}
Usin
gZ
17–48
ApolloTT::=
null|
ticket〈〈T〉〉
Apollo
apool
:PT
tkt:T
T
Usin
gZ
17–49
Apollo
operatio
ns
ABook
∆Apollo
tkt=null
apool
≠∅
tkt ′≠null
ticket ∼tkt ′∈
apool
apool ′=
apool\{ticket ∼
tkt ′}
Usin
gZ
17–50
AArrive
∆Apollo
t!:T
tkt≠null
tkt ′=null
t!=ticket ∼
tkt
apool ′=
apool
Usin
gZ
17–51
Retriev
erelatio
n
ApolloPh
oenixR
etr
Phoen
ix
Apollo
bkd=
no⇒
tkt=null∧
ppool=
apool
bkd=
yes⇒tkt
≠null
∧ppool=
apool∪
{ticket ∼tkt}
Usin
gZ
17–52
Conjectu
res
•ThePhoenixsystem
isdata
refined
bytheApollo
system.
•TheApollo
systemisdata
refined
bythePhoenixsystem
.
Usin
gZ
17–53
pre
AArrive∧
ApolloPh
oenixR
etr∧PA
rrive�∃Apollo ′•
ApolloPh
oenixR
etr ′∧AArrive
t!∈apool∪
{ticket ∼tkt}
�⇒t!=ticket ∼
tkt
Usin
gZ
17–54
Masterm
ind
Oneplayer
chooses
acodeofsix
coloured
pegs,th
eothertries
toguess
whatitis,b
utwhen
isthechoice
made?
Usin
gZ
17–55
Ven
dingmach
ine
YesN
o::=
yes|no
Digits==
0..9
seq3 [X
]=={s:seq
X|#s=
3}
VMSp
ec=̂[busy,ven
d:Y
esNo]
VMSp
ecInit=̂
[VMSp
ec ′|busy ′=
vend′=
no]
Usin
gZ
17–56
Choosin
gadrin
k
Choose
∆VMSp
ec
i?:seq
3Digit
busy=
no
busy ′=
yes
Usin
gZ
17–57
Completin
gatran
saction
Ven
dSp
ec
∆VMSp
ec
o!:Y
esNo
busy ′=
no
o!=
vend
Usin
gZ
17–58
Desig
nVMDesig
n=̂[digits
:0..3
]
VMDesig
nInit=̂
[VMDesig
n ′|digits ′=
0]
Usin
gZ
17–59
FirstPunch
∆VMDesig
n
d?:D
igit
digits=
0
digits ′=
1
NextPu
nch
∆VMDesig
n
d?:D
igit
(0<
digits<3∧
digits ′=
digits+
1)∨(digits=
0∧digits ′=
digits)
Usin
gZ
17–60
Ven
dDesig
n
∆VMDesig
n
o!:Y
esNo
digits ′=
0
Usin
gZ
17–61
Pro
ofopportu
nities
VMSp
ecInitisrefi
ned
byVMDesig
nInit
Choose
isrefi
ned
byFirstPu
nch
ΞVMSp
ecisrefi
ned
byNextPu
nch
Ven
dSp
ecisrefi
ned
byVen
dDesig
n
Usin
gZ
17–62
Diff
erentinputs
andoutp
uts
RetrieveV
M
VMSp
ec
VMDesig
n
busy=
no�
digits=
0
Usin
gZ
17–63
Forw
ardssim
ulatio
n
∀VMSp
ec;VMDesig
n;VMDesig
n ′|pre
Choose∧
RetrieveV
M∧FirstPu
nch•
∃VMSp
ec ′•RetrieveV
M′∧
Choose
busy=no∧
busy=no�
digits=
0∧digits=
0∧digits ′=
1•∃busy ′,ven
d′:Y
esNo•
busy ′=
no�
digits ′=
0∧busy ′=
yes
Usin
gZ
17–64
Notafo
rward
ssim
ulatio
n
∀VMSp
ec;VMDesig
n;VMDesig
n ′|pre
Ven
dSp
ec∧RetrieveV
M∧Ven
dDesig
n•
∃VMSp
ec ′•RetrieveV
M′∧
Ven
dSp
ec
busy=no�
digits=
0∧digits ′=
0•∃busy ′,ven
d′:Y
esNo•
busy ′=
no�
digits ′=
0∧busy ′=
no∧
o!=
vend
Usin
gZ
17–65
Abstract
file
system
AFS=̂[afs:N
ame�→
File]
AFSIn
it=̂[AFS ′|
afs ′=
∅]
Usin
gZ
17–66
Rea
d
ΞAFS
n?:N
ame
f!:File
n?∈
dom
afs
f!=
afsn?
Store
∆AFS
f?:File
n?:N
ame
afs ′=
afs⊕
{n?�
f?}
n?∉dom
afs
Usin
gZ
17–67
Usin
gZ
17–68
Concrete
file
system
CFS
cfs:N
ame�→
seqByte
tfs:N
ame�→
seqByte
dom
cfs∩dom
tfs=∅
CFSIn
it=̂[CFS ′|
cfs ′=tfs ′=
∅]
Usin
gZ
17–69
Start
∆CFS
n?:N
ame
n?∉dom
cfs∪dom
tfs
tfs ′=tfs⊕
{n?�〈〉}
cfs ′=cfs
Usin
gZ
17–70
Next
∆CFS
n?:N
ame
b?:B
yte
n?∈
dom
tfs
tfs ′=tfs⊕
{n?�(tfs
n?)〈b?〉}
cfs ′=cfs
Usin
gZ
17–71
Stop
∆CFS
n?:N
ame
n?∈
dom
tfs
tfs ′={n?} −
tfs
cfs ′=cfs⊕
{n?�
tfsn?}
Usin
gZ
17–72
Retriev
eretrfile:seq
Byte→
File
RetrieveA
CFS
AFS
CFS
afs=
cfso9retr
file
Usin
gZ
17–73
Simulatio
ns
(AFS,A
FSInit,Ξ
AFS,Ξ
AFS,Store,R
ead)
(CFS,C
FSInit,Sta
rt,Next,Stop,R
ead)
(AFS,A
FSInit,Store,Ξ
AFS,Ξ
AFS,R
ead)
(CFS,C
FSInit,Sta
rt,Next,Stop,R
ead)
Usin
gZ
17–74
Summary
•operatio
nsas
relations
•retrieve
relations
•forward
ssim
ulatio
n
•back
ward
ssim
ulatio
n
![o µ } } } } v t r ] l } v d Z u } u Á ] Z d u µ r v v u ... · P U í î X ì u u } o v u Z Ç o ï U ñ r ] r r µ Ç o v Ì } ~ í X ò ñ P U ò X ó u u } o Á } Z u ] Æ µ](https://static.fdocument.org/doc/165x107/5f6c53a57d759449117c4206/o-v-t-r-l-v-d-z-u-u-z-d-u-r-v-v-u-p-u-x-u.jpg)
