BCS2213 - Introduction To Z Specification
BCS2213 - Introduction To Z Specification
BCS2213 - Introduction To Z Specification
Z SPECIFICATIONS
Formal Methods
BCS 2213
Semester 1 Session 2016/2017
What is Z
2
5
Elements of Z – Operations on Sets
14
Combining Sets – Set Union
A B
“A union B” is the set of all elements that are in
A, or B, or both.
This is similar to the logical “or” operator.
Combining Sets – Set Intersection
A B
“A intersect B” is the set of all elements that
are in both A and B.
This is similar to the logical “and”
Set Complement
A
“A complement,” or “not A” is the set of all
elements not in A.
The complement operator is similar to the
logical not, and is reflexive, that is,
A A
Set Difference
𝐴\B
The set difference “A minus B” is the set of
elements that are in A, and not in B, so
𝐴\B = 𝐴 ∩ 𝐵
A {1,2,3} B {3,4,5,6}
A B {1,2,3,4,5,6} U = {1, 2, 3, 4, 5, 6}
𝐴 = {4,5,6} B {1,2}
Set comprehension
{x : T | pred(x) • expr(x)}
Example
{x : Z | prime(x) • x ∗ x}
Abbreviation
{x : T | pred(x)} for {x : T | pred(x) • x}
Example
N = {x : Z | x ≥ 0}
Note, in Z
∅ = ∅[T] is typed
Elements of Z – Predicates on Sets
22
Definition. Subset.
A B “A is a subset of B”
We say “A is a subset of B” if x A x B
i.e., all the members of A are also members of
B. The notation for subset is very similar to
the notation for “less than or equal to,” and
means, in terms of the sets, “included in or
equal to.”
Proper Subset Relationship
Definition. Proper Subset.
A B “A is a proper subset of B”
We say “A is a proper subset of B” if all the
members of A are also members of B, but in
addition there exists at least one element c such
that c A but c B
× Cartesian product
The Cartesian product of two sets A and B,
denoted by A × B is the set of all ordered
pairs (a, b) such that a is a member
of A and b is a member of B.
Elements of Z – Arithmetic Operations
26
m+n Addition
m-n Subtraction
m*n Multiplication
m div n Division
m mod n Remainder (modulus)
m≤n Less than or equal
m .. n Number range
min A Minimum of a set of numbers
max A Maximum of a set of numbers
Functions
27
f A B
• •
f • •
a• • • y
b •
•
• •
x
A Graph
B Plot
Like Venn diagrams
28
Domain and Range
29
X Y
4 6 The figure shows that 6
5
6 7 corresponds to both 6 and 7.
Domain Range
If any element in the domain corresponds to
more than one element in the range, the
relation is not a function, Thus, the relation
is not a function.
Definition of a Function
33
One-to-One Functions
34
• • • •
• • •
• • •
• • •
• •
• • • • •
• • •
• •
• •
Not one-to-one Not even a
One-to-one function!
34
Elements of Z – Functions
35
Elements of Z – pairs and binary relations
36
Elements of Z – Logical Operations
37
How to Model a System
Z explicitly describes a system in terms of
mathematical types (set, sequences, relations,
functions) & user defined operations
Z specification includes
• types – mathematical syntax of an object being specified
• invariants - properties of a modeled object
• operations – expressed in terms of pre/post conditions
Z decomposes specifications into manageably sized
module’s, called schemas. Schemas have 3 parts:
A State
A collection of state variables and their values
Operations that can change the state
Static and Dynamic Aspects of Behavior
39
Static aspects
The states that a system can occupy.
The invariant relationships that are maintained as the
system moves from state to state.
Dynamic aspects
The possible operations.
The relationship between their inputs and outputs.
Name of schema
Stated properties
No limit on the number of birthdays recorded
No premature decision about the format of names and
dates
Q: How many birthdays can a person have?
Q: Does everyone have a birthday?
Q: Can two persons share the same birthday?
43
How to Specify Dynamic Aspects?
Define the schema of operation
relationship between inputs (?) and outputs (!) of the
operation
changes of the state that happen.
44
(Delta) And (Xi) Notations
BirthdayBook state change of BirthdayBook
BirthdayBook no state change of BirthdayBook
45
More operations: FindBirthday
Use notation
No state change – we cannot use the prime ‘ symbol
46
More operations: Remind
Use of set comprehension notation
Selection | operation – “Such that”
Q: What is the output of the Remind operation?
47
More Examples: InitBirthdayBook
Describes the initial state of the system
By convention, we use Init as a prefix
48
Proving Properties
E.g., known’ = known {name?}
50