450 likes | 516 Views
Algorithm Design. An Algorithmic Notation – guarded command language. Provides a framework for recording refinement of specifications into programs Consist of : Sequence Alternation Iteration Commands are organized into programs by
E N D
An Algorithmic Notation – guarded command language • Provides a framework for recording refinement of specifications into programs • Consist of : • Sequence • Alternation • Iteration • Commands are organized into programs by • Assignment statements of the form x := E where x is a program variable, E an expression • Specifications to be further refined • In-line or by call to other program • Skip and abort
Declarations and commands(1) • The kind of data available to a program in the guarded command language depend on • the target language, • the given sets of the specification being refined • the abstract data types used in the refinement • Example of declarations s : Studentgiven set of specification where : 0..sizetype in target language sarray : array (1..size) of Student array type and given set
Declarations and commands(2) • The kind of command available to a program in the guarded command language depend on • Target language • Abstract types used in refinement • Example of commands where := 0 assignment statement sarray(1) := sassignment statement to an array element search specification of an operation to be refined
Sequence control structure • A sequence of commands may be presented in: • Horizontal format x := x + 1; y := y – 1 • Vertical format x := x + 1; y := y – 1 • For sequence control structure below Semicolon acts as separator A1 A1; A2 In guarded command language A2
Alternation control structure(1) • Each command is prefaced by a boolean expression called a guard; corresponds to boolean expression of target language • A command is executed only if its guard is true • Bounded by the sign if and fi • The sign□ is the guard command separator • The guard arrow → separates the guard and command • Example if x ≤ y → z := x □ x ≥ y → z := yfi
Alternation control structure(2) • Example when there are several guarded commands x, y, s : ℤ if x < y → s := -1 □ x = y → s := 0 □x > y → s := 1 fi
Alternation control structure(3) • In general for if-then • If-then-else T B if B A ¬B skip fi F A F T B if B A1 ¬B A2 fi A2 A1
Iteration control structure (1) • Each command has a guard • A command will be executed only if the guard is true • Bounded by the signsdo andod • Example do z < x z > y → z : z + 1 od
Iteration control structure (2) • In general Initialized do-while A1 A A2 T B F T B F do B → A od A1; do B → A2 od
Method of recording(1) • At stage of recording an algorithm refinement, record only one step of refinement • The sign ⊑ to represent ‘is refined by’ A A1 A ⊑ A1; A2 A2
Method of recording(2) B1 A1 A1 ⊑ if B1 A11 ¬B1 A2 fi A2 A11 A12 A2 ⊑ A21; do B2 A22 od A21 A22 B2
Program states and assignment: Program spaces and program states (1) • Program spaces • A collection of program variables • Example: For the following declaration sarray : array(1..size) of Student; s : Student; r : Response; ectr, tctr : 0..size • Establish a program space by the following schema
Program states and assignment: Program spaces and program states (2) EnrolSpace sarray : 1..size → Student; s : Student; r : Response; ectr, tctr : 0..size • This type schema will be referred to in recording the design of a program.
Program states and assignment: Program spaces and program states (3) • However EnrolSpacedoes not establish how input and output of the schema DEnrol to be represented as program variables • Can introduce such variable, e.g., Identify_s_and_r s?, s, s’ : Student r!, r, r’ : Response s? = s r! = r’
Program spaces and program states (4) • To make the schema suitable for algorithm refinement of DEnrol, need to combine it with DEnrol and hide the input and output variables DEnrolProg ≙(DEnrol Identify_s_and_r) \ (s?,r!) DEnrolokProg ≙(DEnrolok Identify_s_and_r) \ (s?,r!) DNoRoomProg ≙(DNoRoom Identify_s_and_r) \ (s?,r!) DAlreadyEnrolledProg ≙ (DAlreadyEnrolled Identify_s_and_r) \ (s?,r!)
Program states and assignment: Using the assignment statement (1) • Use to refine specification in which just one variable in the program state is to change • Suppose the program space is defined by PSpace ≙ [x, y, z: 0..maxnat] the effect of the assignment x := y + z Assign_1 PSpace x’ = y + z y’ = y z’ = z
Program states and assignment: Using the assignment statement (2) • In general if the program state is given by schema GenPSpace x : T Others where x does not occur in Others and E is an expression of type T in the value of x and the components of Others, then effect of x := E is Assign_2 GenPSpace Others x’ = E
Using the alternation control structure • Suppose S is a specification on a program space, and A1 and A2 are operations on the same space. Suppose B1 and B2 are boolean expressions defined on the variables in the space, and are computable in the target language, we shall say that S ⊑if B1 → A1 □B2 → A2 fi
Example of refinement by alternation(1) • Consider the following specification of a program to find the positive difference of two numbers. PSpace has been defined previously PossDiff PSpace z’ = x – y z’ = y – x x’ = x y’ = y The following program as a refinement if x ≥ y→ z := x - y □y ≥ x → z := y - x fi
Example of refinement by alternation(2) • To verify we replace the two assignments by their descriptions Assign_xmy PSpace x ≥ y z’ = x – y x’ = x y’ = y
Example of refinement by alternation(3) • To verify we replace the two assignments by their descriptions Assign_ymx PSpace y ≥ x z’ = y – x x’ = x y’ = y
Example of refinement by alternation(4) • Now we have PosDiff ⊑ if x ≥ y → Assign_xmy □ y ≥ x → Assign_ymx fi
Refining a disjunction with an alternation A1 A2 ⊑ if pre A1 → A1 □ pre A2 → A2 fi • Refining a disjunction to an if-then-else A1 A2 ⊑ if pre A1 → A1 □ ¬(pre A1) → A2 fi
Refinement of the enrol operation(1) DEnoughRoom ≙ DEnrolokProg DAlreadyEnrolledProg Refine DEnrolProg as DEnrolProg ⊑ if ectr = size → | DNoRoomProg □ ectr < size → | DEnoughRoom fi
Refinement of the enrol operation(2) • Refinement of DNoRoomProg DNoRoomProg ⊑r := noroom • Refinement DEnoughRoom will be dealt later
Sequence Control Structure: using the structure • If a sequence of two specification (A1;A2) is offered as a refinement of a third S, we shall record this by writing S ⊑ A1; A2
Example of refinement by sequence • Consider the following program state XState ≙ [x: 0..maxnat] and the following specification UpTwo ≙ [ XState | x’ = x + 2] with x + 2 ≤ maxnat as its precondition; refined by the following sequence x := x + 1; x := x + 1
Sequence Control Structure • Replacing commands in a sequence S ⊑ A1;A2 and A2 ⊑ A3 then we can have S ⊑ A1;A3 • Operations on partitioned states suppose that PartState ≙ PartA PartB and PartA and PartB have no declarations in common, and OpA is an operation on PartA and OpB is an operation on PartB the operation OpA OpB on the whole of PartState can be refined by amended operation as follows: OpAx≙ [PartState; PartB; OpA] OpBx ≙ [PartState; PartA; OpB]
Further refinement of the enrol operation • We propose a refinement of DEnoughRoom as follows: DEnoughRoom ⊑ where: 0..(size + 1) DEnoughRoomX The extension of DEnoughRoom is defined as DEnoughRoomX where, where’: 0..(size + 1) DEnoughRoom
Further refinement of the enrol operation • Now we propose that: DEnoughRoomX ⊑ Search; Decide • Search and Decide are to be specified. Search will set the variable where to index an occurrence of s in the active part of the array, if there is one, and to ectr + 1 if there isn’t
Further refinement of the enrol operation • The following specification is recorded for Search SearchState DClass where: 0..(size + 1) s: Student r: Response
Further refinement of the enrol operation • The following specification is recorded for Search Search SearchState DClass (( i: 1..ectr (sarray i) ≠ s where’ = ectr + 1) ((sarray where’) = s where’ 1..ectr )) s’ = s
Further refinement of the enrol operation • For Decide we can supply this definition: Decide SearchState DEnoughRoom where ≤ ectr (i: 1..ectr (sarray i) = s)
Further refinement of the enrol operation • The refinement of Decide by an alternation is Decide ⊑
Iteration control structure • Example of refinement by initialized do-while • E.g., to sum up the elements of an array of integers. The following axiomatic description for the sum of a sequence of integer sumseq: seq ℤ → ℤ (si: seqℤ (( si = <> sumseq si = 0) (si ≠ <> sumseq si = (head si) + sumseq (tail si))))
Iteration control structure • Introduce the program space that includes the array to be summed and the variable to hold answer. The variable n is a constant greater than 0, the size of array SumSpace intarr: 1..n →ℤ s:ℤ
Iteration control structure • Now specify the program Addup SumSpace intarr’ = intarr s’ = sumseq intarr
Iteration control structure • Another way: we refine Addup to include counter ctr Addup ⊑ ctr: 0..n AddupExt • The definition of AddupExt AddupExt ≙[Addup; ctr, ctr’ : 0..n]
Iteration control structure • The invariant is in the following schema Addup_invar SumSpace ctr, ctr’ : 0..n s’ = sumseq((1..ctr’) ⊳ intarr’) ctr’ ≤ n intarr’ = intarr
Iteration control structure • The initialization program Addup_init SumSpace ctr, ctr’ : 0..n intarr’ = intarr s’ = 0 ctr’ = 0 Sum ⊑ Addup_init; do ctr ≠ n → | Addup_body od
Iteration control structure • The body of while Addup_body SumSpace ctr, ctr’ : 0..n ctr < n s = sumseq((1..ctr) ⊳ intarr) s’ = sumseq((1..ctr’) ⊳ intarr’) ctr’ ≤ n intarr’ = intarr ctr’ = ctr + 1
Iteration control structure • The body of while can be simplified as Addup_body SumSpace ctr, ctr’ : 0..n ctr < n s’ = s + intarr(ctr’) intarr’ = intarr ctr’ = ctr + 1
Iteration control structure • Can be implemented by the following program Addup_body ⊑ ctr := ctr + 1; s := s + intarr(ctr)