1 / 20

Teaching Formal Methods for the Unconquered Territory

Teaching Formal Methods for the Unconquered Territory. Nestor Catano Madeira ITI , Portugal Camilo Rueda Pontificia Universidad Javeriana ( PUJ ) , Cali , Colombia. Engineering in Computer Science at PUJ. 5 years program 2 years’ common trunk in mathematics and physics

carys
Download Presentation

Teaching Formal Methods for the Unconquered Territory

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Teaching Formal Methods for the Unconquered Territory Nestor Catano Madeira ITI, Portugal CamiloRueda Pontificia Universidad Javeriana (PUJ), Cali, Colombia

  2. Engineering in Computer Science at PUJ • 5 years program • 2 years’ common trunk in mathematics and physics • 3 years’ program in computer Science • 2 courses in discrete mathematics and logic • ACM/IEEE undergraduate computer science curriculum • 2 courses in Software Engineering

  3. Formal Methods Courses • Local companies consider the ability to reason about software design as a key competence in young professionals • The economic development plan of Cali pointed out at software production as a key strategy, and increasing software quality as the most pressing need in this realm

  4. PUJ and Software Companies • Students are encouraged to initiate software start-ups at ParqueSoftthrough an entrepreneurship joint educational program • Students substitute their engineering degree final work with a technical report on their proposed software venture • About half of ParqueSoftcompanies have achieved standard quality assurance certifications

  5. The Courses • Program Specification and Verification Course • JML (Java Modeling Language) • The Design-by-Contract • Formal Program Development • Refinement calculus theory in B • The “parachute strategy” for Software development

  6. Our Goals • To help students to build skills on formal methods • To master formal tools they might use in their future IT software engineering jobs • “unconquered territory” • Software companies

  7. Program Specification and Verification • Program Correctness and WP Calculus • Design-by-Contract • JML (Java Modeling Language) • Software Verification Examples • Smart Card Applications • Bank Applications • Social Network apps

  8. JML-based Software Development • Three steps specification approach • informal specification, semi-formal, formal in JML • Checking JML Specifications • JML Common Tools, ESC/Java 2 • Evolving code + Specifications

  9. Health Card • There must not exist duplicated entries for allergies with the same designation code

  10. Health Card • If a new allergy is to be added to the list of referenced allergies, and the allergy designation has already been referenced, then the new allergy is not inserted

  11. Health Card /*@ normal_behavior @ requires existsAllergy(designation); @ assignable as, size; @ ensures as.equals(\old(as)); @ also @ normal_behavior @ requires !existsAllergy(designation); @ assignable \nothing; @ ensures as.equals(\old(as).insert(designation)); @*/ public abstract void addAllergy ( byte[] designation, byte[] date) throws RemoteException, UserException;

  12. Health Card: Invariants • All allergy designation codes must have a stipulated length

  13. Health Card: Invariants • invariant size(des) == CODE_LENGTH

  14. Health Card: Invariants • //@ invariant des.size == CODE_LENGTH;

  15. Formal Program Development • Role of Predicate+ relationalcalculus in software specifications • The Event Bmethod • The Refinementmodel • Modeling examples • Physical systems: MIO • Program development: patterns • Software structuring: invoice system

  16. Formal Program Development • Building a hierarchyof event Bmachines • AbstractEvent B machine • Properties and invariants: pre-condition • A single event: post-condition • Refinedmachines • Proposed invariant determines new variables • Proof obligations determine new progressevents • Post-condition ensured by finalevents

  17. Go-Home Message • We should guide students in the process of discovering the close embracing relation between software models and mathematical formalisms

  18. Go-Home Message • The JML course allows students to have a first contact with formal specification of programs, and program correctness • Students enjoy evolving program and JML specifications

  19. Go-Home Message • We endeavor to develop in students a point of complementarity of formal methods with respect to standard software engineering • We are careful not to present formal methods as “better” methodologies that should replace other strategies in all situations • We do stress what can be gained by formal thinking in better requirements specification, even for traditional methodologies

  20. Go-Home Message • In the event B method we stress the fact that abstract and refined models serve different purposes, for different types of “users” • We give a complementary view of tools, Rodin and ProB, and show their interplay in development • Through many examples we endeavor to present formal proofs as aids to program development, rather than requirements of a methodology

More Related