Beruflich Dokumente
Kultur Dokumente
Course administration
Why FMSE ?
Course Objectives
Problems in software development
Formal Methods
Formal Logic
Etc.
1
Formal Methods in
Software
Engineering
Software Importance
Why ? What ? How ?
Engineering? of Software?
2
The course is about learning to develop abstract Models of complex
systems, either in software or the real-world
3
Systems are increasingly dependent on software components e.g.
microwave oven, washing machine, cars etc. increased complexity
because of embedded software
4
History of software bugs
Softwares encountered notorious bugs that were the cause of financial
lose and deaths of many people.
5
ii. Ariane 501
On 4 June 1996, the Ariane 501 satellite launch failed terribly 40
seconds after initiation of the flight sequence, incurring a direct cost of
approximately $370 million
Reading: The ARIANE 5 Software Failure, Mark Dowson, Software
Engineering Notes vol 22 no 2, pp 84
6
iv. Pentium bug
Software error in microcode of Pentium microprocessor, which
resulted in error of floating point calculations problems.
Intel had to take back all the Pentiums, and it caused huge loss of
dollars.
Etc….
7
Beyond the financial impact, the media emphasized the loss of
confidence shown by users that had a much broader and dramatic effect
to the company
i. Software Development ?
ii. Problems in software development ?
iii. Tackle with problems ?
8
Process of computer programming, documenting, testing, and bug
fixing a software product.
Examples:
Waterfall Model
Iterative Model
Spiral Model
Prototyping Models
etc.
9
Specification Program
Construct
S P
What to do How to do it
How to ensure that S is not ambiguous so that it can be correctly
understood by all the people involved?
How can S be effectively used for inspecting and testing P?
How can software tools effectively support the analysis of S,
transformation from S to P, and verification of P against S?
10
Testing
Is a technique for detecting errors or problems in implemented software,
hardware, or non-computer systems e.g white box, black box testing etc.
Output fulfill
Set of finite inputs System specifications ?
Verification
checking the software with respect to the specification developing
product right
Validation
checking the software with respect to the user requirements developing
right product
11
Requirements
analysis
Validation
Formal
Specification
Verification
Design
Verification
Coding
Testing
12
Bug-free software: A Myth?
"Testing can show the presence of errors, but not their absence."
Edsger Dijkstra
With thousands of examples, theorem cannot be proven correct.
13
Test case is only an example/scenario
One scenario may works
All scenarios may not work
14
Black-box Testing?
Test two equal Strings .
isEqual (“Cat”, Dog”) – Expected output: False
isEqual (“Testing”, Testing”) – Expected output: True
isEqual (“House”, Home”) – Expected output: False
Many number of possibilities
15
15
Example Function
Programming Exp:.
bool equal = strlen(String1)== strlen(String2);
If (equal)
for ( i =0; i<strlen(String1); i++)
equal = String1[i] = = String2 [i];
return equal;
17
18
1. Statement coverage
2. Branch coverage
3. Path Coverage
19
20
N=20
1 Million possible paths
Can we test then all paths for all values of N?
Can we take this type of chances with critical software?
Flying a plane, reactors and so on.
System failure can be more expensive than the system itself. .
. Human lives and resources.. .
FM can find errors with far fewer test cases than testing (white box, black
box etc.)
21
In computer science and software engineering, formal methods are
techniques and tools based on mathematics and formal logic used for the
specification, development and verification of software and hardware
systems.
Formal methods for software also referred to as Software Reliability
Methods
Characteristics:
Correctness
Consistency
Completeness
22
• Multiple definitions:
The study of reasoning : specifically concerned with whether
something is correct or false.
Formal logic focuses on the relationship between statements as
opposed to the content of any particular statement.
23
Example 1: Imagine some one is a mechanic and he know that
either the fuel filter is clogged or the fuel pump is defective. But
he just replaced the fuel filter. So he know the problem must be
with the fuel pump.
24
Methods to ensure that software is
Correct
Reliable
25
It is very important to note that formal verification:
does not prevent the need for testing and other assertion techniques.
cannot fix bad assumptions in the design,
can help identify errors in reasoning
26
Can be expensive
Only used fully on safety-critical system components
27
Build models of our system
Use Mathematical techniques such as predicate calculus, propositional
calculus etc.
We analyse the correctness of these models using mathematical
techniques
28
Rules:
Out balls In ball
(2 black out, 1 black in) b-2+1, w = b-1, w
f(b , w) = (2 white out, 1 black in) b+1, w-2
(1 of each out, 1 white in) b-1, w-1+1 = b-1, w
I. Function f(b , w) ?
II. Will the game end or not?
III. If given w white and b black ball, can you determine the color of
last ball?
29
1. Total Even number of white balls , last ball color ? 1 ball game
end
2. Total Odd number of white balls, last ball color ?
2 ball game
Hypothesis : last ball color depends on parity 3 possible combinations
of white balls:
1. Even white balls Black ball left at the end
2. Odd white balls White ball left
3 ball game
30
f(b,w)=
(2 black out, 1 black in) b-2+1, w = b-1, w or (w-0)
We reduce the number of black balls by 1 and we maintain
the number of white balls.
31
Total number of balls removed in each move is 1.
Yes we will say the parity of white balls determine the outcome of
the game.
32
Problems in software development
Testing vs Formal Methods
Specification
Limitations of FM
Dijkstra’s game
33
34