Sample Models
Part II of:
Verification of LePUS3/Class-Z Specifications: Sample models and Abstract Semantics for Java 1.4
Technical Report CSM-471, ISSN 1744-8050
Jonathan Nicholson,
Amnon H Eden,
Epameinondas Gasparis
Department of Computer Science, University of Essex, United Kingdom
31 December 2007
See also: Part I, Verification of LePUS3/Class-Z Specifications
Abstract
This documents demonstrates how Class-Z specifications are verified
using case studies. The class of design models which satisfy each
sample specification is demonstrated via one or more such design models, possibly also using
one or more counter examples. As there is a far greater set of
design models that do not satisfy a given specification, this document is limited to a selection of design models where verification succeeds
(or fails, as specified for each).
Throughout this document we assume that entity
is the interpretation of the constant
, that is:
Terms
See the LePUS3 and Class-Z reference manuals section on
Terms
[
Eden et al. 2007] for more information.
Signature
For simplicity the () characters are omitted from both methods and signatures (in both the schemas and
design models) when there are no arguments present.
See Definition V [Eden et al. 2007].
| Schema |
|
Design models |
|
|
Satisfied by
|
|
Ground formulas
Method Relation Symbol
See
Definition IX (Superimpositions) [
Eden et al. 2007]
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
Satisfied by
|
|
|
Not satisfied by
|
Counter example
A close inspection of This case reveals that the method
is overridden by a non-inheritable method . This is a case
of method hiding. In Java this is impossible as the visibility of a method cannot be reduced.
|
Abstract Relation Symbol
| Schema |
|
Design models |
|
|
Satisfied by
|
|
Inherit Relation Symbol
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
Satisfied by
|
|
Member Relation Symbol
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
Satisfied by
|
this is an example for subtyping in LePUS3: the formula
is satisfied here by class
which inherits (is a subclass of)
|
|
Satisfied by
|
As , see
Example 8 : A and Example 8 : B.
|
Aggregate Relation Symbol
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
Satisfied by
|
this is an example for subtyping in LePUS3: the formula
is satisfied here by class
which inherits (is a subclass of)
|
Call Relation Symbol
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
Satisfied by
|
As , see
Example 11 : A.
|
| Schema |
|
Design models |
|
|
Satisfied by
|
|
Forward Relation Symbol
| Schema |
|
Design models |
|
|
Satisfied by
|
|
Produce Relation Symbol
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
Satisfied by
|
|
Predicate formulas
All Predicate Symbol
See
Definition XVII [
Eden et al. 2007].
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
Not satisfied by
|
Counter example
One of the entities in is not abstract
|
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
Satisfied by
|
|
|
Not satisfied by
|
Counter example
, or its superclass, does not define a method with signature
|
Total Predicate Symbol
See
Definition XVIII [
Eden et al. 2007].
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
Not satisfied by
|
Counter example
There is no tuple in the required relation between one of the members of the domain and a member of the range.
|
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
Satisfied by
|
|
|
Satisfied by
|
Every class in defines a method with the correct signature, which are all abstract
mathematically satisfying the given relation.
|
Isomorphic Predicate Symbol
See
Definition XIX [
Eden et al. 2007].
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
|
|
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
Satisfied by
|
|
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
Satisfied by
|
|
|
Not satisfied by
|
Counter example
There exists a method in the range that is not called by a member of the domain, and visa versa. This violates the definition of the
predicate.
|
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
Satisfied by
|
|
|
Satisfied by
|
|
| Schema |
|
Design models |
|
|
Satisfied by
|
|
|
Satisfied by
|
|
References
- Amnon H. Eden, Jonathan Nicholson, Epameinondas Gasparis.
“The LePUS3 and Class-Z Reference manual.”
Technical report CSM-474, ISSN 1744-8050 (2007), Department of Computer Science, University of
Essex. [.pdf]
- Jonathan Nicholson, Amnon H Eden, Epameinondas Gasparis. "Verification of LePUS3/Class-Z
Specifications: Sample models and Abstract Semantics for Java 1.4 (Part
I; Part II)." Department of
Computer Science, University of Essex, Tech. Rep. CSM-471, ISSN 1744-8050
(2007). [.pdf]