School of Computing

CP SC 872:  Software Specification and Design

Fall 2009

 

Instructor:                Murali Sitaraman

Contact Information: McAdams 210; Phone: 656-6738; E-mail: murali@cs.clemson.edu.

Web page:                Listed under www.cs.clemson.edu/~murali

   Lecture Hours:         TTh 3:30PM; Daniel 308

Office Hours:           TTh: 10:00AM –11:00 AM; W: 11:00AM – 12:00 noon;

                                 other hours by appointment.

   Prerequisites:            Graduate standing in Computer Science or instructor permission

 

Homework Assignment #7 (due December 1)

 

1.      What are the software engineering benefits of defining a data abstraction for searching?

2.      Consider the specification of Basic_Depository_Template and answer the following questions.   

1. Rewrite the specification of initialization ensures clause without using the definitions In_Use and Inventory_Ct.
2. Explain the need for the requires clauses of Add_Entry operation.
3. Explain the purpose of Get_an_inUse_Id operation with an example.

3.      Rewrite the specification of projection search operation on lists so that it updates the list and moves the position to be just in front of the projection that is searched if it is found and leaves it at the end if not found.

4.      Develop a Linear_Search_Realiz implementation (parameterized by an operation to compare two Ids) for an “unbounded” Basic_Depository_Template, using Unbounded_One_Way_List enhanced with the projection search capability.  Your answer should include suitable internal assertions.  To solve this problem, first create a record with two fields, one of type Id and another of type Consignment.  Then create a list facility with this record as the Entry type and enhance it.

5.      If Inventory_Ct(D) = n, express the time complexity of each procedure in your implementation.

6.      Create a facility of unbounded Basic_Depository_Template with the record given n the last question of Exam #2 so that it is possible to search using phone numbers.

 

Homework Assignment #6 (due date changed to end of the day on November 6)

 

7.      Complete the specification of Unbounded_One_Way_List_Template.  Your answer should be typed and should include all primary operations discussed in the class.  Why is the Reset operation needed?  Explain the motivation for Swap_Entries_from_Position operation. 

8.      Does a List user need to understand references or pointers in order to use the concept?  Explain.

9.      Write the specification of Retreat operation for a two-way list template.

1.      Why should a component library include both one-way and two-way list concepts?

2.      Develop an implementation of Unbounded_Queue_Template using Unbounded_One_Way_List_Template.  Your answer should include suitable conventions and correspondence assertions.

3.      Write the specification and implementation of a Projection_Search_Capability for One_Way_List_Template that searches a list for a given projection.  This is a variation of the Search_Capability enhancement discussed in the class and will be further discussed in the next class.

 

Homework Assignment #5 (due October 29)

 

4.      Why is the implementation of Stack_Template that uses the “clean array” convention more space efficient?  Explain the need and use of the local Entry variable in the Pop operation.

5.      Write the formal specification of an enhancement that provides “Removing_Pop” operation.  This operation has only a Stack as its parameter.  It discards the popped entry.  Write an implementation of this enhancement.

6.      Refer to the Copying_Capability enhancement of Stack_Template in your notes.  Explain the need for the Copy_Entry operation that needs to be passed as an argument.  Why should the user supply this operation?

7.      Why does Stack_Template not include a Swap_Top operation whereas Queue_Template includes a Swap_Front operation?

8.      Write the formal specification of an enhancement Swap_Last_Capability that provides Swap_Last_Entry operation for Queue_Template.  Write an implementation of this enhancement.

9.      Write a user facility declaration necessary to create a Queue facility enhanced with Swap_Last_Capability.

10.  Draw a UML diagram showing the uses-implements-enhances relationships among the artifacts involved in the previous two questions Circular_Array_Realization of queues.

 

Homework Assignment #4 (due October 20)

 

11.  Explain in your own words the purpose and meaning of internal contract assertions, namely, conventions (representation invariants) and correspondence (abstraction function or relation).

 

12.  In the implementation with annotations given in your hand-out, answer what goes wrong in each of the following cases if nothing else is changed.  Be specific about what assertion will be violated.

1. Initialization code is changed to be S.Top := -1.
2. The convention is changed to be 1 <= S.Top <= Max_Depth + 1;
3. Code for Push is changed so that S.Top is incremented after the entry at the top index is swapped out.

 

13.  Develop your own a generic implementation of a Stack component in C++ or Java.  Consider including a swap operation (slightly more difficult) or copy operation.  Comment your implementation with suitable conventions and correspondence assertions.  Write a driver program that creates and manipulates a Stack of Integers and a Stack of Stack of Integers. 

 

14.  For the following two questions, assume the Stack representation given in your hand-out where the Contents array is indexed from 1 to Max_Depth.  Do not change this representation.

1. Write down conventions and correspondence for a correct implementation in which initialization code sets S.Top to -1. 
2. Write down conventions and correspondence for a correct implementation in which initialization code sets S.Top to Max_Depth. Write the code for all operations to adhere to this convention and correspondence.

 

Homework Assignment #3 (due September 24)

 

15.  Consider the two different mathematical models for a traffic light considered in the class.  Complete the constraints in each case.

1. Type family Traffic_Light is modeled by Z;

                Exemplar T;

                Constraints …

                Initialization ensures T = 1;

2. Type family Traffic_Light is modeled by Cartesian_Product Red: B; Yellow: B; Green: B; end;

                Exemplar t;

                Constraints …

                Initialization ensures T.Red = True and T.Yellow = False and T.Green = False;

3. For each of the two models given above, write formal specifications of the following operations: Set_to_Green and Is_Green.

 

16.  Please refer to the specification of Stack_Template in answering the following questions.

a.       If Stack_Template is instantiated with Entry type s Traffic_Light and Max_Depth as 2, show all possible abstract values a Stack variable may take.  Answer this question for each of the two models of Traffic_Light in the first question.

b.      Is the Peek operation in the Java Stack interface necessary given that Pop operation removes and returns the top entry?  Justify your answer.

c.       What is the justification for leaving out “Search” operation on Stack_Template?

d.      Suppose that the ensures clause of Push is changed from S = <#E> o #S to S = <E> o <#S>, and nothing else is changed, what will go wrong?

e.       Suppose that the ensures clause of Push is changed from S = <#E> o #S to S = #S o <#E>, and nothing else is changed, what will go wrong?

f.       Why is Pop operation specified with a requires clause? 

 

17. Write a formal specification of each of the following operation, paying attention to details.  Show that each one can be implemented using a combination of Stack and Entry operations.

a.       Clearing_Push that clears its parametric entry E, instead of altering it.

b.      Defensive_Pop that has no requires clause, but has an additional Boolean parameter that is set to true iff Stack is empty.

 

Homework Assignment #2 (due September 17)

 

18.  Consider the two different kinds of explanations used in the specification of Java Stacks for the Push operation in method summary and method details.  Explain the problem with each and the more general problem in writing specifications in that style.

19.  Carefully explain the distinction between abstraction and information hiding.  Does the above Java Stack interface provide information hiding?  Why or why not?  Does it provide abstraction?  Why or why not?

20.  Refer to the set of six “what if” questions listed in the intro slides hand-out.  In each case, explain whether the particular change will lead to a compile-time error, run-time error, or no error.  If your answer is compile-time error, also state compilation of which units (e.g., the interface IHelloWorld, the class Hello_World_1, the main program, etc.) will give that error.  If you state “no error”, report if there is still some “software engineering” error in the code.

21.  Consider the discussion of a formal specification of “Operation Int_Sqrt (I: Integer): Integer” discussed in the class, and answer each of the following questions, where Int_Sqrt stands for the returned value of the operation.

a.       Why is it not necessary for the requires clause to say that I is between, say, Min_Int and Max_Int?

b.      How does this ensures clause guarantee a unique answer, where Int_Sqrt (the name of the function) stands for the result?

“Int_Sqrt * Int_Sqrt <= I and I < (Int_Sqrt + 1)* (Int_Sqrt + 1)”?

c.       Why is this ensures clause not sufficient? “Int_Sqrt * Int_Sqrt <= I”?

d.      Why is this ensures clause not appropriate?

“Int_Sqrt * Int_Sqrt <= I and I < (Int_Sqrt + 1)* Int_Sqrt”?

e.       What would be the consequence if the precondition “I >= 0” is omitted?

22.  One more question to be posted.

 

Homework Assignment #1 (due September 8)

 

1.       Modify the “programming without components” code given in the class as discussed to add a new user-supplied entry to the middle.

2.      Write a program to take pairs of numbers as inputs, terminated by the pair (0, 0) and output the pairs in reverse order.  For the input sequence (3, 5), (8, 20), and (1, 1), the output sequence would be (1, 1), (8, 20), and (3, 5).  Your solution should be such that it is easy to modify if the problem changed from pairs of numbers, to triples, or quadruples.  You need to write a solution in C, a solution in C++ using STL stacks, and a solution in Java using Java generic stacks.  In C++ and Java, you should instantiate the stack with an appropriate structure or class.

3.      Read pages 1-15 of Meyer’s paper given at this site: http://se.ethz.ch/~meyer/publications/computer/formalism.pdf

Write an example description of a problem of your choice (not the one in the paper) to illustrate the “seven sins” of informal specifications.

 

 

Materials

 

For some of the topics, instructor notes will be made available during the semester; technical papers, hand-outs, and web information will be used in the discussion of most other topics. Please see: “Fair Use Guidelines” at http://www.lib.clemson.edu/copyright/

 

Software lifecycle hand-out is available here.

Weide’s introduction to specification/design is available here.

Meyer’s paper on Formal Specifications is available here.

 

Course Description and Content

 

This course will introduce you to formal methods and techniques for component-based software engineering, and explain how to apply them.  Topics include specification and design of components, and related implementation and efficiency issues.  Relevant programming issues, including C++ and Java component development, will be discussed.

 

Grading Policy

 

Performance in this course will be evaluated by exams, homework assignments, and active class participation.  Some assignments may require programming.  There will be two mid-term exams and a final exam.  Requests for makeup exams are discouraged.  NO MAKEUP EXAMS will be given without prior approval or valid medical emergency. 

 

For the two mid-term exams, the following additional policy will be in effect.  You may resubmit revised answers to questions where you lost points, within a prescribed deadline.  You will earn a maximum of 33% of lost points, if your revised answers are correct.

 

Homework assignments are due at the beginning of the class when they are due.    Note that only some representative parts of the homework assignments may be evaluated to assign grades.

 

  

   Breakdown of points is given below:

         HW Assignments                             35%

         Exam #1 (Week #6)                         20%

         Exam #2 (Week #11)                       20%

         Final Exam                                       25%

 

Letter grades will be assigned as shown below:

         90% - 100%                           A- to A+

         80% -  89%                            B- to B+

         70% -  79%                            C- to C+

         60% -  69%                            D- to D+

         < 60%                                                 F

 

Attendance Policy

 

Attendance is not mandatory, but you are responsible for all materials covered in lectures.

 

Academic Integrity

 

All exams and lab assignments are individual tasks, unless specifically designated as group tasks. It is expected that you will work ALONE on exams and quizzes. Evidence to the contrary will be regarded as academic dishonesty and will be dealt with according to the University policies on academic dishonesty.  For details, please see http://www.cs.clemson.edu/html/academics/academic_integrity_2002.html.

 

Learning and Feedback

 

I expect to foster a nurturing learning environment based upon communication and mutual respect in this class.  I will give serious consideration to any suggestion as to how to further such a positive and open environment.  I encourage you to give feedback on various aspects of the course, including but not limited to contents, assignments and exams, style, and treatment.  I encourage active participation in the class.  Your feedback is important for improving the quality of this course and that of undergraduate education in computer science, in general. 

 

If you have a special need and feel that you need assistance with regard to lectures, reading assignments, or testing, please advise me of your needs as soon as possible.  Student Disability Services is located in G-20 Redfern (telephone number: 656-6848; e-mail: sds-l@clemson.edu).

 

Outline of Key Topics

 

Given below is the list of topics I expect to cover in this course.  The four major themes below will be interleaved throughout the course.  We will study a variety of examples to understand and apply fundamental and practical principles.

 

I.  Core Principles of Specification and Design

1.      Introduction to component-based software engineering (CBSE)

2.      Data abstraction and formal specification

3.      Design considerations, including reusability and efficiency

4.      Implementation design considerations and performance trade-offs

5.      Extensions to specifications and implementations

6.      Performance specification

 

II. Language-Dependent Principles

1.      Specification and design issues for C++ and Java components

2.      Software component development in C++ and Java

3.      Alternative specification techniques

4.      Alternative design notations, including UML

 

III. Role of Specifications in Analysis

1.      Principles of specification-based testing

2.      Principles of interface contract checking

3.      Modular verification

4.      Performance analysis

 

IV. Application of the Principles

1.      Encapsulation of algorithms as objects

2.      Specification and design of components for prioritization, searching, and shared storage

3.      A detailed case study in CBSE: specification, design, implementation, and analysis of a group of components