(Last modified Thu Jun 05 23:20 2008)

What is a specification? 

• Something that can be met, or not. 

  A program meets its specification (or fails to). 

• A statement of what is acceptable and what isn't. 

  So that for any possible program behavior or characteristic, the specification can be used to classify it as acceptable or not acceptable (or required, forbidden, or neither). 

• Something against which another sort of thing can be verified. 

  A program can be tested to see whether it (fails to) meet its specification;  or the program's design can be verified as supporting the specification (or not). 

• Something that divides the possibilities into the categories of required, forbidden, and neither. 

What can we do with specifications?

• Reason about them before producing more detailed artifacts. 

  Writing the specification forces us to think about the issues involved.  Once the specification is produced, we can ask questions about it and think about the answers. 

• Use them as things to discuss, revise, and (one hopes) agree on. 
• Derive other more detailed artifacts from them
• Use them to check or test other artifacts

Different kinds of specification are good for making different kinds of statement. 

• Time-invariant (for statements that are always true) vs. temporal (for organizing statements that are only true at specific times). 
• Integral (for looking at "the whole thing") vs. disjoint (for looking at each part separately)

A quick trot through some kinds of specifications: 

• Properties and their compounds: 
  • Assertions — unstructured lists of desired properties. 
    1. The elevator shall move passengers from floor to floor.
    2. The elevator doors shall close slowly enough to avoid injury to passengers.
  • Logics (propositional, first-order, temporal, ...) — useful ways of combining individual properties to make more complex statements. 
    • propositional logic:  not, or, and; variables stand for sentences that can be true or false; very basic.  A∧(B∨¬C). 
      

      Goal graph

    • first-order logic:  adds
      • a domain of entities about which we are going to reason,
      • predicates that are true or false of things in the domain,
      • functions relating things in the domain, and
      • quantifiers ("for all" and "there exists") for talking about properties over the entire domain. 

      Much more useful.  Variables stand for entities in the domain (there are still variable-like sentence letters standing for sentences that can be true or false).  ∀x ∃y TallerThan(x,y). 

    • temporal logic:  adds "quantifiers" over time (eventually , always , ...).  Much more difficult to use.  ∀x ∃y TallerThan(x,y). 
  • Goal graphs — for reasoning about how goals contribute and conflict. 
• Enumerations: they list the desired (or undesired) things
  • Sets
    • Extensionally defined:  enumerate the elements ("The east and west CS elevators"). 
    • Intensionally defined:  by a property all the elements have ("All elevators serving four floors"), direct connection to first-order logic. 
    • Defined by operations on existing sets.  A∪(B∩C)-D
  • Regular expressions  a[b-f]*g+
  • Context-free grammars

    A	::=	Ba
    B	::=	Bb
    	|	b

  • The Chomsky hierarchy: 

    Automata		Grammars		Languages
    Finite-state machines	≡	Regular grammars	~	Regular languages
    Pushdown automata	≡	Context-free grammars	~	Context-free languages
    Linear bounded automata	≡	Context-sensitive grammars	~	Context-sensitive languages
    Turing machines	≡	Unrestricted grammars	~	Recursive languages

    The regular languages ⊂ the context-free languages ⊂ the context-sensitive languages ⊂ the recursive languages ⊂ all possible languages. 

• State models: they divide behaviors by states in which various behaviors are possible; time is implicit
  • Finite state machines (= finite automata):  a finite number of states (circles) with transitions (labeled arrows) between them.  The transition occurs when the input (the label on the arrow) is received in the state the arrow starts from.  Some states may be initial states (arrow to them from nowhere), and others may be accepting states (doubled circles). 
    

    Statechart

  • Statecharts, a notation for (extended) finite state machines that is advantageous for medium to large specifications. 
  • Algebraic specifications (strings and operations for transforming them)
  • Labelled transition systems:  state machines presented (and analyzed) not necessarily as a single unified model, but as the combination of several partial, recursive, algebraic descriptions in a language (FSP, Finite State Processes) that ensures the partial descriptions can be integrated. 
• Interaction models:  they divide behaviors into specific sequences of interactions; time is explicit
  • Scenarios.
  • Use cases. (each one a group of related scenarios that either achieve a common goal or are obstructed from doing so).
  • Message sequence charts (MSCs), sequence diagrams, etc.
  • Anti-scenarios, misuse cases:  descriptions of what should not happen.

Things a kind of formal specification has (or should have) (or could have): 

• Syntax, preferably recursive
• Semantics, preferably recursive and isomorphic with the syntax
• Interpretations, mapping elements of the syntax to a world
• Equivalence reasoning (like ≡, dividing things into equivalence classes)
• Inference reasoning (ordered reasoning, like >, organizing things into a partial order)

Thomas A. Alspaugh
Assistant Professor, Informatics Dept.
School of Information and Computer Sciences