Mathematical Approaches to Software Quality Gerard O’Regan Mathematical Approaches to Software Quality With 52 Figures Gerard O’Regan, BSc, MSc, PhD 11 White Oaks, Mallow, Co. Cork, Ireland [email protected] British Library Cataloguing in Publication Data A catalogue record for this book is available from the British Library Library of Congress Control Number: 2005935914 ISBN-10: 1-84628-242-X Printed on acid-free paper ISBN-13: 978-1-84628-242-3 © Springer-Verlag London Limited 2006 Apart from any fair dealing for the purposes of research or private study, or criticism or review, as permitted under the Copyright, Designs and Patents Act 1988, this publication may only be repro- duced, stored or transmitted, in any form or by any means, with the prior permission in writing of the publishers, or in the case of reprographic reproduction in accordance with the terms of licences issued by the Copyright Licensing Agency. Enquiries concerning reproduction outside those terms should be sent to the publishers. The use of registered names, trademarks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant laws and regulations and therefore free for general use. The publisher makes no representation, express or implied, with regard to the accuracy of the infor- mation contained in this book and cannot accept any legal responsibility or liability for any errors or omissions that may be made. Printed in the United States of America (SPI/EB) 9 8 7 6 5 4 3 2 1 Springer Science+Business Media springer.com To the memory of Con and Eily O’Regan (Too dearly loved to be forgotten) Preface Overview The objective of this book is to provide a comprehensive introduction to mathe- matical approaches that can assist in achieving high-quality software. An intro- duction to mathematics that is essential for sound software engineering is provided, as well as a discussion of the various mathematical methods that are used in academia and (to varying degrees) in industry. The mathematical approaches considered here include the Z specification language; the Vienna Development Method (VDM); the Irish school of VDM (VDM(cid:389)); the axiomatic approach of Dijkstra and Hoare; the classical engineering approach of Parnas; the Cleanroom approach developed at IBM; software reliability, and the unified modeling language (UML). Finally, the challenge of technology transfer of the mathematical methods to industry is considered. The book aims to explain the main features of the mathematical approaches to the reader, and to thereby assist the reader in applying these methods to solve practical problems. The chapter on technology transfer pre- sents an overview of how these technologies may be transferred to industry, and includes a discussion on the usability of formal methods and pilots of formal methods. Organization and Features Chapter 1 provides an introduction to an engineering approach to software development using mathematical techniques. A review of the more popular formal methods is presented. These include the model-oriented approaches of Z or VDM, and the axiomatic approaches such as the Communicating Sequential Processes (CSP). The nature and role of mathematical proof is discussed, as mathematical proof has the potential to play a key role in program verification. The second chapter considers the mathematics required for sound soft- ware engineering. This includes discrete mathematics such as set theory, func- tions and relations; propositional and predicate logic for software engineers; tabular expressions as developed by Parnas; probability and applied statistics for the prediction of software reliability; calculus and matrix theory; finite state machines; and graph theory. viii Preface Chapter 3 is a detailed examination of mathematical logic including propositional and predicate calculus, as well as an examination of ways to deal with undefined values that arise in specification. The three approaches to un- definedness considered are the logic of partial functions (LPFs) developed by Cliff Jones; the approach of Parnas that essentially treats a primitive predicate calculus expression containing an undefined value as false, and thereby preserv- ing a 2-valued logic; and the approach of Dijkstra that uses the cand and cor operators. The next three chapters are concerned with the model-oriented ap- proach of formal specification. Chapter 4 on Z includes the main features of the specification language as well as the schema calculus. Chapter 5 on VDM de- scribes the history of its development at IBM in Vienna, the main features of the language and its development method. Chapter 6 on VDM(cid:389) explains the phi- losophy of the Irish school of VDM, and explains how it differs from standard VDM. Z and VDM are the two most widely used formal specification languages and have been employed in a number of industrial projects. Chapter 7 focuses on the approach of Dijkstra and Hoare including the calculus of weakest preconditions developed by Dijkstra and the axiomatic se- mantics of programming languages developed by Hoare. Chapter 8 discusses the classical engineering approach of Parnas, and includes a discussion on tabular expressions. Tabular expressions have been employed to provide a mathematical specification of the requirements of the A-7 aircraft and to certify the shutdown software for the Darlington nuclear power plant. Chapter 9 is concerned with the Cleanroom approach of Harlan Mills and the mathematics of software reliability. Cleanroom enables a mathematical prediction of the software reliability to be made based on the expected usage of the software. The software reliability is expressed in terms of the mean time to failure (MTTF). Chapter 10 is concerned with the unified modeling language (UML). This is a visual approach to the formal specification and design of soft- ware, and the UML diagrams provide different viewpoints of the proposed sys- tem. The final chapter is concerned with the technology transfer of the mathematical approaches to industry. This includes piloting formal methods on one or more projects to evaluate their suitability for the organization. Audience This book is suitable for undergraduate and graduate computer science students who are interested in an overview of mathematical methods that may be em- ployed to develop high-quality software. The material is mathematical but is presented as simply as possible. Motivated software and quality engineers who are interested in knowing how a mathematical approach can assist in achieving high-quality software will find the book to be a useful overview. Preface ix Acknowledgments I am deeply indebted to friends and colleagues in industry and academia who supported my efforts in this endeavor. I would like to thank the team at Springer for their professional work and a special thanks to the copyeditor (M. Bearden) for his many helpful comments and suggestions. Finally, I would also like to thank family and personal friends such as Kevin and Maura for support. Gerard O’Regan. November 2005 Contents: Preface.........................................................................................................vii Acknowledgments........................................................................................ix 1. Introduction.........................................................................................1 1.1 Software Engineering..........................................................................3 1.2 Software Engineering Mathematics....................................................6 1.3 Formal Methods...................................................................................8 1.3.1 Why Should We Use Formal Methods?...................................10 1.3.2 Applications of Formal Methods..............................................12 1.3.3 Tools for Formal Methods ........................................................13 1.3.4 Model-Oriented Approach........................................................16 1.3.5 Axiomatic Approach..................................................................17 1.3.6 The Vienna Development Method............................................18 1.3.7 VDM♣, the Irish School of VDM...............................................19 1.3.8 The Z Specification Language...................................................20 1.3.9 Propositional and Predicate Calculus.......................................22 1.3.10 The Parnas Way.........................................................................25 1.3.11 Unified Modeling Language......................................................27 1.3.12 Proof and Formal Methods........................................................29 1.4 Organization of This Book ................................................................30 1.5 Summary............................................................................................31 2. Software Engineering Mathematics..................................................33 2.1 Introduction.......................................................................................33 2.2 Set Theory...........................................................................................34 2.3 Relations.............................................................................................37 2.4 Functions...........................................................................................38 2.5 Logic...................................................................................................40 x ii C o n t e n t s 2.6 Tabular Expressions...........................................................................42 2.7 Probability and Applied Statistics......................................................43 2.8 Calculus..............................................................................................46 2.9 Matrix Theory....................................................................................47 2.10 Finite State Machines........................................................................48 2.11 Graph Theory.....................................................................................50 2.12 Tools for Mathematics........................................................................51 2.13 Summary............................................................................................51 3. Logic for Software Engineering........................................................53 3.1 Introduction........................................................................................53 3.2 PropositionalLogic............................................................................55 3.2.1 Truth Tables..................................................................................56 3.2.2 Properties of Propositional Calculus..........................................57 3.2.3 Proof in Propositional Calculus..................................................58 3.2.4 Applications of Propositional Calculus.......................................61 3.2.5 Limitations of Propositional Calculus.........................................62 3.3 Predicate Calculus.............................................................................62 3.3.1 Properties of Predicate Calculus.................................................64 3.3.2 Applications of Predicate Calculus.............................................65 3.4 Undefined Values...............................................................................66 3.4.1 Logic of Partial Functions............................................................67 3.4.2 Parnas Logic..................................................................................68 3.4.3 Dijkstra and Undefinedness.........................................................70 3.5 Miscellaneous.....................................................................................71 3.6 Tools for Logic...................................................................................72 3.7 Summary.............................................................................................................73 4. Z Specification Language..................................................................75 4.1 Introduction.......................................................................................75 Contents xiii 4.2 Sets......................................................................................................78 4.3 Relations.............................................................................................79 4.4 Functions...........................................................................................81 4.5 Sequences...........................................................................................82 4.6 Bags....................................................................................................83 4.7 Schemas and Schema Composition...................................................85 4.8 Reification and Decomposition..........................................................87 4.9 Proof in Z...........................................................................................89 4.10 Tools for Z..........................................................................................90 4.11 Summary.............................................................................................91 5. Vienna Development Method ............................................................92 5.1 Introduction.......................................................................................92 5.2 Sets......................................................................................................95 5.3 Sequences...........................................................................................97 5.4 Maps...................................................................................................98 5.5 Logic in VDM...................................................................................100 5.6 Data Types and Data Invariants......................................................101 5.7 Specification in VDM......................................................................102 5.8 Refinement.......................................................................................104 5.9 Tools for VDM..................................................................................105 5.10 Summary...........................................................................................107 6. Irish School of VDM........................................................................109 6.1 Introduction......................................................................................109 6.2 Mathematical Structures and Their Morphisms.............................111 6.3 Models and Modeling......................................................................114 6.4 Sets...................................................................................................114 6.5 Relations and Functions .................................................................116 6.6 Sequences.........................................................................................118