Specifying Reusable Components

Reusable software components need expressive specifications. This paper outlines a rigorous foundation to model-based contracts, a method to equip classes with strong contracts that support accurate design, implementation, and formal verification of reusable components. Model-based contracts conservatively extend the classic Design by Contract with a notion of model, which underpins the precise definitions of such concepts as abstract equivalence and specification completeness. Experiments applying model-based contracts to libraries of data structures suggest that the method enables accurate specification of practical software

The Omnibus language and integrated verification approach

This thesis describes the Omnibus language and its supporting framework of tools. Omnibus is an object-oriented language which is superficially similar to the Java programming language but uses value semantics for objects and incorporates a behavioural interface specification language. Specifications are defined in terms of a subset of the query functions of the classes for which a frame-condition logic is provided. The language is well suited to the specification of modelling types and can also be used to write implementations. An overview of the language is presented and then specific aspects such as subtleties in the frame-condition logic, the implementation of value semantics and the role of equality are discussed. The challenges of reference semantics are also discussed. The Omnibus language is supported by an integrated verification tool which provides support for three assertion-based verification approaches: run-time assertion checking, extended static checking and full formal verification. The different approaches provide different balances between rigour and ease of use. The Omnibus tool allows these approaches to be used together in different parts of the same project. Guidelines are presented in order to help users avoid conflicts when using the approaches together. The use of the integrated verification approach to meet two key requirements of safe software component reuse, to have clear descriptions and some form of certification, are discussed along with the specialised facilities provided by the Omnibus tool to manage the distribution of components. The principles of the implementation of the tool are described, focussing on the integrated static verifier module that supports both extended static checking and full formal verification through the use of an intermediate logic. The different verification approaches are used to detect and correct a range of errors in a case study carried out using the Omnibus language. The case study is of a library system where copies of books, CDs and DVDs are loaned out to members. The implementation consists of 2278 lines of Omnibus code spread over 15 classes. To allow direct comparison of the different assertion-based verification approaches considered, run-time assertion checking, extended static checking and then full formal verification are applied to the application in its entirety. This directly illustrates the different balances between error coverage and ease-of-use which the approaches offer. Finally, the verification policy system is used to allow the approaches to be used together to verify different parts of the application

Investigation of a Novel Formal Model for Mobile User Interface Design

Mobile user interfaces are becoming increasingly complex due to the expanding range of functionalities that they incorporate, which poses significant difficulties in software development. Formal methods are beneficial for highly complex software systems, as they enable the designed behaviour of a mobile user interface (UI) to be modelled and tested for accuracy before implementation. Indeed, assessing the compatibility between the software specification and user requirements and verifying the implementation in relation to the specification are essential procedures in the development process of any type of UI. To ensure that UIs meet users‘ requirements and competences, approaches that are based on interaction between humans and computers employ a variety of methods to address key issues. The development of underlying system functionality and UIs benefit from formal methods as well as from user-interface design specifications. Therefore, both approaches are incorporated into the software development process in this thesis. However, this integration is not an easy task due to the discrepancies between the two approaches. It also includes a method, which can be applied for both simple and complex UI applications. To overcome the issue of integrating both approaches, the thesis proposes a new formal model called the Formal Model of Mobile User Interface Design (FMMUID). This model is devised to characterise the composition of the UI design based on hierarchical structure and a set theory language. To determine its applicability and validity, the FMMUID is implemented in two real-world case studies: the quiz game iPlayCode and the social media application Social Communication (SC). A comparative analysis is undertaken between two case studies, where each case study has three existing applications with similar functionality in terms of structure and numbers of elements, functions and colours. Furthermore, the case studies are also assessed from a human viewpoint, which reveals that they possess better usability. The assessment supports the viability of the proposed model as a guiding tool for software development. The efficiency of the proposed model is confirmed by the result that the two case studies are less complex than the other UI applications in terms of hierarchical structure and numbers of elements, functions and colours, whilst also presenting acceptable usability in terms of the four examined dimensions: usefulness, information quality, interface quality, and overall satisfaction. Hence, the proposed model can facilitate the development process of mobile UI applications

Making specifications complete through models

Abstract. Good components need precise contracts. In the practice of Design by Contract TM, applications and libraries typically express, in their postconditions and class invariants, only a subset of the relevant properties. We present: – An approach to making these contract elements complete without extending the assertion language, by relying on “model classes ” directly deduced from mathematical concepts. – An actual “Mathematical Model Library ” (MML) built for that purpose – A method for using MML to express complete contracts through abstraction functions, and an associated theory of specification soundness. – As a direct application of these ideas, a new version of a widely used data structure and algorithms library equipped with complete contracts through MML. All the software is available for download. The approach retains the pragmatism of the Design by Contract method, suitable for ordinary applications and understandable to ordinary programmers, while potentially achieving the benefits of much heavier formal specifications. The article concludes with a discussion of applications to testing and program proving, and of remaining issues.

Making specifications complete through models

Good components need precise contracts. In the practice of Design by Contract, applications and libraries typically express, in their postconditions and class invariants, only a subset of the relevant properties. We present: – An approach to making these contract elements complete without extending the assertion language, by relying on “model classes ” directly deduced from mathematical concepts. – An actual “Mathematical Model Library ” (MML) built for that purpose – A method for using MML to express complete contracts through abstraction functions, and an associated theory of specification soundness. – As a direct application of these ideas, a new version of a widely used data structure and algorithms library equipped with complete contracts through MML. All the software is available for download. The approach retains the pragmatism of the Design by Contract method, suitable for ordinary applications and understandable to ordinary programmers, while potentially achieving the benefits of much heavier formal specifications. The article concludes with a discussion of applications to testing and program proving, and of remaining issues