Browse Books

Reviewer: Herbert Toth

This is the first book devoted exclusively to assertion-based software engineering. However, the basic ideas are not as new as you might think: their origin dates back to the pioneering work of C.A.R. Hoare from around 1970 on proving programs’ correctness. However, only starting in the mid-90s was there a growing interest in the design by contract (DBC) paradigm, both how to do it in practice [1], and its theoretical background [2]. Contracts are built on assertions, which are Boolean expressions that define the correct state of a program at a particular location in the code. Assertions must therefore evaluate to true when execution reaches these locations. The key assertions in DBC are preconditions and postconditions, which specify what must rely on entry and exit of methods; and invariants, specifying consistency constraints on the state space of all instances of a class. The material is presented in a logical way, with the main points deliberately repeated, so that even newcomers to the field should have no difficulty in following it. The clarity of the Eiffel notation used in the many mostly simple and well-chosen examples is also helpful. For the few more sophisticated design issues, the authors provide detailed explanations, and point out clearly under which circumstances such a solution is appropriate, as well as its advantages and costs (especially in chapter 9). Don’t worry if you are not familiar with object-oriented software development. You just have to skip chapter 6. Readers with object-oriented experience should note that only one of the 12 chapters is devoted to topics like inheritance, polymorphism, and subtyping issues. This is acceptable for two reasons. First, the book’s aim is to introduce the reader to assertion-based software construction, and it does so “by example.” In addition, during the last two years, a considerable number of results have been published that are either too new and/or too advanced to have been included in this book. Chapter 9 deals with the observer pattern from Gamma, et al. [3], and in chapter 11, as an example of programming languages that have no direct support for DBC, the iContract tool for Java is presented. Unfortunately, no hints are given about any of the existing packages for C++. I cannot help citing the first and the last sentence from the book’s foreword written by Bertrand Meyer (the father of design by contract), because—as is so often the case—he so appropriately says what is to be said: “The concept of Design by Contract was invented to provide practicing software developers with a way to produce, at little extra cost, software that is much more reliable than is the norm today...It’s hard to think of many other books that—besides being pleasurable to read—will at so little effort, regardless of your education, experience, programming style and application domain, almost certainly make you, instantly, a better programmer.” Ever since software has been written, the main aim of its developers was to get it “correct,” regardless of the meaning this word had within the area of programming during the last four decades. DBC is one of a few ways towards this goal, nowadays called the verification of a software system. Due to its excellent style and comprehensive presentation, I hope that this book will make DBC a much more popular technique in software practice. In fact, one could even say that not using contracts in software development rules out the right to claim it as an engineering discipline. Based on six principles and five guidelines for writing good contracts, you can write contracts in your code much more effectively right from the very beginning. Therefore, enjoy reading the book, and apply your new skills! Online Computing Reviews Service

Reviewer: Gonzalo Peralta Villavicencio

Techniques for designing and implementing object-oriented software based on contracts are discussed in this book. It is intended for students and software developers who are looking for design and coding methodologies that allow them to develop more reliable applications. According to the preface, the design of software with contracts is all about adding assertions to object oriented programs. The authors spend the 12 chapters of the book expounding on the art of writing preconditions, postconditions, and invariants, based on six guiding principles and some basic guidelines. The reader is encouraged to interact with the book, by putting into practice the practical, clear examples that are included. While the technique of design by contract is oriented toward the design phase of the software development process, the last part of book discusses the use of contracts in use case-based analysis. Chapters 1, 2, and 3 build the foundation for the ideas proposed in the book, presenting the six principles for design by contract, and the ways in which these must be applied. Special attention is given to the definitions of query and command concepts. Two classic examples, the design of a class to manage generic stacks and a dictionary class, are both simple and complete enough to explain the authors insights. The example in chapter 4 develops a class for immutable lists to support contracts in other classes. Chapter 5 makes use of this class to design, with contracts, a classical linear structure like queue. It is really interesting to see these common kinds of problems from this point of view. After reading chapter 5, readers will understand the concept of classes to support contracts in other classes. Chapter 6 addresses questions related to inheritance and contracts, and will be useful for people who are writing classes to be used like superclasses; they will find details about how to make contracts that are able to be redefined in future implementations. People who are writing subclasses, in contrast, will learn how to redefine contracts from superclasses. Developers not familiar with contracts could confuse design by contracts with defensive programming; in chapter 8, a comparison is made between them, including a demonstration of the benefits of writing contracts. It might have been better if those benefits were presented at the beginning of the book, in order to clarify the concepts. People working with object-oriented frameworks must pay attention to chapter 9; it addresses the creation of observer design patterns by contracts, and demonstrates that design by contracts is applicable to collaborating classes schemes. There is also a section in this chapter that discusses frame rules; this further clarifies material presented in chapter 7, and also introduces the privacy requirements related to contracts when inheriting classes. Chapter 10 discusses the verification of precondition fulfillment, based on an example of a simple counter. The examples in the book are presented using unified modeling language (UML) notation, and are based primarily on the Eiffel language because it offers native support for contracts. In chapter 11, however, some examples are developed with Java, making use of a preprocessor called iContract. Though examples written with Eiffel arent complicated to understand, C++ developers like me will feel more comfortable looking at Java examples, considering its similarity to C++, despite the fact that the authors dont include specific information about preprocessors for C++ compilers. The vast experience of the authors in the field of object-oriented software is an advantage; this is a book made by developers for developers. It could be really useful for people who want to explore the possibility of spending extra time in return for better designs, documentation, and reliability. Online Computing Reviews Service