Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
33 views

Rodin Introduction

This document provides an introduction to the Rodin platform for formal specifications. It discusses key concepts like axioms versus theorems, modeling events, proof obligations to verify properties are maintained, and using Rodin to specify and model systems formally. An example bank account model is presented to illustrate these concepts.

Uploaded by

Muhammad Jameel
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
33 views

Rodin Introduction

This document provides an introduction to the Rodin platform for formal specifications. It discusses key concepts like axioms versus theorems, modeling events, proof obligations to verify properties are maintained, and using Rodin to specify and model systems formally. An example bank account model is presented to illustrate these concepts.

Uploaded by

Muhammad Jameel
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

Tutorial

Introduction to the
Rodin Platform for Formal Specifications
Post-Tactic Configurations
p q
hypothesis goal
I
prove True ✓

Fake ✓

.H ^ a H ✓
the
Bank System: Requirements Document > tracing R
d"
✓ f.
-

T" model


.

here assumed
y£Ño

::÷÷÷→÷÷÷÷
mum

I
instance E-constraints: Axioms
PwHh°p%of
_É<_ balance ← to?
. .
] Coo
R-properties: Theorems

to prove
µÉ°
'

axioms
+ HEEL usingand/or theorems
O
.

wert 't"" subject


/ too
.

function
.

holding
0
( ↳ ThinkRanko on

☒pot ""
a

↳ cash drawer possible ofcombinations
candle
A property .

¥ .
E cached
"

balance

{ Laid 230 ) acid , 460 )

Awaccounts adf.EE#kfk3s-2D3b@Aaant-DZ
, ,


"
I ↳ b should
not be relation
;t¥µe"
qq.fi#aii*EF+b
a
*

should be a function
forjustification,
↳ ④ → ?→
don" →
or

see lecture W2
:{aunts
act
.
Axiom vs. Theorem

used to
prove theorems
→ axiofjpwofsneeded.my be

theorem
proof needed
>

( ( c- N± c > 0

axmlxcxm2.IM/mn
hypotheses

positive
number thmI
{ ✗ I7C-2AX > 0 } f
goal
Event Action

V : = value
4.
a variable
assignment .
Proof Obligation: INITIALIZATION/inv1/INV
btshed

!
:-C #% ; y "¥! É Éx *w
!
events
maintain her

(
. µ,
by
sufficient
"

shofdwhdedstabt.sk ""

Account
BX4E
→ I
Event B
-

modeling
events
↳ guards

t . I T
True
?a%daabkdI
→ event enabled
to invoke
↳ Fake event disabled
Java

methods

programming ↳ preconditions
(
exception )
↳ True →
method exec
.

↳ False →
exceptions thrown .
partial↳ tune
→zT
.

b c- Account relation
L

-33
{ cold , 240) , Ched ,
-2¥ ,
laces ,
46 ) }

dom (b) =
{ aid ,
aid , aus }
withdraw from ack

b a- { ( acid , KEELE) }
t.tt
Rodin :
black) := black) to -
Proof Obligation: withdraw/act1/WD well-defined mess

preconditions

?

mating
of satisfied .

being

i "}
hypotheses
b¥{(aÉ¥function ""
⇐ addga.cl
"" aedomcb,
app ✓

precondi tion
"
"

←x÷¥i¥ aedonlb
)
.

↳ at ACCOUNT ✗ VENI
affair
"
don → doncb)
.

a c-
g. b(a)
e. 200

( ENV 3) x
-

soo

accounts
'
balance values >
credit limit
( x

V-a.ae doneb) bad > -


C
?⃝
b (a) : = b (a) -
V
Proof Obligation: withdraw/inv3 "l

b 4- { ( as bad -
V) }
Ha .
a c- dom ( ☒ bea) > C -

value b4 { (as bad v1}


-

Ywn%É¥¥!É%¥
do,

dad,
TN3 assumed to hold
>

( Exercise )


[
hold
proved
→ be to
Tab to

You might also like