Sequences for system modelling. At the end of this lecture you should be able to: provide a definition of a VDM sequence; identify situations in which

Sequences for system modelling

At the end of this lecture you should be able to:

• provide a definition of a VDM sequence;

• identify situations in which a sequence is an appropriate data type;

• utilize and interpret sequence notation;

• make appropriate use of the VDM sequence operators;

• define a sequence by comprehension;

• write VDM specifications using the sequence type.

A sequence is an ordered collection of objects in which repetitions are significant.

A queue of jobs waiting for a printer

A sequence is an ordered collection of objects in which repetitions are significant.

A group of planes circling an airport

Declaring sequences in VDM-SL

To declare a variable to be of type sequence we place an asterisk after the name of the type contained within the sequence.

seq : *

convoy : SpaceCraft *

Sequence Notation

queue = [ michael, varinder, elizabeth, winston, judith ]

s = [ a, d, f, a, d, d, c ]

[ a, d, f ] [ a, f, d ]

[ ]

Retrieving items from the sequence

s = [ a, d, f, a, d, d, c ]


s(3) =

queue(4) =

s(10) =

f

winston

undefined

Sequence operators

len operator: Returns the length of a sequence

s = [ a, d, f, a, d, d, c ]


len s =

len queue =

7

5

Sequence operators

s = [ a, d, f, a, d, d, c ]


elems operator: Returns a set that contains all the members of the sequence

elems s =

elems queue =

{ a, d, f, c }

{michael, varinder, elizabeth, winston, judith}

Sequence operators

inds operator : Returns a set of all the indices of the sequence

s = [ a, d, f, a, d, d, c ]


inds s =

inds queue =

{1, 2, 3, 4, 5, 6, 7 }

{1, 2, 3, 4, 5}

inds [] = { }

Sequence operators

head (hd) operator : Returns the first element in the sequence

s = [ a, d, f, a, d, d, c ]


hd s =

hd queue =

a

michael

hd [] = undefined

Sequence operators

tail (tl) operator : Returns a sequence containing all but the first element

s = [ a, d, f, a, d, d, c ]


tl s =

tl queue =

[d, f, a, d, d, c ]

[varinder, elizabeth, winston, judith ]

tl [] = undefined tl [a] = [ ]

Sequence operators

concatenation operator ( ^ ) operator:

operates on two sequences, and returns a sequence that consists of the two sequences joined together

first = [ w, e, r, w ] second = [ t, w, q ]

first ^ second = [ w, e, r, w, t, w, q ]

second ^ first = [t, w, q, w, e, r, w ]

first ^ [ ] = [ w, e, r, w ]

Sequence operators

the override operator (†)

Takes a sequence and gives us a new sequence with a particular element of the old sequence overridden by a new element

[a, c, d, e] † {1 z} = [z, c, d, e]

[a, c, d, e] † {2 x, 4 y} = [a, x, d, y]

[a, c, d, e] † {7 g} = undefined

Sequence operators

subsequence operator

allow us to extract a part of a sequence between two indices

s = [ a, d, f, a, d, d, c ]

s(2, ... , 5) = [d, f, a, d]

s(1, ... ,0) = [ ] s(8, ... , 7) = [ ]

s(2, ... , 2) = [d] s(2, ... , 13) = undefined

Sequence comprehension

[ expression(a) | a SomeSet test (a) ]





[ a | a {1,…,10} is-odd(a)]



[ a | a {1,…,10} is-odd(a)]

[ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10]



[ a | a {1,…,10} is-odd(a)]

[ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10]



[ a | a {1,…,10} is-odd(a)]

[ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10]



s1 = [2, 3, 4, 7, 9, 39, 6, 7, 8, 11, 45, 39, 3]

Let’s filter this sequence so that we only have values greater than 10



s1 = [2, 3, 4, 7, 9, 39, 6, 7, 8, 11, 45, 39, 3]

[39, 11, 45, 39]



s1 = [2, 3, 4, 7, 9, 39, 6, 7, 8, 11, 45, 39, 3]

s2 = [ s1(i) | i inds s1 s1(i) > 10 ]



s1 = [2, 3, 4, 7, 9, 39, 6, 7, 8, 11, 45, 39, 3]

s2 = [ | i elems s1 ]

[ 2, 3, 4, 6, 7, 8, 9, 11, 39, 45]



s1 = [2, 3, 4, 7, 9, 39, 6, 7, 8, 11, 45, 39, 3]

s2 = [ | i inds s1 ]

[1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13]



s1 = [2, 3, 4, 7, 9, 39, 6, 7, 8, 11, 45, 39, 3]

s2 = [ | i inds s1 s1(i) > 10 ]

[1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13]



s1 = [2, 3, 4, 7, 9, 39, 6, 7, 8, 11, 45, 39, 3]

s2 = [ s1(i) | i inds s1 s1(i) > 10 ]

[1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14]



s1 = [2, 3, 4, 7, 9, 39, 6, 7, 8, 11, 45, 39, 3]

[1, 2, 3, 4, 5, 39, 7, 8, 9, 10, 11, 12, 14]

s2 = [ s1(i) | i inds s1 s1(i) > 10 ]



s1 = [2, 3, 4, 7, 9, 39, 6, 7, 8, 11, 45, 39, 3]

[1, 2, 3, 4, 5, 39, 7, 8, 9, 11, 11, 12, 14]

s2 = [ s1(i) | i inds s1 s1(i) > 10 ]



s1 = [2, 3, 4, 7, 9, 39, 6, 7, 8, 11, 45, 39, 3]

[1, 2, 3, 4, 5, 39, 7, 8, 9, 11, 45, 12, 14]

s2 = [ s1(i) | i inds s1 s1(i) > 10 ]



s1 = [2, 3, 4, 7, 9, 39, 6, 7, 8, 11, 45, 39, 3]

[1, 2, 3, 4, 5, 39, 7, 8, 9, 11, 45, 39, 14]

s2 = [ s1(i) | i inds s1 s1(i) > 10 ]

Specifying a stack

Stack

stack : Element [*]

push(Element)pop() : ElementisEmpty(): Boolean

Stack

stack : Element [*]


types

Element = TOKEN

state Stack of

stack :

init mk-Stack(s) end

Element *

s = [ ]

Stack

stack : Element [*]


push( )

ext

pre

post

itemIn : Element

stack : Element*wr

stackstack

stack = [itemIn] ^ stack

TRUE

Stack

stack : Element [*]


pop( )

ext

pre

post

itemRemoved : Element

stack : Element*wr

stackstack

stack = tl stack

stack [ ]

itemRemoved = hd stack

Stack

stack : Element [*]


isEmpty( )

ext

pre

post

query :

stack : Element*rd

stackstack

TRUE

query stack = [ ]

Re-thinking the Airport system

Airport2permission: Aircraft [*]landed: Aircraft [*]circling: Aircraft [*]

givePermission(Aircraft)recordLanding( )recordTakeOff(Aircraft)getPermission( ): Aircraft [*]getLanded( ): Aircraft [*]numberWaiting(): IntegergetCircling( ): Aircraft [*]allowToCircle (Aircraft)

types

state Airport2 of

init mk-Airport2 ( )

end

Aircraft = TOKEN

permission: Aircraft-setlanded: Aircraft-setcircling: Aircraft*

p, l, c p = { } l = { } c = [ ]

inv mk-Airport2(p,l,c) ?

The new invariant

inv mk-Airport2(p,l,c) 1. Landed planes must have permission

2. Circling planes must have permission

3. Circling planes can not be landed

4. All circling planes are unique

l p

elems c p

elems c l = { }

isUnique(c)

isUnique(seqIn : Aircraft*) query : pre true

post query len seqIn = card elems seqIn

The new invariant

inv mk-Airport2(p,l,c) 1. Landed planes must have permission

2. Circling planes must have permission

3. Circling planes can not be landed

4. All circling planes are unique

l p

elems c p

elems c l = { }

isUnique(c)

isUnique(seqIn : Aircraft*) query : pre true

post query

i1 ,i2 inds seqIn i1 i2 seqIn(i1) seqIn(i2)

i1 ,i2 inds seqIn i1 i2 seqIn(i1) seqIn(i2)

1 2 3 4 5



allowToCircle ( )

ext

pre

post

craftIn : Aircraft

circling : Aircraft*wr

permission : Aircraft-setrdlanded : Aircraft-setrd

circling = circling ^ [craftIn]

craftIn permission

craftIn elems circling

craftIn landed



recordLanding( )

ext

pre

post

circling : Aircraft*

landed : Aircraft-set

wr

wr

circling = tl circling

landed = landed {hd circling }

circling [ ]

See you next week!

Documents

Sequences for system modelling. At the end of this lecture you should be able to: provide a definition of a VDM sequence; identify situations in which