prof.dr.andreaspodelski, 2016-06-13 wrap-up lecture 10: … · 2016-06-13 · analysing lsc...
TRANSCRIPT
– 10 – 2016-06-13 – main –
Softw
aretech
nik
/Softw
are-E
ngin
eering
Lectu
re10:
Req
uirem
ents
Engin
eering
Wra
p-U
p
2016-0
6-1
3
Pro
f.Dr.A
nd
reas
Po
de
lski,Dr.B
ern
dW
estp
hal
Alb
ert-Lu
dw
igs-Un
iversität
Freib
urg,G
erm
any
To
pic
Area
Req
uirem
ents
En
gin
eering
:C
on
tent
– 10 – 2016-06-13 – Sblockcontent –
2/
34
•In
trod
uctio
n
•R
eq
uire
me
nts
Sp
ecificatio
n
•D
esire
dP
rop
ertie
s
•K
ind
so
fR
eq
uire
me
nts
•A
nalysis
Tech
niq
ue
s
•D
ocu
me
nts
•D
iction
ary,Sp
ecificatio
n
•S
pe
cification
Lan
gu
ages
•N
aturalL
angu
age
•D
ecisio
nTab
les
•S
yn
tax,Se
man
tics
•C
om
ple
ten
ess,C
on
sisten
cy,...
•S
cen
arios
•U
ser
Sto
ries,U
seC
ases
•Live
Se
qu
en
ceC
harts
•S
yn
tax,Se
man
tics
•D
efin
ition
:So
ftware
&S
WS
pe
cification
•W
rap-U
p
VL
6
...
VL
7
...
VL
8...
VL
9...
VL
10...
Co
nten
t
– 10 – 2016-06-13 – Scontent –
3/
34
•P
re-C
harts
•S
em
antics,o
nce
again
•R
eq
uire
me
nts
En
gine
erin
gw
ithsce
nario
s
•S
tren
gthe
nin
gsce
nario
ns
into
req
uire
me
nts
•S
oftw
are,fo
rmally
•S
oftw
aresp
ecificatio
n
•R
eq
uire
me
nts
En
gine
erin
g,form
ally
•S
oftw
areim
ple
me
nts
spe
cification
•L
SC
svs.S
oftw
are
•S
oftw
areim
ple
me
nts
LS
Cs
•S
cen
arios
and
tests
•P
layIn
/P
layO
ut
•R
eq
uire
me
nts
En
gin
ee
ring
Wrap
-Up
Pre-C
ha
rts(A
ga
in)
– 10 – 2016-06-13 – main –
4/
34
Exa
mp
le:Ven
din
gM
ach
ine
– 10 – 2016-06-13 – Srecallpc –
5/
34
•P
ositive
scen
ario:B
uy
aS
oftd
rink
(i)In
sert
on
e1
eu
roco
in.
(ii)P
ress
the
‘softd
rink’b
utto
n.
(iii)G
et
aso
ftdrin
k.
•P
ositive
scen
ario:G
et
Ch
ange
(i)In
sert
on
e5
0ce
nt
and
on
e1
eu
roco
in.
(ii)P
ress
the
‘softd
rink’b
utto
n.
(iii)G
et
aso
ftdrin
k.
(iv)G
et
50
cen
tch
ange
.
•N
eg
ativesce
nario
:AD
rink
for
Free
(i)In
sert
on
e1
eu
roco
in.
(ii)P
ress
the
‘softd
rink’b
utto
n.
(iii)D
on
ot
inse
rtan
ym
ore
mo
ne
y.
(iv)G
et
two
softd
rinks.
LS
C:
bu
yso
ftdrin
kA
C:
trueA
M:
invarian
tI:
pe
rmissive
Use
rV
en
d.M
a.
E1
pSOFT
SOFT
LS
C:
get
chan
geA
C:
trueA
M:
invarian
tI:
pe
rmissive
Use
rV
en
d.M
a.
C50
E1
pSOFT
SOFT
chg
-C50
LS
C:
on
lyo
ne
drin
kA
C:
trueA
M:
invarian
tI:
pe
rmissive
Use
rV
en
d.M
a.
E1
pSOFT
SOFT
SOFT
¬C50!∧¬E1!
false
Pre-C
ha
rts
– 10 – 2016-06-13 – Srecallpc –
6/
34
Afu
llLS
CL
=(P
C,MC,ac,am,Θ
L)
actually
con
sistso
f
•p
re-ch
artPC
=((L
P,�
P,∼
P),IP,Msg
P,CondP,LocInvP,Θ
P)
(po
ss.em
pty),
•m
ain-ch
artM
C=
((LM,�
M,∼
M),IM,Msg
M,CondM,LocInvM,Θ
M),
•activatio
nco
nd
itionac∈
Φ(C
),and
mo
de
am
∈{
initial,
invarian
t},
•strictn
ess
flagstrict,ch
artm
od
ee
xisten
tial(ΘL
=cold
)or
un
iversal(Θ
L=
hot).
Co
ncre
tesy
ntax:
LS
C:
on
lyo
ne
drin
kA
C:
trueA
M:
invarian
tI:
pe
rmissive
Use
rV
en
d.M
a.
E1
pSOFT
SOFT
SOFT
¬C50!∧¬E1!
false
Pre-C
ha
rts
– 10 – 2016-06-13 – Srecallpc –
6/
34
Afu
llLS
CL
=(P
C,MC,ac,am,Θ
L)
actually
con
sistso
f
•p
re-ch
artPC
=((L
P,�
P,∼
P),IP,Msg
P,CondP,LocInvP,Θ
P)
(po
ss.em
pty),
•m
ain-ch
artM
C=
((LM,�
M,∼
M),IM,Msg
M,CondM,LocInvM,Θ
M),
•activatio
nco
nd
itionac∈
Φ(C
),and
mo
de
am
∈{
initial,
invarian
t},
•strictn
ess
flagstrict,ch
artm
od
ee
xisten
tial(ΘL
=cold
)or
un
iversal(Θ
L=
hot).
Ase
to
fw
ord
sW
⊆(C
→B)ω
isacce
pte
db
yL
,de
no
ted
byW
|=L
,ifan
do
nly
if
LS
C:
on
lyo
ne
drin
kA
C:
trueA
M:
invarian
tI:
pe
rmissive
Use
rV
en
d.M
a.
E1
pSOFT
SOFT
SOFT
¬C50!∧¬E1!
false
am
=in
itialam
=in
variant
ΘL = cold
∃w
∈W
∃m
∈N
0•
∧w
0|=
ac∧¬ψ
exit (C
P0)∧ψ
prog(∅,C
P0)
∧w/1,...,w/m
∈Lang(B
(PC))
∧w
m+
1|=
¬ψ
exit (C
M0)
∧w
m+
1|=ψ
prog(∅,C
M0)
∧w/m
+2∈
Lang(B
(MC))
∃w
∈W
∃k<m
∈N
0•
∧w
k|=
ac∧¬ψ
exit (C
P0)∧ψ
prog(∅,C
P0)
∧w/k+
1,...,w/m
∈Lang(B
(PC))
∧w
m+
1|=
¬ψ
exit (C
M0)
∧w
m+
1|=ψ
prog(∅,C
M0)
∧w/m
+2∈
Lang(B
(MC))
ΘL = hot
∀w
∈W
∀m
∈N
0•
∧w
0|=
ac∧¬ψ
exit (C
P0)∧ψ
prog(∅,C
P0)
∧w/1,...,w/m
∈Lang(B
(PC))
∧w
m+
1|=
¬ψ
exit (C
M0)
=⇒
wm
+1|=ψ
prog(∅,C
M0)
∧w/m
+2∈
Lang(B
(MC))
∀w
∈W
∀k≤m
∈N
0•
∧w
k|=
ac∧¬ψ
exit (C
P0)∧ψ
prog(∅,C
P0)
∧w/k+
1,...,w/m
∈Lang(B
(PC))
∧w
m+
1|=
¬ψ
exit (C
M0)
=⇒
wm
+1|=ψ
prog(∅,C
M0)
∧w/m
+2∈
Lang(B
(MC))
wh
ereC
P0an
dC
M0are
the
min
imal(o
rin
stance
he
ads)cu
tso
fp
re-
and
main
-chart.
Un
iversal
LS
C:
Exa
mp
le
– 10 – 2016-06-13 – Srecallpc –
7/
34
LS
C:
bu
yw
ater
AC
:true
AM
:in
variant
I:strict
Use
rC
oin
Valid
ator
Ch
oice
Pan
el
Disp
en
ser
C50
pWATER
water
_in
_sto
ck
dWATER
OK
Un
iversal
LS
C:
Exa
mp
le
– 10 – 2016-06-13 – Srecallpc –
7/
34
LS
C:
bu
yw
ater
AC
:true
AM
:in
variant
I:strict
Use
rC
oin
Valid
ator
Ch
oice
Pan
el
Disp
en
ser
C50
pWATER
¬(C
50!∨E1!∨pSOFT!
∨pTEA!∨pFIL
LUP!)
water
_in
_sto
ck
dWATER
OK
¬(dSoft!
∨dTEA!)
Req
uirem
ents
En
gin
eering
with
Scen
ario
s
– 10 – 2016-06-13 – main –
8/
34
An
alysin
gL
SC
Req
uirem
nts
– 10 – 2016-06-13 – Sstrengthen –
11/3
4
Req
uirem
ents
on
Req
uirem
ents
Sp
ecifica
tion
s
– 6 – 2016-05-12 – Sre –
12/
37
Are
qu
irem
en
tssp
ecificatio
nsh
ou
ldb
e
•co
rrect
—it
corre
ctlyre
pre
sen
tsth
ew
ishe
s/n
ee
ds
of
the
custo
me
r,
•co
mp
lete
—allre
qu
irem
en
ts(e
xisting
inso
me
bo
dy’s
he
ad,o
ra
do
cum
en
t,or
...)sh
ou
ldb
ep
rese
nt,
•re
leva
nt
—th
ings
wh
ichare
no
tre
levan
tto
the
pro
ject
sho
uld
no
tb
eco
nstrain
ed
,
•co
nsiste
nt,fre
eo
fco
ntra
dictio
ns
—e
achre
qu
irem
en
tis
com
patib
lew
ithallo
the
rre
qu
irem
en
ts;oth
erw
iseth
ere
qu
irem
en
tsare
no
tre
alisa
ble
,
•n
eu
tral,a
bstra
ct—
are
qu
irem
en
tssp
ecificatio
nd
oe
sn
ot
con
strainth
ere
alisation
mo
reth
ann
ece
ssary,
•tra
ceab
le,co
mp
reh
en
sible
—th
eso
urce
so
fre
qu
irem
en
tsare
do
cum
en
ted
,re
qu
irem
en
tsare
un
iqu
ely
ide
ntifiab
le,
•te
stab
le,o
bje
ctive—
the
finalp
rod
uct
cano
bje
ctively
be
che
cked
for
satisfyin
ga
req
uire
me
nt.
•C
orre
ctne
ssan
dco
mp
lete
ne
ssare
de
fine
dre
lativeto
som
eth
ing
wh
ichis
usu
allyo
nly
inth
ecu
stom
er’s
he
ad
.
→is
isd
ifficult
tob
esu
reo
fco
rrectn
ess
and
com
ple
ten
ess.
•“D
ear
custo
me
r,ple
ase
tellm
ew
hat
isin
yo
ur
he
ad
!”is
inalm
ost
allcases
no
ta
solu
tion
!
It’sn
ot
un
usu
althat
eve
nth
ecu
stom
er
do
es
no
tp
recise
lykn
ow
...!
For
exam
ple
,the
custo
me
rm
ayn
ot
be
aware
of
con
tradictio
ns
du
eto
tech
nicallim
itation
s.
De
finitio
n.[LS
CC
on
sistency]
Ase
to
fL
SC
s{L
1,...,
Ln}
iscalle
dco
nsiste
nt
ifan
do
nly
ifth
ere
exists
ase
to
fw
ord
sW
such
that
∧ni=1W
|=Lang(L
i ).
Co
nten
t
– 10 – 2016-06-13 – Scontent –
12/
34
•P
re-C
harts
•S
em
antics,o
nce
again
•R
eq
uire
me
nts
En
gine
erin
gw
ithsce
nario
s
•S
tren
gthe
nin
gsce
nario
ns
into
req
uire
me
nts
•S
oftw
are,fo
rmally
•S
oftw
aresp
ecificatio
n
•R
eq
uire
me
nts
En
gine
erin
g,form
ally
•S
oftw
areim
ple
me
nts
spe
cification
•L
SC
svs.S
oftw
are
•S
oftw
areim
ple
me
nts
LS
Cs
•S
cen
arios
and
tests
•P
layIn
/P
layO
ut
•R
eq
uire
me
nts
En
gin
ee
ring
Wrap
-Up
So
ftwa
rea
nd
So
ftwa
reS
pecifi
catio
n,fo
rma
lly
– 10 – 2016-06-13 – main –
13/
34
So
ftwa
re,fo
rma
lly
– 10 – 2016-06-13 – Sswlsc –
14/
34
De
finitio
n.S
oftw
areis
afin
ited
escrip
tionS
of
a(p
ossib
lyin
finite)
setJS
Ko
f(fin
iteo
rin
finite) co
mp
utatio
np
aths
of
the
form
σ0
α1
−−→σ1
α2
−−→σ2···
wh
ere
•σi∈Σ
,i∈N
0 ,iscalle
dstate
(or
con
figu
ration
),and
•αi∈A
,i∈N
0 ,iscalle
dactio
n(o
re
ven
t).
Th
e(p
ossib
lyp
artial)fun
ction
J·K
:S7→
JSK
iscalle
din
terp
retatio
no
fS
.
Exa
mp
le:S
oftw
are,
form
ally
– 10 – 2016-06-13 – Sswlsc –
15/
34
So
ftware
isa
finite
de
scriptio
nS
of
a(p
ossib
lyin
finite)se
tJS
Ko
f(fin
iteo
rin
finite)co
mp
utatio
np
aths
of
the
form
σ0
α1
−−→σ1
α2
−−→σ2···.σ
i :state/
con
figu
ration
;αi :actio
n/
eve
nt.
•Java
Pro
gram
s.
1:publicintf(intx,inty
){
2:
x=x
+y;
3:
y=x/2;
4:
returny;
5:}
Exa
mp
le:S
oftw
are,
form
ally
– 10 – 2016-06-13 – Sswlsc –
15/
34
So
ftware
isa
finite
de
scriptio
nS
of
a(p
ossib
lyin
finite)se
tJS
Ko
f(fin
iteo
rin
finite)co
mp
utatio
np
aths
of
the
form
σ0
α1
−−→σ1
α2
−−→σ2···.σ
i :state/
con
figu
ration
;αi :actio
n/
eve
nt.
•Java
Pro
gram
s.
•H
TM
L.1:<
html>
2:<
head>
3:<
title>SWT
2016</title>
4:<
/head>
5:<
body/>
6:<
/html>
Exa
mp
le:S
oftw
are,
form
ally
– 10 – 2016-06-13 – Sswlsc –
15/
34
So
ftware
isa
finite
de
scriptio
nS
of
a(p
ossib
lyin
finite)se
tJS
Ko
f(fin
iteo
rin
finite)co
mp
utatio
np
aths
of
the
form
σ0
α1
−−→σ1
α2
−−→σ2···.σ
i :state/
con
figu
ration
;αi :actio
n/
eve
nt.
•Java
Pro
gram
s.
•H
TM
L.
•U
ser’s
Man
ual.
•e
tc.etc.
Exa
mp
le:S
oftw
are
Sp
ecifica
tion
– 10 – 2016-06-13 – Sswlsc –
17/
34
http://commons.wikimedia.org (CC-by-sa 4.0, Dirk Ingo Franke)
Alp
hab
et:
•M
–d
ispe
nse
casho
nly,
•C
–re
turn
cardo
nly,
•MC
–d
ispe
nse
cashan
dre
turn
card.
•C
usto
me
r1:“d
on’t
care”
S1=
(
M.C
∣∣∣ C.M
∣∣∣
MC
)
ω
•C
usto
me
r2
:“you
cho
ose
,bu
tb
eco
nsiste
nt”
S2=
(M.C
)ω
or(C
.M)ω
•C
usto
me
r3
:“con
side
rh
um
ane
rrors”
S3=
(C.M
)ω
Mo
reE
xam
ples:
So
ftwa
reS
pecifi
catio
n,fo
rma
lly
– 10 – 2016-06-13 – Sswlsc –
18/
34
Aso
ftware
spe
cification
isa
finite
de
scriptio
nS
of
ase
tJS
Ko
fso
ftware
s{(S
1,J
·K1),...}
.
•D
ecisio
nT
able
s.
T:ro
om
ven
tilation
r1
r2
r3
bb
utto
np
resse
d?
××
−
off
ven
tilation
off?
×−
∗
on
ven
tilation
on
?−
×∗
go
startve
ntilatio
n×
−−
stop
stop
ven
tilation
−×
−
Mo
reE
xam
ples:
So
ftwa
reS
pecifi
catio
n,fo
rma
lly
– 10 – 2016-06-13 – Sswlsc –
18/
34
Aso
ftware
spe
cification
isa
finite
de
scriptio
nS
of
ase
tJS
Ko
fso
ftware
s{(S
1,J
·K1),...}
.
•D
ecisio
nT
able
s.
•L
SC
s.L
SC
:ge
tch
ange
AC
:true
AM
:in
variant
I:p
erm
issive
Use
rV
en
d.M
a.
C50
E1
pSOFT
SOFT
chg
-C50
LS
C:
on
lyo
ne
drin
kA
C:
trueA
M:
invarian
tI:
pe
rmissive
Use
rV
en
d.M
a.
E1
pSOFT
SOFT
SOFT
¬C50!∧¬E1!
false
Mo
reE
xam
ples:
So
ftwa
reS
pecifi
catio
n,fo
rma
lly
– 10 – 2016-06-13 – Sswlsc –
18/
34
Aso
ftware
spe
cification
isa
finite
de
scriptio
nS
of
ase
tJS
Ko
fso
ftware
s{(S
1,J
·K1),...}
.
•D
ecisio
nT
able
s.
•L
SC
s.
•G
lob
alInvarian
ts.
x≥
0
Mo
reE
xam
ples:
So
ftwa
reS
pecifi
catio
n,fo
rma
lly
– 10 – 2016-06-13 – Sswlsc –
18/
34
Aso
ftware
spe
cification
isa
finite
de
scriptio
nS
of
ase
tJS
Ko
fso
ftware
s{(S
1,J
·K1),...}
.
•D
ecisio
nT
able
s.
•L
SC
s.
•G
lob
alInvarian
ts.
•S
tateM
achin
es.
→late
r
Mo
reE
xam
ples:
So
ftwa
reS
pecifi
catio
n,fo
rma
lly
– 10 – 2016-06-13 – Sswlsc –
18/
34
Aso
ftware
spe
cification
isa
finite
de
scriptio
nS
of
ase
tJS
Ko
fso
ftware
s{(S
1,J
·K1),...}
.
•D
ecisio
nT
able
s.
•L
SC
s.
•G
lob
alInvarian
ts.
•S
tateM
achin
es.
•Java
Pro
gram
s.
1:publicintf(intx,inty
){
2:
x=x
+y;
3:
y=x/2;
4:
returny;
5:}
Mo
reE
xam
ples:
So
ftwa
reS
pecifi
catio
n,fo
rma
lly
– 10 – 2016-06-13 – Sswlsc –
18/
34
Aso
ftware
spe
cification
isa
finite
de
scriptio
nS
of
ase
tJS
Ko
fso
ftware
s{(S
1,J
·K1),...}
.
•D
ecisio
nT
able
s.
•L
SC
s.
•G
lob
alInvarian
ts.
•S
tateM
achin
es.
•Java
Pro
gram
s.
•U
ser’s
Man
ual.
•e
tc.etc.
Th
eR
equ
iremen
tsE
ng
ineerin
gP
rob
lemF
orm
ally
– 10 – 2016-06-13 – Sswlsc –
19/
34
(Σ×
A)ω
allcom
pu
tation
path
so
verΣ
andA
,aka.ch
aos
req
uire
me
nts,all
the
seco
mp
utatio
np
aths
areallo
we
d(m
ayb
ein
clud
ing
refin
em
en
ts)
on
eso
ftware
(=se
to
fco
mp
utatio
np
aths)w
hich
satisfies
the
req
uire
me
nts
on
eso
ftware
wh
ichd
oe
sn
ot
satisfyth
ere
qu
irem
en
ts
•R
eq
uire
me
nts
en
gin
ee
ring
:
De
scribe
/spe
cifyth
ese
to
fth
eallo
we
dso
ftware
sas
S.
No
te:w
hat
isn
ot
con
straine
dis
allow
ed
,usu
ally!
•S
oftw
ared
eve
lop
me
nt:
Cre
ateo
ne
softw
areS
wh
ose
com
pu
tation
path
sJS
Kare
allallow
ed
,i.e.JS
K∈
S.
•N
ote
:diffe
ren
tp
rogram
sin
diffe
ren
tp
rogram
min
glan
guage
sm
ayd
escrib
eth
esam
eJS
K.
•O
ften
allow
ed
:any
refin
em
en
to
f(→
ina
min
ute
;e.g.allo
win
term
ed
iatetran
sition
s).
So
ftwa
reS
pecifi
catio
nvs.
So
ftwa
re
– 10 – 2016-06-13 – Sswlsc –
20
/3
4
σ00
α01
−−→σ01
α02
−−→σ02···
S=
{(S
0,J
·K0 )}
σ10
α11
−−→σ11
α12
−−→σ12···
(S1,J
·K1 )}
σ20
α21
−−→σ21
α22
−−→σ22···
(S2,J
·K2 )}
I
M
S1
imp
lem
en
tsS
viaI
andM
I′
M′
S2
imp
lem
en
tsS
viaI
andM
LS
Cs
vs.S
oftw
are
– 10 – 2016-06-13 – main –
21/
34
LS
Cs
as
So
ftwa
reS
pecifi
catio
n
– 10 – 2016-06-13 – Stestplay –
22
/3
4
Aso
ftware
Sis
called
com
patib
lew
ithL
SC
Lo
verC
andE
isif
and
on
lyif
•Σ
=(C
→B),i.e
.the
states
arevalu
ation
so
fth
eco
nd
ition
sin
C,
•A
⊆E!?
,i.e.th
ee
ven
tsare
of
the
form
E!,E
?(vie
we
das
avalu
ation
ofE!,E
?).
Aco
mp
utatio
np
athπ=σ0
α1
−−→σ1
α2
−−→σ2···
∈JS
Ko
fso
ftware
Sin
du
ces
the
wo
rd
w(π
)=
(σ0∪α1),(σ
1∪α2),(σ
2∪α3),...,
we
useW
Sto
de
no
teth
ese
to
fw
ord
sin
du
ced
by
JSK.
We
sayso
ftware
Ssatisfie
sL
SC
L(w
itho
ut
pre
-chart),d
en
ote
db
yS|=
L,if
and
on
lyif
ΘL
am
=in
itialam
=in
variant
cold
∃w
∈W
S•w
0|=
ac∧¬ψexit (C
0)
∧w
0|=ψprog(∅,C
0)∧w/1∈
Lang(B
(L
))
∃w
∈W
S∃k∈
N0•w
k|=
ac∧¬ψexit (C
0)
∧w
k|=ψprog(∅,C
0)∧w/k+
1∈
Lang(B
(L
))
hot
∀w
∈W
S•w
0|=
ac∧¬ψexit (C
0)
=⇒
w0|=ψprog(∅,C
0)∧w/1∈
Lang(B
(L
))
∀w
∈W
S∀k∈
N0•w
k|=
ac∧¬ψexit (C
0)
=⇒
wk|=ψCond
hot
(∅,C
0)∧w/k+1∈
Lang(B
(L
))
So
ftware
Ssatisfie
sa
set
of
LS
CsL
1,...,L
nif
and
on
lyifS|=
Li
for
all1≤
i≤
n.
Ho
wto
Pro
veth
at
aS
oftw
are
Sa
tisfies
an
LS
C?
– 10 – 2016-06-13 – Stestplay –
23
/3
4
LS
C:
bu
yso
ftdrin
kA
C:
trueA
M:
invarian
tI:
pe
rmissive
Use
rV
en
d.M
a.
E1
pSOFT
SOFT
LS
C:
get
chan
geA
C:
trueA
M:
invarian
tI:
pe
rmissive
Use
rV
en
d.M
a.
C50
E1
pSOFT
SOFT
chg
-C50
•S
oftw
areS
satisfies
existe
ntialL
SC
Lif
the
ree
xistsπ∈
JSK
such
that
Lacce
ptsw(π
).Pro
veS|=
Lb
yd
em
on
stratingπ
.
•N
ote
:Existe
ntialL
SC
s∗
may
hin
tat
test-case
sfo
rth
eacce
ptan
cete
st!(∗
:asw
ellas
(po
sitive)scen
arios
inge
ne
ral,likeu
se-case
s)
req
uire
me
nts
fixed
req
uire
me
nts
fixed
accep
tance
accep
tance
system
spe
cified
system
spe
cified
system
de
livere
dsyste
md
elive
red
archite
cture
de
signe
darch
itectu
red
esign
ed
system
inte
grated
system
inte
grated
mo
du
les
de
signe
dm
od
ule
sd
esign
ed
system
realise
dsyste
mre
alised
verificatio
n&
validatio
n
Ho
wto
Pro
veth
at
aS
oftw
are
Sa
tisfies
an
LS
C?
– 10 – 2016-06-13 – Stestplay –
23
/3
4
LS
C:
bu
yso
ftdrin
kA
C:
trueA
M:
invarian
tI:
pe
rmissive
Use
rV
en
d.M
a.
E1
pSOFT
SOFT
LS
C:
get
chan
geA
C:
trueA
M:
invarian
tI:
pe
rmissive
Use
rV
en
d.M
a.
C50
E1
pSOFT
SOFT
chg
-C50
•S
oftw
areS
satisfies
existe
ntialL
SC
Lif
the
ree
xistsπ∈
JSK
such
that
Lacce
ptsw(π
).Pro
veS|=
Lb
yd
em
on
stratingπ
.
•N
ote
:Existe
ntialL
SC
s∗
may
hin
tat
test-case
sfo
rth
eacce
ptan
cete
st!(∗
:asw
ellas
(po
sitive)scen
arios
inge
ne
ral,likeu
se-case
s)
req
uire
me
nts
fixed
req
uire
me
nts
fixed
accep
tance
accep
tance
system
spe
cified
system
spe
cified
system
de
livere
dsyste
md
elive
red
archite
cture
de
signe
darch
itectu
red
esign
ed
system
inte
grated
system
inte
grated
mo
du
les
de
signe
dm
od
ule
sd
esign
ed
system
realise
dsyste
mre
alised
verificatio
n&
validatio
n
LS
C:
on
lyo
ne
drin
kA
C:
trueA
M:
invarian
tI:
pe
rmissive
Use
rV
en
d.M
a.
E1
pSOFT
SOFT
SOFT
¬C50!∧¬E1!
false
LS
C:
bu
yw
ater
AC
:true
AM
:in
variant
I:strict
Use
rC
oin
Valid
ator
Ch
oice
Pan
el
Disp
en
ser
C50
pWATER
¬(C
50!∨E1!∨pSOFT!
∨pTEA!∨pFIL
LUP!)
water
_in
_sto
ck
dWATER
OK
¬(dSoft!
∨dTEA!)
•U
nive
rsalLS
Cs
(and
ne
gative/an
ti-scen
arios!)
inge
ne
ralne
ed
ane
xhau
stivean
alysis!
(Be
cause
the
yre
qu
ireth
atth
eso
ftware
ne
ver
eve
re
xhib
itsth
eu
nw
ante
db
eh
aviou
r.)
Pro
veS
6|=L
by
de
mo
nstratin
go
neπ
such
thatw(π
)is
no
tacce
pte
db
yL
.
Pu
shin
gIt
Even
Fu
rther
– 10 – 2016-06-13 – Stestplay –
24
/3
4
(Hare
land
Mare
lly,2
00
3)
Tell
Th
emW
ha
tYo
u’ve
To
ldT
hem
...
– 10 – 2016-06-13 – Sttwytt –
25
/3
4
•L
iveS
eq
ue
nce
Ch
arts(if
we
ll-form
ed
)
•h
avean
abstract
syn
tax:instan
celin
es,m
essage
s,con
ditio
ns,
localin
variants;m
od
e:h
ot
or
cold
.
•Fro
man
abstract
syn
tax,me
chan
icallyco
nstru
ctits
TB
A.
•P
re-ch
artsallo
wu
sto
•sp
ecify
anti-sce
nario
s(“th
ism
ust
no
th
app
en”),
•co
ntrain
activation
.
•A
nL
SC
issatisfie
db
ya
softw
areS
ifan
do
nly
if
•e
xisten
tial(co
ld):
•th
ere
isa
wo
rdin
du
ced
by
aco
mp
utatio
np
atho
fS
•w
hich
isacce
pte
db
yth
eLS
C’s
pre
/m
ain-ch
artT
BA
.
•u
nive
rsal(ho
t):
•allw
ord
sin
du
ced
by
the
com
pu
tation
path
so
fS
•are
accep
ted
by
the
LSC
’sp
re/
main
-chart
TB
A.
•M
eth
od
:
•d
iscuss
(anti-)sce
nario
sw
ithcu
stom
er,
•ge
ne
ralisein
tou
nive
rsalLS
Cs
and
re-valid
ate.
Req
uirem
ents
En
gin
eering
Wra
p-U
p
– 10 – 2016-06-13 – main –
26
/3
4
To
pic
Area
Req
uirem
ents
En
gin
eering
:C
on
tent
– 10 – 2016-06-13 – Sblockcontent –
27
/3
4
•In
trod
uctio
n
•R
eq
uire
me
nts
Sp
ecificatio
n
•D
esire
dP
rop
ertie
s
•K
ind
so
fR
eq
uire
me
nts
•A
nalysis
Tech
niq
ue
s
•D
ocu
me
nts
•D
iction
ary,Sp
ecificatio
n
•S
pe
cification
Lan
gu
ages
•N
aturalL
angu
age
•D
ecisio
nTab
les
•S
yn
tax,Se
man
tics
•C
om
ple
ten
ess,C
on
sisten
cy,...
•S
cen
arios
•U
ser
Sto
ries,U
seC
ases
•Live
Se
qu
en
ceC
harts
•S
yn
tax,Se
man
tics
•D
efin
ition
:So
ftware
&S
WS
pe
cification
•W
rap-U
p
VL
6
...
VL
7
...
VL
8...
VL
9...
VL
10...
Exa
mp
le:S
oftw
are
Sp
ecifica
tion
– 10 – 2016-06-13 – Swrapup –
28
/3
4
http://commons.wikimedia.org (CC-by-sa 4.0, Dirk Ingo Franke)
Alp
hab
et:
•M
–d
ispe
nse
casho
nly,
•C
–re
turn
cardo
nly,
•MC
–d
ispe
nse
cashan
dre
turn
card.
•C
usto
me
r1:“d
on’t
care”
S1=
(
M.C
∣∣∣ C.M
∣∣∣
MC
)
ω
•C
usto
me
r2
:“you
cho
ose
,bu
tb
eco
nsiste
nt”
S2=
(M.C
)ω
or(C
.M)ω
•C
usto
me
r3
:“con
side
rh
um
ane
rrors”
S3=
(C.M
)ω
Tell
Th
emW
ha
tYo
u’ve
To
ldT
hem
...
– 10 – 2016-06-13 – Swrapup –
30
/3
4
•A
Re
qu
irem
en
tsS
pe
cification
sho
uld
be
•co
rrect,co
mp
lete
,rele
vant,co
nsiste
nt,
ne
utral,trace
able
,ob
jective
.
•R
eq
uire
me
nts
Re
pre
sen
tation
ssh
ou
ldb
e
•e
asilyu
nd
erstan
dab
le,p
recise
,e
asilym
aintain
able
,easily
usab
le.
•L
ang
uage
s/
No
tation
sfo
rR
eq
uire
me
nts
Re
pre
sen
tation
s:
•N
aturalL
angu
ageP
attern
s
•D
ecisio
nT
able
s
•U
ser
Sto
ries
•U
seC
ases
•Live
Se
qu
en
ceC
harts
•Fo
rmalre
pre
sen
tation
s
•can
be
very
pre
cise,o
bje
ctive,te
stable
,
•can
be
analy
sed
for,e
.g.,com
ple
ten
ess,co
nsiste
ncy
•can
be
verifie
dagain
sta
form
alde
signd
escrip
tion
.
(Form
al)inco
nsiste
ncy
of,e
.g.,ad
ecisio
ntab
le
hin
tsat
inco
nsiste
ncie
sin
the
req
uire
me
nts.
Req
uirem
ents
An
alysis
ina
Nu
tshell
– 10 – 2016-06-13 – Swrapup –
31/
34
•C
usto
me
rsm
ayn
ot
kno
ww
hat
the
yw
ant.
•T
hat’s
inge
ne
ralno
tth
eir
“fault”!
•C
arefo
rtacit
req
uire
me
nts.
•C
arefo
rn
on
-fun
ction
alreq
uire
me
nts
/co
nstrain
ts.
•Fo
rre
qu
irem
en
tse
licitation
,con
side
rstartin
gw
ith
•sce
nario
s(“p
ositive
use
case”)and
anti-sce
nario
s(“n
egative
use
case”)
and
elab
orate
corn
er
cases.
Th
us,u
secase
scan
be
very
use
ful—
use
cased
iagram
sn
ot
som
uch
.
•M
aintain
ad
iction
aryan
dh
igh-q
uality
de
scriptio
ns.
•C
arefo
ro
bje
ctiven
ess
/te
stability
early
on
.
Ask
for
each
req
uire
me
nts:w
hat
isth
eacce
ptan
cete
st?
•U
sefo
rmaln
otatio
ns
•to
fully
un
de
rstand
req
uire
me
nts
(pre
cision
),
•fo
rre
qu
irem
en
tsan
alysis
(com
ple
ten
ess,e
tc.),
•to
com
mu
nicate
with
you
rd
eve
lop
ers.
•If
ind
ou
bt,co
mp
lem
en
t(fo
rmal)d
iagram
sw
ithte
xt(as
safety
pre
cautio
n,e
.g.,inlaw
suits).
Litera
ture
Reco
mm
end
atio
n
– 10 – 2016-06-13 – Swrapup –
32
/3
4
(Ru
pp
and
die
SO
PH
ISTe
n,2
014
)
Referen
ces
– 10 – 2016-06-13 – main –
33
/3
4
Referen
ces
– 10 – 2016-06-13 – main –
34
/3
4
Hare
l,D.an
dM
arelly,R
.(20
03
).C
om
e,Let’sP
lay:S
cena
rio-B
ased
Pro
gram
min
gU
sing
LSC
sa
nd
the
Pla
y-En
gine.
Sp
ringe
r-Ve
rlag.
Lud
ew
ig,J.and
Lich
ter,H
.(20
13).
So
ftwa
reE
ngin
eering.
dp
un
kt.verlag,3
.ed
ition
.
Ru
pp
,C.an
dd
ieS
OP
HIS
Ten
(20
14).
Req
uiremen
ts-En
gineerin
gun
d-M
an
agem
ent.
Han
ser,6
the
ditio
n.