z -toolkit z specification language is based on formal system: –propositional and predicate...
TRANSCRIPT
Z -ToolkitZ -Toolkit
Z specification language is based on formal Z specification language is based on formal system:system:– Propositional and predicate calculusPropositional and predicate calculus– Set theorySet theory– Relations andRelations and– FunctionsFunctions
Thus Z offers a set of facilities to include (or Thus Z offers a set of facilities to include (or express) these concepts ---- we call the set of express) these concepts ---- we call the set of facilities the facilities the Z toolkitZ toolkit..
Numbers and Operations in ZNumbers and Operations in Z
Z - language has 3 built-in number typesZ - language has 3 built-in number types– N : natural numbers (e.g. 0,1,2, - - - -, )N : natural numbers (e.g. 0,1,2, - - - -, )
– NN11 : positive integers (e.g. 1,2,3, - - - , ) : positive integers (e.g. 1,2,3, - - - , )
– Int : integers (e.g. - - - , -2,-1,0,1,2, - - - , )Int : integers (e.g. - - - , -2,-1,0,1,2, - - - , )
Axiomatically expressed : (let IP represent power set)Axiomatically expressed : (let IP represent power set) for positive integersfor positive integers
NN11 : IP N ( : IP N (“type” declaration“type” declaration))
NN11 = N \ {0} ( = N \ {0} (relation definitionrelation definition))
for natural numbers for natural numbers
N : IP IntN : IP Int
N = Int \ { - - -, -4, -3 , -2, -1}N = Int \ { - - -, -4, -3 , -2, -1}
Rick ?
Numbers and Operations in ZNumbers and Operations in Z
Numerical operatorsNumerical operators– Defined as Defined as functionsfunctions may use “lambda” notation may use “lambda” notation– Binary Binary operators operators defined with underscores on either sidedefined with underscores on either side
e.g. e.g. _ op __ op _
– Addition operator, + , (example)Addition operator, + , (example)
_ + _ : N x N N should be included in the_ + _ : N x N N should be included in the signaturesignature part part of schemaof schema
m,n : N succm,n : N succnn m in the m in the predicatepredicate part of the part of the גג = _ + _ = _ + _schemaschemaOr Or m + n = succ m + n = succnn m in the m in the predicatepredicate part of schema part of schema
_ + _ : N x N N_ + _ : N x N N m + n = succm + n = succnn m (where succ is successor ) m (where succ is successor )
total function
Numbers and Operations in ZNumbers and Operations in Z
Let’s look at the great than or equal, =<, operator over N.Let’s look at the great than or equal, =<, operator over N.
_ =< _ : N <-> N _ =< _ : N <-> N (note : <-> is a relation)(note : <-> is a relation) _ =< _ = succ* _ =< _ = succ* (reflexive transitive closure of succ function(reflexive transitive closure of succ function))
succ* = succsucc* = succ00 U succ U succ1 1 U succU succ22 U ----- U ----- succsucc0 0 = id N = {(0,0), (1,1), - - - }= id N = {(0,0), (1,1), - - - } succsucc11 = { (0,1), (1,2), (2,3), - - - } = { (0,1), (1,2), (2,3), - - - } succsucc2 2 = { (0,2), (1,3), (2,4), - - - }= { (0,2), (1,3), (2,4), - - - } succsucc33 = { (0,3), (1,4), (2,5), - - - } = { (0,3), (1,4), (2,5), - - - } etc.etc.
So, succ* contains all the pairs that satisfy the =< relationSo, succ* contains all the pairs that satisfy the =< relationThe operator =< is thus defined in terms of a relation The operator =< is thus defined in terms of a relation
Look at 2 =< 5 as an example; now look at above predicate.Look at 2 =< 5 as an example; now look at above predicate. should _ =< _ be should _ =< _ be “equal to” “equal to” or is an or is an “element of”“element of” succ* ? succ* ?
Sets and Operators on Sets in ZSets and Operators on Sets in Z
A A Generic Definition Generic Definition is a definition that is a definition that applies to applies to sets of any typesets of any type. . – In schema representation:In schema representation:
use [ ]use [ ]
use double line , , on the topuse double line , , on the top
e.g. (union, difference, intersection )e.g. (union, difference, intersection )
[ T ][ T ]
_ U _ , _ \ _ , _ _ : IP T x IP T IP T_ U _ , _ \ _ , _ _ : IP T x IP T IP T
s1, s2 : IP T s1, s2 : IP T
s1 U s2 = { x : T I x s1 \/ x s2 }s1 U s2 = { x : T I x s1 \/ x s2 }
s1 \ s2 = { x : T I x s1 /\ x s2 }s1 \ s2 = { x : T I x s1 /\ x s2 }
s1 s2 = { x : T I x s1 /\ x s2 }s1 s2 = { x : T I x s1 /\ x s2 }
““Inventing” an OperatorInventing” an Operator
Modified Example 9.1 in text: S1 and S2 be two sets.Modified Example 9.1 in text: S1 and S2 be two sets.– Specify a Specify a SCARDSCARD operator that returns the cardinality of the operator that returns the cardinality of the
set S1\S2.set S1\S2.
[ T ][ T ]
_ SCARD _ : IP T x IP T N_ SCARD _ : IP T x IP T N
\/ S1, S2 : IP T S1 SCARD S2 = # (S1\S2) \/ S1, S2 : IP T S1 SCARD S2 = # (S1\S2)
More Sets and Operators on Sets in ZMore Sets and Operators on Sets in Z
Subsets and proper subsets may be defined similarly Subsets and proper subsets may be defined similarly as with unions and intersections, except subsets are as with unions and intersections, except subsets are defined as a “relation” between power sets, not a defined as a “relation” between power sets, not a function.function.
Generalized union and generalized intersectionGeneralized union and generalized intersection is is defined as follows:defined as follows:
[ S][ S]
U _ , _ : IP ( IP S) IP SU _ , _ : IP ( IP S) IP S
\/ A : IP S ( IP S )\/ A : IP S ( IP S )
U A = { x : S I a A x a }U A = { x : S I a A x a }
A = { x : S I a A x a }A = { x : S I a A x a }
So, for S = {1,2,3} , IP S = { { }, {1}, {2}, {3}, {1,2}, {1,3}, {2,3}, {1,2,3} }. And { {2,3} , {1,2,3} } = {2,3}
Relations in ZRelations in Z
A Relation in Z between two sets, S1 and S2, may be A Relation in Z between two sets, S1 and S2, may be expressed as S1 < > S2 in the signature part of expressed as S1 < > S2 in the signature part of the schema. So, a relation would be R1 : S1 < - > S2the schema. So, a relation would be R1 : S1 < - > S2
Consider the Consider the composition operator, ; composition operator, ; , defined , defined generically generically
[ T1, T2, T3 ][ T1, T2, T3 ]
_ ; _ : [(T1< >T2) x (T2< >T3)] (T1< >T3)_ ; _ : [(T1< >T2) x (T2< >T3)] (T1< >T3)
R1 ; R2 = { t1: T1, t3 : T3 I t2: T2 R1 ; R2 = { t1: T1, t3 : T3 I t2: T2
(t1, t2) R1 /\ (t2, t3) R2 }(t1, t2) R1 /\ (t2, t3) R2 }
R1 and R1 needs to be defined in Signature part?
Relations in ZRelations in Z
RestrictionsRestrictions on domain and range of relations in Zon domain and range of relations in Z
[ T!, T2 ][ T!, T2 ]
_ _ : [ IP T1 x (T1 < >T2)] (T1 < > T2)_ _ : [ IP T1 x (T1 < >T2)] (T1 < > T2)
_ _ : [(T1 < >T2 ) x IP T2] (T1 < > T2)_ _ : [(T1 < >T2 ) x IP T2] (T1 < > T2)
\/ S : IP T1 , R : T1< >T2 \/ S : IP T1 , R : T1< >T2
S R = { t1 : T1, t2 :T2 I t1 S /\ (t1,t2) R (t1,t2) }S R = { t1 : T1, t2 :T2 I t1 S /\ (t1,t2) R (t1,t2) }
\/ R : T1 < > T2 , S : IP T2\/ R : T1 < > T2 , S : IP T2
R S = { t1: T1 , t2 : T2 I (t1,t2) R /\ t2 S (t1,t2) }R S = { t1: T1 , t2 : T2 I (t1,t2) R /\ t2 S (t1,t2) }
Relations in ZRelations in Z
The The “image” operator “image” operator , where the image of a , where the image of a Relation restricted to the set S as the Relation restricted to the set S as the domain.domain.
[ T1, T2 ][ T1, T2 ]
_ ( _ ) : ( T1 < > T2) x IP T1 IP T2_ ( _ ) : ( T1 < > T2) x IP T1 IP T2
\/ R : T1 < > T2 , S : IP T1\/ R : T1 < > T2 , S : IP T1
R ( S ) = { t1: T1 , t2 : T2 I t1 S /\ (t1,t2) R t2}R ( S ) = { t1: T1 , t2 : T2 I t1 S /\ (t1,t2) R t2}
Functions in ZFunctions in Z
Since functions are just special relations, all the Since functions are just special relations, all the previous operators for sets and relations can be previous operators for sets and relations can be usedusedExample with the Example with the “override” operator, “override” operator,
– Recall that given two relations R and S each, over T1 x T2,Recall that given two relations R and S each, over T1 x T2, R S = (dom S R) U S = [ (T1 \ dom S) R] U SR S = (dom S R) U S = [ (T1 \ dom S) R] U S
[ T1, T2 ][ T1, T2 ]
_ _ : (T1 T2) x ( T1 T2) (T1 T2)_ _ : (T1 T2) x ( T1 T2) (T1 T2)
\/ f, g : (T1 T2) \/ f, g : (T1 T2) f g = { {dom g} f } U g }f g = { {dom g} f } U g }
Sequences in ZSequences in Z
There are 3 types of sequences in ZThere are 3 types of sequences in Z– a) a a) a finite sequence finite sequence ( note: most practical systems are finite)( note: most practical systems are finite)
seq T = { f : Nseq T = { f : N11 T I dom f = 1, - - - -, #f } , where #f is the T I dom f = 1, - - - -, #f } , where #f is the
cardinality of sequence f. cardinality of sequence f.
– b) b) non-empty finite sequencenon-empty finite sequence non-e-seq T = { f : seq T I #f >0 }non-e-seq T = { f : seq T I #f >0 }
– c) c) injective sequence injective sequence (sequence with no repetition)(sequence with no repetition) inj_seq T = { f: Ninj_seq T = { f: N1 1 T I dom f = 1, - - - , #f } T I dom f = 1, - - - , #f }
= seq T (N= seq T (N11 T) T)
– Example :Example : file_Qfile_Q
inQ, OutQ : seq FilesinQ, OutQ : seq Files
# inQ = #OutQ# inQ = #OutQ
Concatenaton of sequences in ZConcatenaton of sequences in Z
Two sequences may be concatenatec or a Two sequences may be concatenatec or a sequence and a single element may be sequence and a single element may be concatenated.concatenated.
example”:example”: [ T ][ T ]
_ Con _ : seq T x seq T seq T_ Con _ : seq T x seq T seq T
\/ s1, s2 : seq T \/ s1, s2 : seq T
s1 Con s2 = s1 U { i : dom s2 ( i + #s1, s2s1 Con s2 = s1 U { i : dom s2 ( i + #s1, s2 ii) }) }
S2 i represents theith elements of seq, s2.