Part 1. Consider the following specification for a simple Invoicing Orders Syste
ID: 3813413 • Letter: P
Question
Part 1. Consider the following specification for a simple Invoicing Orders System: OnderlD is a set of order identifiers. Identifiers are unique. The status ordersrate of an order may be "pending" or alternatively) invoiced Product is the set of products which can potentially be held in stock Srock schema contains the quantities of each of the products in stock stock bag Product Here we define order as a bag of products and assume that the customer decides to allow orders of one or more products for extra flexibility, but not empty orders (ie. an order for no products) Onier (onder bag Product I order 2) The status of orders can be modelled as a function from an identifying orderld to their state pending or invoiced). State components orderStatus and orders are packaged into an orderlnvoices schema with appropriate type information: orders Onderld onderstatus Onderid Onderstate dom onderstatus dom anders Abstract state space State includes the Stock and orderinwoices together with a further state component newids. It is defines as follows: newids POnderld dom anders nnewids We define a set of possible reports from operations Report rder no pending nor enough stock lno more ids Constraints that apply for all operations on the system c If any new identifiers from the set newids are used for orders (and hence their status) these are no longer available for use by any subsequent operation. Thus they are removed from the set of new identifiers. o The above constraint is specified using AStart schema convention as shown ids dom orders'Explanation / Answer
Z is a formal specification language for computer systems which is based on set theory and predicate logic.
There are several textbooks on Z in the library, in particular:
• The Mathematics of Software Construction. A. Norcliffe & G. Slater. Ellis Horwood, 1991.
• Z User Manual. M.A. McMorran & J.E. Nicholls. IBM Technical Report, 1989.
• The Z Notation - A Reference Manual. J.M. Spivey. Prentice–Hall, 1989.
• An Introduction to Formal Specification and Z. B. Potter, J. Sinclair & D. Till. Prentice–Hall, 1996.
The basic until of specification in Z is a schema. A Z schema consists of a name, a declaration of variables,
and a predicate:
SchemaName
x : X
Predicate
Here, variable x is declared to be of type X (see section 2.2). Note that the declaration part may declare
more than one variable. The predicate part is a predicate (see section 2.3) whose free variables are those of
the declaration plus any constants.
A system specification in Z consists of some state variables, an initialisation, and a set of operations on
the state variables. The state variables will also have some invariants associated with them representing
“healthiness conditions” which must always be satisfied. Usually all of these are specified using schemas.
For example, the state variables of a counter system may be specified using the following schema:
Counter
ctr : N
0 ctr max
Here, ctr is declared to be a natural number and the predicate part describes an invariant that must be
satisfied by ctr, the state variable of the system.
An initialisation may be specified as follows:
1
InitCounter
Counter
ctr = 0
An operation is specified in Z with a predicate relating the state before and after the invocation of that
operation. For example, an operation to increment the counter may be specified as follows:
Increment
Counter
ctr < max
ctr0 = ctr + 1
The declaration Counter means that the state Counter is changed by the operation. In the predicate, the
new value of a variable is primed (ctr0
), while the old value is unprimed. So the above predicate states
that the new value of the counter, ctr0
, is the old value plus one. Note that there is an implicit conjunction
(logical-and) between successive lines of the predicate part of a schema.