{"title":"Formal Descriptive Semantics of UML and Its Applications","authors":"Hong Zhu, L. Shan, Ian Bayley, Richard Amphlett","doi":"10.1002/9780470522622.CH5","DOIUrl":null,"url":null,"abstract":"ClassXX +TemplateMethod() +Others() ConcreteClassXX Figure 1.19 Example design instance in template method pattern The following theorem states that if we can prove [[M ]] → Spec′(P ) in FOPL for model M and pattern P , then every system that is an instance of M must conform to pattern P . The proof is omitted for the sake of space. Theorem 1.2 Suppose that Spec′(P ) is a correct translation of the formal specification Spec(P ) of pattern P . For all models M , if [[M ]] ⇒ Spec′(P ) is true in FOPL, then, for all systems s ∈ D, s |= M and M |= Spec(P ) imply s |= Spec′(P ). We have translated the specifications given in [5] for all 23 design pat- terns in the GoF book into LAMBDES format. They are stored in a pattern specification repository. The conjecture generator of the LAMBDES tool is implemented to enable the proof (or disproof) of the conformance of a UML design model to a pattern. We have also conducted an experiment with the LAMBDES tool on its ability to recognise patterns in design instances. The experiment results show that the false negative error rate (for rejecting a pat- tern it should accept) is 0% while the false positive error rate (for accepting a pattern it should reject) is below 22%. Details of the experiment are omitted here for the sake of space, and will be reported separately. 1.4.5 Logic analysis of design patterns It is worth noting that the specification of a design pattern may contain errors. The conditions to satisfy the pattern may be in conflict with the semantics of the modelling language, or they may be in conflict with each other. Such logic errors can be detected by using LAMBDES tool and SPASS theorem prover. 26 UML DESCRIPTIVE SEMANTICS AND APPLICATIONS In particular, let Spec(P ) be a specification of a pattern P . If AxmD ∪ Spec(P ) false, we can conclude that Spec(P ) contains such errors. In the development of the pattern specification repository, using LAMB- DES and SPASS, we have proved that for all specifications of design patterns P in the repository, AxmD ∪ Spec(P ) false. So, all the specifications in our repository are consistent with the axioms of descriptive semantics. Another application of LAMBDES and SPASS in the logic analysis of de- sign patterns is to prove relations between patterns, for example, to prove one pattern is a specialisation of another. In [4], it is argued that the relationship that a design pattern P is a specialisation of pattern Q can be written as Spec(P ) → Spec(Q). Such a relationship can be formally proved by using LAMBDES and SPASS to infer that AxmD ∪ Spec(P ) Spec(Q). In the context of descriptive semantics, we can now prove the following property of the pattern specialisation relation. Theorem 1.3 Let Dom be a subject domain that is consistent with FOPL. If AxmD ∪ Spec(P ) Spec(Q), then, for all systems x ∈ Dom, if x is an instance of P then x is also an instance of pattern Q, i.e. ∀x·(x |= Spec(P ) → x |= Spec(Q)).","PeriodicalId":430141,"journal":{"name":"UML 2 Semantics and Applications","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-10-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"UML 2 Semantics and Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1002/9780470522622.CH5","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 15
Abstract
ClassXX +TemplateMethod() +Others() ConcreteClassXX Figure 1.19 Example design instance in template method pattern The following theorem states that if we can prove [[M ]] → Spec′(P ) in FOPL for model M and pattern P , then every system that is an instance of M must conform to pattern P . The proof is omitted for the sake of space. Theorem 1.2 Suppose that Spec′(P ) is a correct translation of the formal specification Spec(P ) of pattern P . For all models M , if [[M ]] ⇒ Spec′(P ) is true in FOPL, then, for all systems s ∈ D, s |= M and M |= Spec(P ) imply s |= Spec′(P ). We have translated the specifications given in [5] for all 23 design pat- terns in the GoF book into LAMBDES format. They are stored in a pattern specification repository. The conjecture generator of the LAMBDES tool is implemented to enable the proof (or disproof) of the conformance of a UML design model to a pattern. We have also conducted an experiment with the LAMBDES tool on its ability to recognise patterns in design instances. The experiment results show that the false negative error rate (for rejecting a pat- tern it should accept) is 0% while the false positive error rate (for accepting a pattern it should reject) is below 22%. Details of the experiment are omitted here for the sake of space, and will be reported separately. 1.4.5 Logic analysis of design patterns It is worth noting that the specification of a design pattern may contain errors. The conditions to satisfy the pattern may be in conflict with the semantics of the modelling language, or they may be in conflict with each other. Such logic errors can be detected by using LAMBDES tool and SPASS theorem prover. 26 UML DESCRIPTIVE SEMANTICS AND APPLICATIONS In particular, let Spec(P ) be a specification of a pattern P . If AxmD ∪ Spec(P ) false, we can conclude that Spec(P ) contains such errors. In the development of the pattern specification repository, using LAMB- DES and SPASS, we have proved that for all specifications of design patterns P in the repository, AxmD ∪ Spec(P ) false. So, all the specifications in our repository are consistent with the axioms of descriptive semantics. Another application of LAMBDES and SPASS in the logic analysis of de- sign patterns is to prove relations between patterns, for example, to prove one pattern is a specialisation of another. In [4], it is argued that the relationship that a design pattern P is a specialisation of pattern Q can be written as Spec(P ) → Spec(Q). Such a relationship can be formally proved by using LAMBDES and SPASS to infer that AxmD ∪ Spec(P ) Spec(Q). In the context of descriptive semantics, we can now prove the following property of the pattern specialisation relation. Theorem 1.3 Let Dom be a subject domain that is consistent with FOPL. If AxmD ∪ Spec(P ) Spec(Q), then, for all systems x ∈ Dom, if x is an instance of P then x is also an instance of pattern Q, i.e. ∀x·(x |= Spec(P ) → x |= Spec(Q)).
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
