CSE 331: Software Design & Implementation

CSE 331: Topics

The course is organized into 10 topics. We plan to cover one topic per week.

1. Specifications & Testing

Even when we are asking AI to write code for us, since AI cannot read our minds, it is important to be able to write a clear specification, stating in precise terms what that code needs to do. In this topic, we will look at how specifications for methods are written in Java and in formal mathematics.

We will also discuss how to get some confidence (though not complete confidence) that the specification is correct by checking it on a well-designed set of test cases.

  • Required reading:
  • Lecture slides
    • Syllabus Overview slides
    • Summary of our notation for lists and some common functions
    • Summary of testing requirements
  • Section slides and worksheet solution
  • Homework 1 worksheet (only tasks 1, 2, and 3 are required). You should wait until after class on Friday January 9 before attempting task 2, because we will cover lists in class.

2. Reasoning About Functional Code

Next, we turn to implementing the specifications we saw in Topic 1. The most important property of any implementation is correctness. While testing is helpful for ensuring correctness, the only way to guarantee the code is correct is to prove it.

In this topic, will see how to reason formally and prove the correctness of code that does not involve any mutation. Code with mutation is harder to reason about and will be examined in future topics.

3. Specifications of Immutable ADTs

In this topic, we will look at how to create abstractions that hide the details of data structures rather than code, in the form of an abstract data type (ADT). We will see how to write a precise specification both for the client-facing operations of the ADT and the implementer-facing choice of data structures.

  • Lecture slides
  • Section slides and worksheet solution
  • Homework 3 worksheet (only tasks 1 - 4 are required). Change log:
    • A note about ADT specs was added to clarify Task 2.
    • Else branch was removed in Task 3c to prevent skipping over an element.

4. Reasoning with Variable Mutation

In this topic, we continue our study of reasoning, now moving to slightly more complex (and more common) types of code. Previously we considered code without mutation, in which complex calculations are performed via recursion. Here, we will look at code that mutates local variables. In particular, this allows us to write loops instead of recursion. However, it also makes reasoning more complicated, necessitating new reasoning tools.

  • Lecture slides
  • Section slides and worksheet solution
  • Homework 4 worksheet (only tasks 1 - 4 are required). Change log:
    • Task 4 post conditions were fixed. They now relate to the orignal lists L_0.

5. Specifications of Mutable ADTs

In this topic, we revisit ADTs but now consider methods that mutate their arguments or their own state. This requires changes to how ADT specifications are written. More importantly, it introduces the potential for interdependencies between classes that make them more difficult to change and understand and can lead to very painful bugs. We will discuss some best practices for avoiding those problems.

  • Lecture slides
  • Section slides and worksheet solution
  • Homework 5 worksheet (tasks 1 - 5 are required). Change Log:
    • Task 2b fun1 and fun2 type parameters were fixed to PList instead of List.

6. Reasoning About ADTs

In this topic, we will see how we can put together specifications of ADTs with our correctness tools for functions in order to check the correctness of each method in an ADT implementation (assuming that we do not allow any representation exposure!).