Analyzing specifications
It is easy to write specification that are inconsistent
- This means that you can prove a given theorem both true and false given the specification
- Alternatively, one can check a hypothesis against the specification and see if it holds (we saw this in Z)
Daniel Jackson and colleagues have developed a sequence of tools that check Z-like specifications for inconsistencies
You feed a spec to the tool and it says either
- Here’s a problem, and here’s a specific (counter)example of it, or
- I can’t find one (although there may be one)
Examples include paragraph style mechanisms, telephone switch structures, many more (generally relatively small)
- Pieces of the ideas appear in Jackson and Chapin. Redesigning Air-Traffic Control: A Case Study in Software Design. IEEE Software, May/June 2000