# Modelling relationships

Document Sample

```					  Modelling relationships

Peter Gorm Larsen

TIVDM1                 Modelling relationships   1
Agenda

 Mapping Characteristics and Primitives
• The MSAW Example Revisited
• The Congestion Warning System Revisited

TIVDM1                     Modelling relationships   2
Mapping Characteristics

• Mappings are unordered collections of pairs of
elements (a maplet) with a unique relationship
• There can be many copies of each maplet
• The elements themselves can be arbitrary
complex, e.g. they can be mappings as well
• Mappings in VDM++ are finite
• Mapping types in VDM++ are written as:
• map Type1 to Type2
• inmap Type1 to Type2 (for injective mappings)

TIVDM1                     Modelling relationships           3
Mapping Enumeration

• A maplet is written with curly brackets: “{ domv |-> rngv}”
• A mapping enumeration consists of a comma-separated
list of maplets enclosed between curly brackets, ”{…}”
• For example
•   {1 |-> 5,8 |->1,3|-> 9}
•   {true|->1, false|->0,false|->0}
•   {“Peter”|->{}, “Frodo”|->{4,3},”John”|->{2,4}}
•   {‘g’|->1,’o’|->0,’d’|->1}
•   {3.567|->3, 0.33455|->0,7|->7,7|->,7|->7,7|->7}
Are all mappings
• The empty mapping can be written as “{ |-> }”

TIVDM1                             Modelling relationships     4
Mapping Domain
• The domain of a mapping is the collection of
the first elements in the maplets of a mapping
• Multiple occurrences of the same value does
not count
• The domain of a mapping M is written as “
dom M”
• Quick examples:
• dom {“Peter”|->1,”Nico”|->2,”Paul”|->3}
• dom { |-> }
• dom {3|->2,3|->2,1|->8}

TIVDM1                       Modelling relationships   5
Mapping Range
• The range of a mapping is the collection of the
second elements in the maplets of a mapping
• Multiple occurrences of the same value does
not count
• The range of a mapping M is written as “rng M”
• Quick examples:
• rng {“Peter”|->1,”Nico”|->2,”Paul”|->3}
• rng { |-> }
• rng {3|->2,3|->2,1|->8}

TIVDM1                       Modelling relationships   6
Mapping Equality

• Two mappings are equal if
• both have the same domain and
• for all elements in the domain the
corresponding range values are equal
• Quick examples:
•   {2|->4,1|->2} = {1|->2,2|->4}
•   {true|->1, true|->1, false|->0} = {false|->1, true|->1}
•   {1|->3,3|->8,8|->1} = {8|->3,3|->1,1|->8}
•   {1|->{3,4,5},2|->{4}} = {3|->{3,5,4},2|->{4,4,4}}

TIVDM1                         Modelling relationships               7
Mapping Application

• Looking up in a mapping for a given domain
value yields the corresponding range value
• Mapping application is written as function
application, i.e. mapping(domain expression)
• Quick examples:
•   {1|->2,3|->4,5|->6}(3)
•   {true|->1,false|->2,}(true)
•   {[5]|->1,[6,1]|->2,[4,4,4]|->3}([6,1])
•   {5|->[5],6|->[6,1],4|->[4,4,4]}(6)

TIVDM1                          Modelling relationships   8
Mapping Domain Restrictions

• It is possible to restrict the domain of a mapping
to or by a given set of elements
• Domain restrictions are written as:
• s <: m (restricting domain to the set s)
• s <-: m (restricting domain by the set s)
• Quick examples:
•   {1,2,2} <: {1 |->5,4|->2}
•   {3,4} <: {1|->7,2|->4}
•   {1,3} <-: {3|->8,5|->1}
•   {2,4} <-: {8|->4,3|->6}
TIVDM1                           Modelling relationships   9
Mapping Range Restrictions

• It is possible to restrict the range of a mapping to
or by a given set of elements
• Range restrictions are written as:
• m :> s (restricting range to the set s)
• m :-> s (restricting range by the set s)
• Quick examples:
•   {1 |->5,4|->2} :> {1,2,2}
•   {1|->7,2|->4} :> {3,4}
•   {3|->8,5|->1} :-> {1,3}
•   {8|->4,3|->6} :-> {6,4}
TIVDM1                           Modelling relationships   10
Mapping Override and Merge
• It is possible to combine two mappings by either merging
them together (similar to set union) or by letting one
mapping override another mapping
• Merging is written with munion using infix notation
• munion requires mappings to be conformant, i.e. if
domains have common elements they map to the same
range value
• Overriding is written with ++ using infix notation and the
mapping from the second argument overrides the maplets
from the first argument
• Quick examples:
•   {1|->2,3|->4} munion {2|->3,4|->1}
•   {5|->7,8|->0} munion {6|->3,5|->7}
•   {1|->2,3|->4,2|->8} ++ {2|->3,4|->1}
•   {5|->7,8|->0,6|->9} ++ {6|->3,5|->9}
TIVDM1                              Modelling relationships   11
Distributed Mapping Merge
• Given a set of mappings it is possible to take a
distributed merge if all the mappings are
conformant
• Distributed mapping merge is written as “merge
ms” where ms is a set of mappings
• Quick examples
• merge {{2|->4},{3|->4,1|->2},{2|->4,7|->3}}
• merge {{5|->”me”,7|->”too”},{6|->”what”,8|->”now”}}
• merge {}

TIVDM1                       Modelling relationships             12
Mapping Inverse
• A mapping is injective if all its domain elements
map to different range elements
• For injective mappings it is possible to construct
the inverse mapping (swapping domain and
range elements)
• This is written as “inverse m” using prefix
notation
• Quick examples:
•   inverse {1|->2,3|->4,2|->3,4|->1}
•   inverse {5|->7,8|->0,6|->3,5|->7}
•   inverse {1|->2,3|->4,2|->8,6|->3,4|->1}
•   inverse {|->}
TIVDM1                          Modelling relationships   13
Map Operators

dom m        Domain         (map A to B) -> set of A
rng m        Range          (map A to B) -> set of B
m1 munion m2 Merge          (map A to B) * (map A to B) ->
(map A to B)
m1 ++ m2     Override       (map A to B) * (map A to B) ->
(map A to B)
merge ms     Distr. merge   set of (map A to B) -> map A to B
s <: m       Dom. restr. to set of A * (map A to B) -> map A to   B
s <-: m      Dom. restr. by set of A * (map A to B) -> map A to   B
m :> s       Rng. restr. to (map A to B) * set of A -> map A to   B
m :-> s      Rng. restr. by (map A to B) * set of A -> map A to   B
m(d)         Map apply      (map A to B) * A -> B
inverse m    Map inverse inmap A to B -> inmap B to A
m1 = m2      Equality       (map A to B) * (map A to B) -> bool
m1 <> m2     Inequality     (map A to B) * (map A to B) -> bool

TIVDM1                    Modelling relationships               14
Mapping Comprehensions

• Using predicates to define mappings implicitly
• In VDM++ formulated like:
• {maplet | list of bindings & predicate}
• The predicate part is optional
• Quick examples
• {i |-> i*i | i: nat1 & i <= 4}
• {i**2 |-> i/2 | i in set {1,…,5}}

TIVDM1                         Modelling relationships   15
Questions

• What are the mapping enumerations for:
•   {x |-> x|x in set {8,…,1} & x < 3}
•   {x |-> 2*x|x in set {1,…,10} & x > 3 and x < 6}
•   {{y} |-> y - 8| y in set {3,1,7,3}}
•   {x |-> x+6| x in set {1,2}}
•   {x|->mk_(x,8)| x in set {1,2,7} & x > 4}
•   {y|->y|y in set {0,1,2} & exists x in set {0,…,3} & x = 2 * y}
•   {x|->x = 7| x in set {1,…,10} & x < 6}

TIVDM1                           Modelling relationships              16
Agenda

 Mapping Characteristics and Primitives
 The MSAW Example Revisited
• The Congestion Warning System Revisited

TIVDM1                     Modelling relationships   17
Making use of FO Identification
• In the set version of the MSAW model we had:
class AirSpace is subclass of GLOBAL

instance variables

airspace : set of FO := {};
inv forall x,y in set airspace &
x <> y => x.getId() <> y.getId();
• If we use mappings this can be done simpler
class AirSpace is subclass of GLOBAL

instance variables

airspace : map FOId to FO := {|->};

TIVDM1                   Modelling relationships   18
An Updated Class Diagram

TIVDM1               Modelling relationships   19
class AirSpace is subclass of GLOBAL

operations

public addFO : FO ==> ()
airspace := airspace munion {fo.getId() |-> fo}
pre forall x in set rng airspace & fo.getId() <> x.getId();

public removeFO : FOId ==> ()
removeFO(id) ==
airspace := {id} <-: airspace;
…

TIVDM1                    Modelling relationships         20
Getting Hold of a FO and Airspace
class AirSpace
…
public getFO : FOId ==> FO
getFO(id) ==
return airspace(id)
pre id in set dom airspace;

public getAirspace : () ==> set of FO
getAirspace() ==
return rng airspace;

TIVDM1                  Modelling relationships   21
class Radar is subclass of GLOBAL

instance variables

location   :   Coordinates;
range      :   nat1;
detected   :   map FOId to FO;
priority   :   seq of FO := [];
operations

public Scan : AirSpace ==> ()
Scan(as) ==
(detected := { x.getId() |-> x
| x in set as.getAirspace()
& InRange(x) };
UpdatePriorityList()
);
TIVDM1                      Modelling relationships   22
removeNotDetected : set of FO ==> ()
removeNotDetected(fos) ==
priority := [priority(i) | i in set inds priority
& priority(i) in set fos];

addNewlyDetected : map FOId to FO ==> ()
priority := priority ^ set2seqFO(rng newlyDetect);

functions
set2seqFO : set of FO -> seq of FO
set2seqFO(fos) ==
if fos = {}
then []
else let fo in set fos
in
[fo] ^ set2seqFO(fos\{fo})
TIVDM1                    Modelling relationships            23
Updating Priority List

UpdatePriorityList : () ==> ()
UpdatePriorityList() ==
let notDetect = elems priority \ rng detected,
newlyDet = detected :-> elems priority
in
( removeNotDetected(notDetect);
);

TIVDM1                     Modelling relationships          24
Overview in Air Traffic Controller
…
public getDetectedMap : () ==> map FOId to FO
getDetectedMap() ==
return detected;
class AirTrafficeController

operations

OverviewAllRadars: () ==> map FOId to FO
merge {r.getDetectedMap() | r in set radars}

end AirTrafficeController

TIVDM1                       Modelling relationships      25
Agenda

 Mapping Characteristics and Primitives
 The MSAW Example Revisited
 The Congestion Warning System Revisited

TIVDM1                     Modelling relationships   26
The CWS Revisited

•      Introducing a more realistic road network
•      Introducing the notion of lanes
•      Introducing name servers

TIVDM1                    Modelling relationships    27
The Revised CWS System

TIVDM1              Modelling relationships   28
Two Injective Mappings at
VDM++ Level

class CWS

instance variables
roadNetwork: inmap Location to CongestionMonitor := {|->}

sensors: inmap Location to (inmap Lane to PassageSensor)
:= {|->};

types
public Location = nat1;
public Lane = nat1

…
end CWS

TIVDM1                    Modelling relationships          29
Class Diagram for Revised CWS

TIVDM1                Modelling relationships   30
class CWS
…
operations
public AddSensor: Location * Lane ==> ()
def passageSensor = new PassageSensor(loc, lane)
in
let sensorAtLane = {lane |-> passageSensor}
in
if loc in set dom sensors
then sensors(loc) := sensors(loc) munion
sensorAtLane
else sensors := sensors munion
{loc |-> sensorAtLane};
end CWS
TIVDM1                  Modelling relationships     31
Dealing with Name Servers

• Control over the actuation managers
• Each control manager control multiple locations

class NameServer
instance variables
am: map ActuatorManager to
(set of CWS`Location) := {|->}
…
end NameServer

TIVDM1                       Modelling relationships         32
Setting Actuation Managers
in control
class NameServer
operations

public SetActuatorManager: ActuatorManager *
set of CWS`Location ==> ()
SetActuatorManager(actuatorManager, locations) ==
am := am ++ {actuatorManager |-> locations};

end NameServer

TIVDM1                   Modelling relationships          33
Getting an Actuation Manager

class NameServer
operations
public GetActuatorManager: [CWS`Location] ==>
[ActuatorManager]
GetActuatorManager(loc) ==
if loc = nil
then return nil
else let locations = inverse am
in
let locationSet in set dom locations be st
loc in set locationSet
in
return locations (locationSet);
end NameServer

TIVDM1                    Modelling relationships         34
Message Logs inside Congestion Sensors

class CongestionSensor is subclass of Sensor
…

instance variables

passageSensors: map CWS`Lane to PassageSensor := {|->}

end CongestionSensor
Notice that the
first box on
page 180 in
the book is
wrong. This is
the right
version.
TIVDM1                  Modelling relationships                     35
Issue Congestion Warnings
class CongestionSensor is subclass of Sensor
public IssueCongestionStatus:
() ==> CongestionSensor`CongestionStatus
IssueCongestionStatus() ==
def averagespeed = min ({passageSensors(lane).
AverageSpeed(NoPassages)
| lane in set
dom passageSensors})
in
if averagespeed < CongestionThreshold
then return <Congestion>
elseif averagespeed > NoCongestionThreshold
then return <NoCongestion>
else return <Doubt>

end CongestionSensor

TIVDM1                  Modelling relationships           36
Managing Actuators
class ActuationManager
…
instance variables
as: inmap CWS`Location to Actuator := {|->};
ns: NameServer

end ActuationManager

TIVDM1                   Modelling relationships   37
given Location
class ActuationManager
…
operations

def actuator = new Actuator()
in
(as := merge {as, {loc |-> actuator}};
ns.SetLocation(self, loc)
)
pre loc not in set dom as;

end ActuationManager

TIVDM1                     Modelling relationships   38
Removing Actuators
class ActuationManager
…
operations

public RemoveActuator: Actuator ==> ()
RemoveActuator(actuator) ==
as := as :-> {actuator};

end ActuationManager

TIVDM1                   Modelling relationships   39
Replacing Actuators
class ActuationManager
…
operations

public
ReplaceActuator: Actuator * Actuator ==> ()
ReplaceActuator(actuator, newActuator) ==
as := as ++ {(inverse as)(actuator) |-> newActuator};

end ActuationManager

TIVDM1                     Modelling relationships          40
Showing Signal at a given
Location
class OperatorControl
…
public ShowSignal: CWS`Location * CongestionMonitor`Signal ==> ()
ShowSignal(location, signal) ==
( def downstreamLocation = Downstream(location, ns.GetLocations());
downstreamManager = ns.GetActuatorManager(downstreamLocation);
downstreamSignal = if downstreamManager <> nil
then downstreamManager.GetSignal(downstreamLocation)
else nil;
actuator = as(location);
upstreamLocation = Upstream(location, ns.GetLocations());
upstreamManager = ns.GetActuatorManager(upstreamLocation);
upstreamSignal = if upstreamManager <> nil
then upstreamManager.GetSignal(upstreamLocation)
else nil
in
( ShowSignalAtLoc(signal,downstreamLocation, downstreamSignal,actuator);
ShowSignalUpstream(signal,upstreamLocation,upstreamManager,upstreamSignal)
)
)
pre location in set dom as;
end OperatorControl

TIVDM1                         Modelling relationships                    41
Operator Utilities
class OperatorControl
…
operations

public WriteLog: seq1 of char * CWS`Location ==> ()
WriteLog(message, location) ==
let newMessage = message ^ int2String(location),
messages = if location in set dom messageLog
then messageLog(location) ^
[ newMessage ]
else [ newMessage ]
in
messageLog := messageLog ++ {location |-> messages};

public CongestionSpots: () ==> set of CWS`Location
CongestionSpots() ==
return dom messageLog;

end OperatorControl

TIVDM1                     Modelling relationships           42
Summary

• What have I presented today?
• The notion of mappings as ordered collections
• The basic operations in VDM++ for manipulating
mappings
• The MSAW example again
• The congestion warning system example again
• What do you need to do now?
•   Provide report and source model to me
•   Fill out evaluation form
•   Tell me whether you would like an exam trial session

TIVDM1                          Modelling relationships                43
Quote of the day
Engineering is a great profession. There is the satisfaction
of watching a figment of the imagination emerge through
the aid of science to a plan on paper. Then it moves to
realization in stone or metal or energy. Then it brings
homes to men or women. Then it elevates the standard
of living and adds to the comforts of life. This is the
engineer's high privilege.

By Herbert Hoover
(1874 - 1964)

TIVDM1                    Modelling relationships                   44

```
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
 views: 4 posted: 7/23/2012 language: pages: 44