Asee peer logo

Experiences With Alloy In Undergraduate Formal Methods

Download Paper |

Conference

2006 Annual Conference & Exposition

Location

Chicago, Illinois

Publication Date

June 18, 2006

Start Date

June 18, 2006

End Date

June 21, 2006

ISSN

2153-5965

Conference Session

Tools and Support for Software Education

Tagged Division

Software Engineering Constituent Committee

Page Count

7

Page Numbers

11.616.1 - 11.616.7

DOI

10.18260/1-2--1320

Permanent URL

https://peer.asee.org/1320

Download Count

576

Paper Authors

biography

Michael Lutz Rochester Institute of Technology

visit author page

Michael Lutz is Professor of Software Engineering at the Rochester Institute of Technology, where he led the effort resulting in the first baccalaureate software engineering program in the United States. His professional interests include software architecture and design, formal methods, and engineering education.

visit author page

Download Paper |

Abstract
NOTE: The first page of text has been automatically extracted and included below in lieu of an abstract

Experiences with Alloy in Undergraduate Formal Methods

Introduction

At the core of all engineering endeavors is the modeling of proposed system designs and the use of these models to determine system properties. While some models are physical, the vast majority use mathematics to both describe and analyze the consequences of design decisions. In the case of traditional engineering disciplines, most models are based on continuous mathematics, e.g., calculus and differential equations. The situation is quite different in software engineering, however, where the applicable models are more likely to be drawn from discrete mathematics, logic, and set theory. The term of art for such modeling approaches is formal methods.

One complaint about formal methods, voiced by both practitioners and students alike, is the lack of applicability to “real” problems. While some of these objections are undoubtedly based on an unwillingness to learn the relevant mathematics, this does not mean they can be dismissed out- of-hand. To be useful in practice, a modeling method must provide engineers with information that more than compensates for the cost of learning the technique and creating its models. Model checking is one formal method that has proven its value as a tool for describing and analyzing concurrency effects1,2. Alloy3,4,5, a modeling tool created by Daniel Jackson’s research group at MIT, provides similar value when modeling and analyzing the structural and behavioral consequences of software design decisions.

This paper reports on the value Alloy has brought to the undergraduate formal methods course within the software engineering program at RIT. The next section introduces Alloy by way of a well-known example problem, the birthday book6. This is followed by a section discussing the advantages Alloy for teaching undergraduates, especially as compared to traditional methods such as VDM7 and Z8. The final section discusses some areas where Alloy’s support for instruction needs improvement.

Birthday Book Example

Consider a system for maintaining a birthday book (that is, a book that lists birthdays for some set of persons); this example was originally presented in The Z Notation6. In Alloy, we would start by defining the necessary signatures: Named sets of indivisible, immutable, atomic objects and the relations that hold among these sets.

sig Person{} sig Date{} sig BirthdayBook { known : set Person, // those persons known in this book dates : Person -> Date // the birth day for each known person }

Here we have defined three signatures, Person, Date, and BirthdayBook, along with two relations, known and dates. The signature declarations implicitly state that the three underlying sets of atoms partition the universe of all atoms (that is, the three sets are pair-wise disjoint and

Lutz, M. (2006, June), Experiences With Alloy In Undergraduate Formal Methods Paper presented at 2006 Annual Conference & Exposition, Chicago, Illinois. 10.18260/1-2--1320

ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2006 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015