Allan M. Stavely

Behavior Modeling During Software Design

A modeling scheme is presented which provides a medium for the rigorous, formal, and abstract specification of large-scale software system components. The scheme allows the description of component behavior without revealing or requiring the description of a components internal operation. Both collections of sequential processes and the data objects which they share may be described. The scheme is of particular value during the early stages of software system design, when the systems modules are being delineated and their interactions designed, and when rigorous, well-defined specification of undesigned components allows formal and informal arguments concerning the designs correctness to be formulated.

Verifying definite iteration over data structures

Methods are presented for verifying loops which iterate over elements of data structures. This verification is done in the functional style developed by Mills and others, in which code is verified against the function that the code is intended to compute. The methods allow the verifier to concentrate on the essential computation performed on each element of the structure, and separate out such concerns as data-structure access and termination so that they do not need to be verified again for every loop in the program. The methods are applicable to a large class of data structures and iterations over them. >

High-quality software through semiformal specification and verification

Semi-formal specification and verification in the style of the cleanroom method, combined with testing, have proven to be exceptionally effective in reducing the number of defects in software, as well as being cost-effective in practice. A course based on these principles is described, and the results of class projects and projects by graduates of the course are presented. These results provide evidence that cleanroom techniques, as adapted for the course, are indeed effective, and that these techniques can be taught successfully, even to undergraduates.

Modeling and projection in software development

Modeling is a fundamental technique for coping with undesirable complexity in constructing and reasoning about software systems. The concept of modeling can be applied to software design and implementation in two ways: a design can be viewed as an abstract model of the system it represents, and designs and implementations may be represented by even more abstract, simplified models for purposes of analysis. A discussion of these concepts and their applications is presented, including a case study showing the use of modeling in the debugging of an actual software system and remarks on research in progress.

An empirical study of iteration in applications software

Abstract Several real-world applications programs were studied to determine what patterns of iteration over data structures they contained. It was found that over half of all loops in these programs were iterations over data structures which were implementations of sets or sequences, and were either unconditional iterations over every element in the structure or search loops. Although there was considerable variation, a large fraction of the loops fell into these categories for every application and every programmer studied. Implications for program design methods, programming education, and programming language design are discussed.

Inference from models of software systems

The inferences which can validly be drawn about a software system based on reasoning about a model of the system depend on the precise relationship between the system and the model. Formal properties of a variety of such modeling relationships are examined, particularly relationships in which, if a given computation is possible in the system, the corresponding computations (if any) are also possible in the model. Therefore, if a particular (perhaps undesirable) computation is not possible in the model, no corresponding computation is possible in the original system. Inferences like these can be used to show, for example, that a particular error is absent from the original system if it is not manifested in the model. It is shown that many modeling techniques that are intuitively rather natural and easy to describe are of this kind.

Models as executable designs

If a design is viewed as a model of the eventual implementation, and if it is expressed in a well-defined design notation, it can be made executable and treated as a prototype which reflects whatever internal details are expressed in the design. However, to turn this technique into a way of constructing a prototype whose externally-observable behavior is meaningful from the users point of view, methods must first be developed for the rapid prototyping of user interfaces.

Design feedback and its use in software design aid systems

It is argued that software system designers would benefit greatly from feedback about the consequences of a proposed design if this feedback could be obtained early in the development process. A taxonomy of possible types of feedback and other design aids is presented, and the capabilities of several existing design aid systems are described relative to this taxonomy.

Programming and mathematical thinking

OUR GUEST CONTRIBUTOR for this Math CountS column is Allan Stavely, who recently wrote Programming and Mathematical Thinking: A Gentle Introduction Featuring Python [2], which will be available in early 2014. In this column, Allan gives his motivation for writing this book, shares his insights on the role mathematics can play in the curricula, and provides some guidelines for achieving these goals.

Algorithms for analyzing concurrent software systems using derivatives

Abstract Brzozowskis technique of derivatives of regular expressions, when suitably extended, can be used to answer questions such as whether a given sequence of events can occur during the execution of a concurrent software system. We show how to use derivatives in analyzing concurrent systems in which processes communicate by message transmission, buffered or unbuffered. We present an algorithm which applies to systems in which all interprocess buffers have bounded capacity, and another, in which event expressions are combined with state vectors for increased generality and efficiency, which applies to systems with unbounded buffering. Implementations have been constructed, and experiments have shown that our techniques are computationally competitive with rival techniques based on state transitions.