1 / 25

Design by Contract

Design by Contract. Where Agile Meets Formal Methods. What is Design by Contract?. Motivation History Concept Integrate with Agile Example Reviews Current State. What is Design by Contract?. Motivation History Concept Integrate with Agile Example Reviews Current State.

hinto
Download Presentation

Design by Contract

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Design by Contract Where Agile Meets Formal Methods

  2. What is Design by Contract? • Motivation • History • Concept • Integrate with Agile • Example • Reviews • Current State

  3. What is Design by Contract? • Motivation • History • Concept • Integrate with Agile • Example • Reviews • Current State

  4. Motivation • Improve software quality and reliability • Second NASA Formal Methods Symposium (April 13 – 15, 2010) • Verification and Validation of Flight-Critical Systems • An Overview of Formal Methods at Intel • Decision Engine for Software Analysis at Microsoft.

  5. Motivation • What are Formal Methods? “mathematically rigorous techniques and tools for developing specification, design and verification of software and hardware systems” -- Wikipedia

  6. Motivation • Agile: Are we building the right product? • making sure clients get what they want • won’t waste resources unnecessarily • Formal: Are we building the product right? • making sure code does exactly as specified • separate process to determine right product

  7. Motivation • Is there a common ground? • Alloy (MIT) • Object Constraint Language (IBM) • Design by Contract (Effiel)

  8. Motivation • Why should the Agile community care? • Tests often insufficient to safeguard changes • Documentations are poorly-written or outdated • Collective code ownership  misinterpretation • Why should the FM community care? • Overemphasized full formalization of design • Few people understand formal notations

  9. What is Design by Contract? • Motivation • History • Concept • Integrate with Agile • Example • Reviews • Current State

  10. Design by Contract – History • Bertrand Meyer developed DbC in 1986 “The quality factors on which we have concentrated — reusability, extendibility, compatibility — must not be attained at the expense of reliability (correctness and robustness).” -- Bertrand Meyer, Object Oriented Software Construction • Correctness Assertions • Robustness  Exception Handling

  11. What is Design by Contract? • Motivation • History • Concept • Integrate with Agile • Example • Reviews • Current State

  12. Design by Contract – Concept Example: a contract between an airline and a customer

  13. Design by Contract – Concept • Precondition: • an obligationfor the client and a benefitfor the supplier • Postcondition: • a benefit for the client and an obligation for the supplier

  14. Class Invariant: global property of the instances of a class, which must be preserved by all routines Design by Contract – Concept Example: a contract between an airline and a customer

  15. Design by Contract – Concept Example: a contract between an airline and a customer

  16. Design by Contract – Concept • Subcontract: • Precondition can be weaken • Postcondition can be strengthen

  17. Design by Contract – Concept Example: a contract between an airline and a customer • Exception: • a run-time event that may cause a routine call to fail

  18. What is Design by Contract? • Motivation • History • Concept • Integrate with Agile • Example • Reviews • Current State

  19. Design by Contract – Integrate "We will derive tremendous benefits from writing the assertions at the same time as we write the software, or indeed before we write the software." -- Bertran Meyer, Object Oriented Software Construction • Differ from TDD, DbC checks for all cases • ESC/Java2 checks spec consistency at runtime • JMLUnit auto-generates test cases • JMLDoc embeds JML in JavaDoc

  20. What is Design by Contract? • Motivation • History • Concept • Integrate with Agile • Example • Reviews • Current State

  21. What is Design by Contract? • Motivation • History • Concept • Integrate with Agile • Example • Reviews • Current State

  22. Design by Contract – Reviews “I've tried to use [DbC] in a number of enterprise application settings, and I've found that in many situations it's as hard to write the pre and post conditions as it is to write the solution.” -- Martin Fowler “Design by Contract practice lessened the number of person-hours required to perform software testing.” -- An Experience With Design by Contract

  23. What is Design by Contract? • Motivation • History • Concept • Integrate with Agile • Example • Reviews • Current State

  24. Design by Contract – Current State • Effiel – built into the language • Java – JCR305 submitted for JML • Microsoft – Spec# and Boggie

  25. Q & A

More Related