1 / 14

Paper Title: On the Precise Meaning of the OCL Constraints

Paper Title: On the Precise Meaning of the OCL Constraints. Presented by Alla Dove. What we want OCL to be. Main Purpose of OCL: Provide precise information in UML, which can be ambiguous Use in Advanced Support Tools: check database integrity check correctness of rules

claire
Download Presentation

Paper Title: On the Precise Meaning of the OCL Constraints

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Paper Title: On the Precise Meaning of the OCL Constraints Presented by Alla Dove

  2. What we want OCL to be Main Purpose of OCL: Provide precise information in UML, which can be ambiguous Use in Advanced Support Tools: • check database integrity • check correctness of rules • prove that code never violates the constraints

  3. What OCL is really like • Lack of precise semantics Questions: • When during the execution is the validity of invariant enforced? • Is it possible to specify non-terminating operations in OCL? • What is the meaning when several constraints areattached to the operation? • What impact do the constraints on the superclass have on its subclasses?

  4. Invariants context CheckingAccount inv: bal >= limit

  5. Problem Question: When during the execution is the validity of invariant enforced? bal = $100 withdraw ($70) => bal = $30 deposit ($30) => bal = $60 withdraw ($70) => bal = -$10 deposit ($30) => bal = $20 Need to have a checkpoint at the end of a series of transfers.

  6. Proposed Informal Semantics • If an operation is used to compute intermediate results, use “volatile” property volatile=true => invariant is not enforced context CheckingAccount inv: bal >= limit context CheckingAccount::withdraw(n:Interger): void volatile=true …

  7. Undefinedness of Pre and Post Undefinedness = non-existence of result • Exceptionundefinedness • division by zero • accessing object through a reference which is null • Non-termination undefinedness • loops that run forever

  8. Problem Question: Is it possible to specify non-terminating operations in OCL? In OCL, an operation is always required to terminate. “Exception undefinedness” only

  9. Proposed Solution • Require all query operations defined in OCL to terminate • Other operations transforming the state may or may not terminate

  10. Splitting of Constraints Question: What is the meaning when several constraints areattached to the same operation? Complex post and pre conditions are split into smaller ones: context CheckingAccount::withdraw(n: Integer) pre: (n>=0) and (bal – n >=limit) post: bal = bal@pre – n context CheckingAccount::withdraw(n: Integer) pre: n>=0 post: true context CheckingAccount::withdraw(n: Integer) pre: bal – n >=limit post: bal = bal@pre – n May not always be a good idea; some parts may not be satisfied n=2 bal=1 limit=0

  11. Inheritance of Constraints Question: What impact do the constraints on the superclass have on its subclasses? Liskov’s Substitution Principle: A class can always be substituted by any of its subclasses.

  12. Proposed Solution Two approaches: 1. Make developer responsible - may overlook critical cases - not consistent with object-oriented paradigm 2. Consider all constraints on superclass to be constraints on its subclasses. X context B inv: INV1 and INV2 context B::op(x:T) pre: PRE1 and PRE2 post: POST1 and POST2

  13. Exercise context Account inv: bal >0 context Account::deposit(n: Integer) pre: n>0 post: bal = bal@pre + n context CheckingAccount inv: bal >= limit context CheckingAccount::withdraw(n: Integer) pre: (n>=0) and (bal – n >=limit) post: bal = bal@pre – n What is the full list of OCL constraints for CheckingAccount?

  14. Result: context CheckingAccount inv: bal >0 and bal >= limit context CheckingAccount::deposit(n: Integer) pre: n>0 post: bal = bal@pre + n context CheckingAccount::withdraw(n: Integer) pre: (n>=0) and (bal – n >=limit) post: bal = bal@pre – n

More Related