1 / 65

# Modelling unordered collections - PowerPoint PPT Presentation

Modelling unordered collections. Peter Gorm Larsen. Agenda. Set Characteristics and Primitives The Minimum Safety Altitude Warning System The Robot Controller. Set Characteristics. Sets are unordered collections of elements There is only one copy of each element

Related searches for Modelling unordered collections

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

## PowerPoint Slideshow about 'Modelling unordered collections' - krysta

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

### Modelling unordered collections

Peter Gorm Larsen

Modelling unordered collections

• Set Characteristics and Primitives

• The Minimum Safety Altitude Warning System

• The Robot Controller

Modelling unordered collections

• Sets are unordered collections of elements

• There is only one copy of each element

• The elements themselves can be arbitrary complex, e.g. they can be sets as well

• Sets in VDM++ are finite

• Set types in VDM++ are written as:

• set ofType

Modelling unordered collections

• If an object x is a member (an element) of a set A, then we write “x  A”; if it is not a member then we write “x  A”.

• “x  A” can be written as “x in set A”

• “x  A” can be written as “x not in set A”

Modelling unordered collections

• A set enumeration consists of a comma-separated list enclosed between curly braces, ”{…}”

• For example

• {1,5,8,1,3}

• {true, false}

• {{}, {4,3},{2,4}}

• {‘g’,’o’,’d’}

• {3.567, 0.33455,7,7,7,7}

Are all sets

• The empty set can be written as “{ }” or “”

Modelling unordered collections

• The set A is said to be a subset of the set B if every element of A is also an element of B.

• The subset relation is written as ”A  B” or as ”A subset B”

• Quick examples:

• {1,2,3}  {1,2,3,4,5}

• { }  {1,2,3}

• {3,2,3,2}  {2,3}

Modelling unordered collections

• Two sets are equal if both are subsets of each other i.e.

• A  B and B  A implies that A = B

• Quick examples:

• {2,4,1,2} = {4,1,2}

• {true, true, false} = {false, true}

• {1,1,1,1,1,1,1,1,1,1,1,1} = {1}

• {3,4,5} = {3,5,5}

Modelling unordered collections

• The set A is said to be a propersubset of the set B if every element of A is also an element of B and B has at least member that is not a member of A.

• The subset relation is written as ”A  B” or as ”A psubset B”

• Quick examples:

• {1,2,3}  {1,2,3,4,5}

• { }  {1,2,3}

• {3,2,3,2}  {2,3}

Modelling unordered collections

• The cardinality of a set is the number of distinct elements i.e. its size

• The cardinality of a set S is written as “card S”

• Quick examples:

• card {1,2,3}

• card { }

• card {3,2,3,2}

Modelling unordered collections

• If S is a set then the power set of S is the set of all subsets of S.

• The powerset of a set S is written as “P S” or “power S”

• Quick examples:

• power {1,2,2}

• power { }

• power {3,2,3,1}

• power power {6,7}

Modelling unordered collections

• The union of two sets combines all their elements into one set

• The union of two sets A and B is written as ”A  B” or ”A union B”

• Quick examples:

• {1,2,2} union {1,6,5}

• { } union {true}

• {3,2,3,1} union {4}

Modelling unordered collections

• The intersection of two sets is the set of all elements that are in both of the original sets

• The intersection of two sets A and B is written as ”A  B” or ”A inter B”

• Quick examples:

• {1,2,2} inter {1,6,5}

• { } inter {true}

• {3,2,3,1} inter {4}

Modelling unordered collections

• Union and intersection can be distributed over a set of sets

• Distributed set union

• To be written as  (or dunion in ASCII)

• dunion {{ 2,4},{3,1,2},{2,3,4,3}}

• dunion {{ 2,4},{3,1,1},{}}

• dunion {{true},{false},{}}

• Distributed set intersection

• To be written as  (or dinter in ASCII)

• dinter{{ 2,4},{3,1,2},{2,3,4,3}}

• dinter {{ 2,4},{3,1,1},{}}

• dinter {{true},{false},{}}

Modelling unordered collections

• The set difference of two sets A and B is the set of elements from A which is not in B

• The set difference of two sets A and B is written as ”A \ B”

• Quick examples:

• {1,2,2} \ {1,6,5}

• { } \ {true}

• {3,2,3,1} \ {4}

Modelling unordered collections

e in set s1 Membership () A * set of A -> bool

e not in set s1 Not membership () A * set of A -> bool

s1 union s2 Union ()set of A * set of A -> set of A

s1 inter s2 Intersection ()set of A * set of A -> set of A

s1 \ s2 Difference (\) set of A * set of A -> set of A

s1 subset s2 Subset ()set of A * set of A -> bool

s1 psubset s2 Proper subset ()set of A * set of A -> bool

s1 = s2 Equality (=) set of A * set of A -> bool

s1 <> s2 Inequality (≠)set of A * set of A -> bool

card s1 Cardinality set of A -> nat

dunion s1 Distr. Union ()set of set of A -> set of A

dinter s1 Distr. Intersection ()set of set of A -> set of A

power s1 Finite power set (P) set of A -> set of set of A

Modelling unordered collections

• Using predicates to define sets implicitly

• In VDM++ formulated like:

• {element | list ofbindings & predicate}

• The predicate part is optional

• Quick examples:

• {3 * x | x : nat & x < 3} or {3 * x | x in set {0,…,2}}

• {x | x : nat & x < 5} or {x | x in set {0,…,4}}

Modelling unordered collections

• What are the set enumerations for:

• {x|x : nat & x < 3}

• {x|x : nat & x > 3 and x < 6}

• {{y}| y in set {3,1,7,3}}

• {x+y| x in set {1,2}, y in set {7,8}}

• {mk_(x,y)| x in set {1,2,7}, y in set {2,7,8} & x > y}

• {y|y in set {0,1,2} & exists x in set {0,…,3} & x = 2 * y}

• {x = 7| x in set {1,…,10} & x < 6}

Modelling unordered collections

• The set range expression is a special case of a set comprehension. It has the form

• {e1, ..., e2}

• where e1 and e2 are numeric expressions. The set range expression denotes the set of integers from e1 to e2 inclusive.

• If e2 is smaller than e1 the set range expression denotes the empty set.

• Examples:

• {2.718,...,3.141}

• {3.141,...,2.718}

• {1,...,5}

• {8,...,6}

Modelling unordered collections

• Set Characteristics and Primitives

• The Minimum Safety Altitude Warning System

• The Robot Controller

Modelling unordered collections

MSAW General Monitoring

Minimum Safe Altitude (MSA)

Terrain Clearance Altitude

Modelling unordered collections

Glideslope Path

Alarm Trigger Area

(100´ below glideslope path)

Runway

1 nm

Modelling unordered collections

Minimum Safe Altitude Warning (MSAW) utilises secondary surveillance radar (SSR) responses from aircraft transponders and trajectory tracking to determine whether it is likely that the aircraft may be exposed to an unacceptable risk of Controlled Flight Into Terrain (CFIT). MSAW is normally implemented locally within the radar display system software and compares predicted aircraft trajectories with a database of levels at which an alert will be triggered within specific geographic areas. The system is technically complex (due to the need to compensate for radar processing delays) and requires careful installation, commissioning and operation to ensure that false alert occurrences do not present a hazard to operations.

Modelling unordered collections

• Radar(s) must track flying objects using their transponders

• Height of obstacles must be known statically

• Flying objects must be warned against obstacles close to their flight path

• New areas with obstacles can be defined

• The MSAW system must ensure the safety of flying objects against static obstacles

• Other flying objects (dynamic) is NOT a part of MSAW (dealt with using TCAS)

Modelling unordered collections

Modelling unordered collections

class FO

instance variables

id : Id;

coord : Coordinates;

alt : Altitude;

end FO

• What instance variables should the FO class have?

• How should the airspace association between the Airspace and FO be made?

class Airspace

instance variables

airspace : set of FO;

inv forall x,y in set airspace &

x <> y => x.getId() <> y.getId()

end Airspace

Modelling unordered collections

It must be possible to add new flying objects to an airspace:

public addFO : FO ==> ()

airspace := airspace union {fo}

pre fo.getId() not in set

{f.getId() | f in set airspace}

Modelling unordered collections

Given a particular identifier we need to be able to find the flying object with that transponder

public getFO : Id ==> FO

getFO(id) ==

find that value fo in the set airspace where fo.getId() equals id

VDM++ Construct (let-be-such-that expression):

let x in set s be st predicate on x

in

expression using x

Modelling unordered collections

Using the let-be-such-that expression we get

public getFO : Id ==> FO

getFO(id) ==

let fo in set airspace be st fo.getId() = id

in

return fo

pre FOExists(id,airspace);

and

functions

FOExists: Id * set of FO -> bool

FOExists(id,space) ==

exists fo in set space & fo.getId() = id

Modelling unordered collections

It must also be possible to remove existing flying objects from an airspace:

public removeFO : Id ==> ()

removeFO(id) ==

airspace := airspace \ {getFO(id)}

pre FOExists(id,airspace)

where we reuse the getFO operation

Modelling unordered collections

• This completes the AirSpace class

• Visibility shown with icons

• Stereotypes used to seperate operations and functions

• Signatures can be listed

Modelling unordered collections

• Constructors in VDM++ use operation syntax

• Return type is implicit, so no return is needed

public FO : Id * Coordinates * Altitude ==> FO

FO(i,co,al) ==

(id := i;

coord := co;

alt := al;

);

Modelling unordered collections

• What information is needed for each radar?

instance variables

location : Coordinates;

range : nat1;

detected : set of FO

Modelling unordered collections

public Scan : AirSpace ==> ()

Scan(as) ==

detected := { x | x in set as.airspace & InRange(x) };

private InRange : FO ==> bool

InRange(obj) ==

let foLocation = obj.getCoordinates()

in

return isPointInRange(location,range,foLocation);

Modelling unordered collections

• In the GLOBAL class general functionality is present

functions

protected isPointInRange : Coordinates * nat1 *

Coordinates -> bool

isPointInRange(center,range,point) ==

(center.X - point.X)**2 + (center.Y - point.Y)**2 <=

range**2;

Modelling unordered collections

What information do we need about an obstacle?

instance variables

MSA : MinimumSafetyAltitude ;

location : Coordinates;

type : ObstacleType;

Where we inherit the following types

public

ObstacleType = <Natural>|<Artificial>|<Airport>|<Military_Area>;

public FOWarning = ObstacleType;

public MinimumSafetyAltitude = nat | <NotAllowed>;

Modelling unordered collections

class AirTrafficController is subclass of GLOBAL

instance variables

obstacles : set of Obstacle := {};

operations

public addObstacle : Obstacle ==> ()

obstacles := {ob} union obstacles;

Modelling unordered collections

public findThreats : () ==> ()

findThreats() ==

let allFOs = dunion { r.getDetected() | r in set radars }

in

(for all fo in set allFOs

do

for all ob in set obstacles

do

if isFOinVicinities(ob,fo) and not isFOatSafeAltitude(ob,fo)

then writeObjectWarning(ob,fo);

for all r in set radars

do

);

Modelling unordered collections

isFOinVicinities : Obstacle * FO -> bool

isFOinVicinities(obs,fo) ==

let obsloc = obs.getCoordinates(),

secureRange = obs.getSecureRange(),

foloc = fo.getCoordinates()

in

isPointInRange(obsloc,secureRange,foloc);

isFOatSafeAltitude : Obstacle * FO -> bool

isFOatSafeAltitude(obs,fo) ==

let msa = obs.getMSA()

in

if msa = <NotAllowed>

then false

else msa < fo.getAltitude();

Modelling unordered collections

There is a limit to how many FO´s a radar can deal with at one time. We call this saturation of a radar.

values

maxFOs : nat1 = 4;

instance variables

range : nat1;

detected : set of FO

operations

public saturatedRadar : () ==> bool

return card detected > range / maxFOs;

Modelling unordered collections

Some radars will have overlap so it may be interesting to collect the FOs that are detected by at least 2 radars:

dunion {a.getDetected() inter b.getDetected()

| a,b in set radars & a <> b};

FOs that are detected by all radars may also be interesting:

dinter {x.getDetected()

Modelling unordered collections

class World

instance variables

public static env : [Environment] := nil;

public static timerRef : Timer := new Timer();

operations

public World : () ==> World

World() ==

(env := new Environment("scenario.txt");

env.setAirSpace(MSAW`airspace);

public Run : () ==> ()

Run() == env.Run();

end World

Modelling unordered collections

class Environment is subclass of GLOBAL

operations

public Environment : String ==> Environment

Environment(fname) ==

def mk_(-,input) = io.freadval[seq of inline](fname)

in

inlines := input;

public Run : () ==> ()

Run() ==

(while not isFinished()

do

(updateFOs();

MSAW`atc.Step();

World`timerRef.StepTime();

);

showResult()

);

end Environment

Modelling unordered collections

class Environment is subclass of GLOBAL

operations

updateFOs : () ==> ()

updateFOs() ==

(iflen inlines > 0

then (dcl curtime : Time := World`timerRef.GetTime(),

done : bool := false;

while not done do

def mk_(id,x,y, altitude,pt) = hd inlines

in

if pt <= curtime

then (airspace.updateFO(id,mk_Coordinates(x,y),altitude);

inlines := tl inlines;

done := len inlines = 0 )

else done := true)

else busy := false

);

end Environment

Modelling unordered collections

Since flying objects move we need to be able to update them:

class AirSpace

public updateFO : Id * Coordinates * Altitude ==> ()

updateFO(id,coord,alt) ==

if FOExists(id,airspace)

then let fo = getFO(id)

in

(fo.setCoordinates(coord);

fo.setAltitude(alt))

elselet newfo = new FO(id,coord,alt)

in

airspace := airspace union {newfo}

end AirSpace

where we reuse the getFO operation again

Modelling unordered collections

Now all radars needs to have a chance to scan:

class AirTrafficController is subclass of GLOBAL

public Step : () ==> ()

Step() ==

(for all r in set radars do

r.Scan(MSAW`airspace);

findThreats();

);

end AirTrafficController

Modelling unordered collections

• Set Characteristics and Primitives

• The Minimum Safety Altitude Warning System

• The Robot Controller

Modelling unordered collections

• A system for navigating a robot from a start point, via a collection of waypoints to a final destination, where it performs some task, e.g., delivering a payload.

Modelling unordered collections

• Position Sensor: This is used to find the robot's current location and the direction in which it is moving.

• Steering Controller: This controls the direction in which the robot travels.

• Steering Monitor: A system used to ensure that the steering controller is operating within known safe boundaries.

Modelling unordered collections

• The robot's current position is always available to the controller from a position sensor.

• The robot has a predetermined journey plan based on a collection of waypoints.

• The robot must navigate from waypoint to waypoint without missing any.

• The robot moves only horizontally or vertically in the Cartesian plane. It is not physically capable of changing direction with an angle greater than 90o. Attempts to do so should be logged.

• If the robot is off-course, i.e., it cannot find a route to the next waypoint, it should stop in its current position.

• The robot is able to detect obstacles in its path.

Modelling unordered collections

Class Diagram for Robot Controller

Modelling unordered collections

class Point

instance variables

x: nat;

y: nat;

index: nat

end Point

• What instance variables should the Point class have?

• How should the journeyPlan association between the Controller and Point be made?

class Controller

instance variables

journeyPlan : set of Point;

end Controller

Modelling unordered collections

{new Point(1, 4, 1),

new Point(4, 5, 2),

new Point(6, 8, 3),

new Point(10, 8, 4),

new Point(9, 11, 5),

new Point(8, 13, 6),

new Point(11, 13, 7)}

Modelling unordered collections

public static GetPointAtIndex: set of Point * nat ->

Point

GetPointAtIndex(pts, index) ==

find that value p in the set pts where p.GetIndex() equals index

VDM++ Construct:

let x in set s be st predicate on x

in

expression using x

Modelling unordered collections

The GetPointAtIndex Operation

publicstatic GetPointAtIndex: set of Point * nat ->

Point

GetPointAtIndex(pts, index) ==

let p in set pts be st p.GetIndex() = index

in

p

preexists p in set pts & p.GetIndex() = index;

Modelling unordered collections

• What is the value of:

• new Point(1,1,1) in set {new Point(1,1,1)}

• Assume we have an operation inside Point:

• GetCoord: () ==>nat * nat

• How can we then test whether a waypoint has been reached?

• wp.GetCoord() in set {o.GetCoord()|o in set obs}

Modelling unordered collections

• journeyPlan desirable index properties

• Next waypoint has index 1

• Final waypoint has index equal to number of waypoints

• Indices are numbered consecutively

• Modeled as invariant inside Controller:

• inv {p.GetIndex() | p in set journeyPlan} =

{1,..., card journeyPlan};

Modelling unordered collections

• Inside the Point class:

public TakeStep: () ==> Point

TakeStep() ==

( index := index - 1;

return self

)

pre index > 1;

• Inside Route:

static public TakeStep: set of Point -> set of Point

TakeStep(pts) ==

let laterPoints = {pt | pt in set pts

& pt.GetIndex() <> 1}

in

{p.TakeStep() | p in set laterPoints};

Modelling unordered collections

• Find out the robot's current position.

• Find out the next waypoint that the robot must visit.

• If this waypoint has the same location as the current position then there are two possibilities:

• Either this is the last waypoint, i.e., the robot has reached its final destination and can therefore complete its journey

• or there are further waypoints to visit, in which case the journey plan must be updated.

Otherwise do nothing.

• Calculate the commands needed by the steering controller to get the robot to this next waypoint.

• Give these commands to the steering controller.

Modelling unordered collections

Update: () ==> ()

Update() ==

let currentPosition = ins.GetPosition()

in

( if Route`GetPointAtIndex(journeyPlan,1).GetCoord() =

currentPosition.GetCoord()

then

ifcard journeyPlan = 1

then CompleteJourney()

else

( journeyPlan := Route`TakeStep(journeyPlan);

let obstacles = obs.GetData(),

route = PlotCourse(obstacles)

in

if route = nil

then emergencyBrake.Enable()

else

def dfps = ComputeDesiredSteerPosition(

ins.GetDirection(),

route.GetPoint(2),

str.GetPosition())

)

);

Modelling unordered collections

class Point

public Neighbour: () ==> set of Point

Neighbour () ==

return {new Point(x, y1, index + 1)

| y1 in set {y-1,y+1}

& y1 >= 0} union

{new Point(x1, y, index + 1)

| x1 in set {x-1,x+1}

& x1 >= 0};

end Point

Modelling unordered collections

class Controller

PlotCourse: set of (nat * nat) ==> [Route]

PlotCourse(obstacles) ==

let nextWaypoint = Route`GetPointAtIndex(journeyPlan, 1),

posRoutes = Route`AvoidanceRoutes(obstacles,

ins.GetPosition(),

nextWaypoint)

in

if posRoutes = {}

then return nil

else ShortestFeasibleRoute(posRoutes);

end Controller

Modelling unordered collections

class Route

static

public AvoidanceRoutes(

obstacles: set of (nat * nat),

currentPosition: Point,

nextWaypoint: Point) routes:setof Route

post forall r in set routes &

r.GetFirst().GetCoord() =

currentPosition.GetCoord() and

r.GetLast().GetCoord() =

nextWaypoint.GetCoord() and

r.GetCoords() inter obstacles = {};

end Route

Does this work?

Modelling unordered collections

class Route

instance variables

points: set of Point;

inv forall p1, p2 in set points &

p1.GetCoord() = p2.GetCoord() => p1 = p2 and

forall p in set points &

p.GetIndex() <> card points

=> GetNext(p).GetCoord() in set

{n.GetCoord() | n in set p.Neighbour()}

end Route

Modelling unordered collections

• What have I presented today?

• The notion of sets as unordered collections

• The basic operations in VDM++ for manipulating sets

• The MSAW system

• The robot controller example

• What do you need to do now?

• Present your status to all of us

• Read chapter 7 before next lecture

Modelling unordered collections