Post on 30-Dec-2015
description
1
Algorithm Design
2
An Algorithmic Notation – guarded command language
• Provides a framework for recording refinement of specifications into programs
• Consist of :– Sequence– Alternation– Iteration
• Commands are organized into programs by– Assignment statements of the form x := E where x is a program
variable, E an expression– Specifications to be further refined
• In-line or by call to other program
– Skip and abort
3
Declarations and commands(1)
• The kind of data available to a program in the guarded command language depend on – the target language,– the given sets of the specification being refined– the abstract data types used in the refinement
• Example of declarations
s : Student given set of specification
where : 0..size type in target language
sarray : array (1..size) of Student array type and given set
4
Declarations and commands(2)
• The kind of command available to a program in the guarded command language depend on– Target language– Abstract types used in refinement
• Example of commands
where := 0 assignment statement
sarray(1) := s assignment statement to an
array element
search specification of an operation
to be refined
5
Sequence control structure
• A sequence of commands may be presented in:– Horizontal format
x := x + 1; y := y – 1
– Vertical formatx := x + 1;
y := y – 1
• For sequence control structure below
Semicolon acts as separator
A1
A2
A1; A2
In guarded command language
6
Alternation control structure(1)
• Each command is prefaced by a boolean expression called a guard; corresponds to boolean expression of target language
• A command is executed only if its guard is true• Bounded by the sign if and fi• The sign □ is the guard command separator• The guard arrow → separates the guard and command• Example
if x ≤ y → z := x □ x ≥ y → z := y fi
7
Alternation control structure(2)
• Example when there are several guarded commands
x, y, s : ℤ
if x < y → s := -1
□ x = y → s := 0
□ x > y → s := 1
fi
8
Alternation control structure(3)
• In general for if-then
• If-then-else
B
A
T
F if B A ¬B skip fi
B
A1A2
TF
if B A1 ¬B A2 fi
9
Iteration control structure (1)
• Each command has a guard• A command will be executed only if the guard is true
• Bounded by the signs do and od
• Example
do z < x z > y → z : z + 1 od
10
Iteration control structure (2)
• In general
A
B
A1
B
A2T
F T
Fdo B → A od
A1; do B → A2 od
Initialized do-while
11
Method of recording(1)
• At stage of recording an algorithm refinement, record only one step of refinement
• The sign ⊑ to represent ‘is refined by’
A A1
A2
A A1; A2⊑
12
Method of recording(2)
A1
A2
B1
A11 A12
A21
A22
B2
A1 if B1⊑ A11 ¬B1 A2 fi
A2 ⊑ A21; do B2 A22 od
13
Program states and assignment: Program spaces and program states (1)
• Program spaces– A collection of program variables
• Example: For the following declaration
sarray : array(1..size) of Student;
s : Student;
r : Response;
ectr, tctr : 0..size
• Establish a program space by the following schema
14
Program states and assignment: Program spaces and program states (2)
EnrolSpace
sarray : 1..size → Student;
s : Student;
r : Response;
ectr, tctr : 0..size
• This type schema will be referred to in recording the design of a program.
15
Program states and assignment: Program spaces and program states (3)
• However EnrolSpace does not establish how input and output of the schema DEnrol to be represented as program variables
• Can introduce such variable, e.g.,
Identify_s_and_rs?, s, s’ : Studentr!, r, r’ : Responses? = sr! = r’
16
Program spaces and program states (4)
• To make the schema suitable for algorithm refinement of DEnrol, need to combine it with DEnrol and hide the input and output variables
DEnrolProg ≙ (DEnrol Identify_s_and_r) \ (s?,r!)
DEnrolokProg ≙ (DEnrolok Identify_s_and_r) \ (s?,r!)DNoRoomProg ≙ (DNoRoom Identify_s_and_r) \ (s?,r!)DAlreadyEnrolledProg ≙ (DAlreadyEnrolled Identify_s_and_r) \ (s?,r!)
17
Program states and assignment: Using the assignment statement (1)
• Use to refine specification in which just one variable in the program state is to change
• Suppose the program space is defined byPSpace ≙ [x, y, z: 0..maxnat]
the effect of the assignment x := y + z
Assign_1PSpacex’ = y + zy’ = yz’ = z
18
Program states and assignment: Using the assignment statement (2)
• In general if the program state is given by schema
GenPSpace
x : T
Others
where x does not occur in Others and E is an expression of type T in the value of x and the components of Others, then effect of x := E is
Assign_2
GenPSpace
Others
x’ = E
19
Using the alternation control structure
• Suppose S is a specification on a program space, and A1 and A2 are operations on the same space. Suppose B1 and B2 are boolean expressions defined on the variables in the space, and are computable in the target language, we shall say that
S ⊑if B1 → A1 □ B2 → A2 fi
20
Example of refinement by alternation(1)
• Consider the following specification of a program to find the positive difference of two numbers. PSpace has been defined previously
PossDiff
PSpace
z’ = x – y z’ = y – x
x’ = x
y’ = y
The following program as a refinement
if x ≥ y → z := x - y □ y ≥ x → z := y - x fi
21
Example of refinement by alternation(2)
• To verify we replace the two assignments by their descriptions
Assign_xmy
PSpace
x ≥ y
z’ = x – y
x’ = x
y’ = y
22
Example of refinement by alternation(3)
• To verify we replace the two assignments by their descriptions
Assign_ymx
PSpace
y ≥ x
z’ = y – x
x’ = x
y’ = y
23
Example of refinement by alternation(4)
• Now we have
PosDiff ⊑if x ≥ y → Assign_xmy
□ y ≥ x → Assign_ymx
fi
24
• Refining a disjunction with an alternation
A1 A2 ⊑ if pre A1 → A1 □ pre A2 → A2 fi
• Refining a disjunction to an if-then-else
A1 A2 ⊑ if pre A1 → A1 □ ¬(pre A1) → A2 fi
25
Refinement of the enrol operation(1)
DEnoughRoom ≙DEnrolokProg DAlreadyEnrolledProg
Refine DEnrolProg as
DEnrolProg ⊑if ectr = size →| DNoRoomProg□ ectr < size →| DEnoughRoomfi
26
Refinement of the enrol operation(2)
• Refinement of DNoRoomProgDNoRoomProg ⊑r := noroom
• Refinement DEnoughRoom will be dealt later
27
Sequence Control Structure: using the structure
• If a sequence of two specification (A1;A2) is offered as a refinement of a third S, we shall record this by writing
S ⊑ A1; A2
28
Example of refinement by sequence
• Consider the following program state
XState ≙ [x: 0..maxnat]
and the following specification
UpTwo ≙ [ XState | x’ = x + 2]
with x + 2 ≤ maxnat as its precondition;
refined by the following sequence
x := x + 1; x := x + 1
29
Sequence Control Structure
• Replacing commands in a sequence
S ⊑ A1;A2 and A2 ⊑ A3 then we can have S ⊑ A1;A3 • Operations on partitioned states
suppose that PartState ≙ PartA PartB and PartA and PartB have no declarations in common, and OpA is an operation on PartA and OpB is an operation on PartB
the operation OpA OpB on the whole of PartState can be refined by amended operation as follows:
OpAx ≙ [PartState; PartB; OpA]
OpBx ≙ [PartState; PartA; OpB]
30
Further refinement of the enrol operation
• We propose a refinement of DEnoughRoom as follows:
DEnoughRoom ⊑where: 0..(size + 1)
DEnoughRoomX
The extension of DEnoughRoom is defined as
DEnoughRoomX
where, where’: 0..(size + 1)
DEnoughRoom
31
Further refinement of the enrol operation
• Now we propose that:
DEnoughRoomX ⊑Search;
Decide• Search and Decide are to be specified. Search will set
the variable where to index an occurrence of s in the active part of the array, if there is one, and to ectr + 1 if there isn’t
32
Further refinement of the enrol operation
• The following specification is recorded for Search
SearchState
DClass
where: 0..(size + 1)
s: Student
r: Response
33
Further refinement of the enrol operation
• The following specification is recorded for Search
Search
SearchState
DClass
(( i: 1..ectr (sarray i) ≠ s where’ = ectr + 1)
((sarray where’) = s where’ 1..ectr ))
s’ = s
34
Further refinement of the enrol operation
• For Decide we can supply this definition:
Decide
SearchState
DEnoughRoom
where ≤ ectr (i: 1..ectr (sarray i) = s)
35
Further refinement of the enrol operation
• The refinement of Decide by an alternation is
Decide ⊑
36
Iteration control structure
• Example of refinement by initialized do-while• E.g., to sum up the elements of an array of integers. The
following axiomatic description for the sum of a sequence of integer
sumseq: seq ℤ → ℤ
(si: seq ℤ
(( si = <> sumseq si = 0)
(si ≠ <> sumseq si = (head si) + sumseq (tail si))))
37
Iteration control structure
• Introduce the program space that includes the array to be summed and the variable to hold answer. The variable n is a constant greater than 0, the size of array
SumSpace
intarr: 1..n →ℤs: ℤ
38
Iteration control structure
• Now specify the program
Addup
SumSpace
intarr’ = intarr
s’ = sumseq intarr
39
Iteration control structure
• Another way: we refine Addup to include counter ctr
Addup ⊑ctr: 0..n
AddupExt• The definition of AddupExt
AddupExt ≙ [Addup; ctr, ctr’ : 0..n]
40
Iteration control structure
• The invariant is in the following schema
Addup_invar
SumSpace
ctr, ctr’ : 0..n
s’ = sumseq((1..ctr’) ⊳ intarr’)
ctr’ ≤ n
intarr’ = intarr
41
Iteration control structure
• The initialization programAddup_initSumSpacectr, ctr’ : 0..nintarr’ = intarrs’ = 0ctr’ = 0
Sum ⊑ Addup_init; do ctr ≠ n →| Addup_body
od
42
Iteration control structure
• The body of while
Addup_body
SumSpace
ctr, ctr’ : 0..n
ctr < n
s = sumseq((1..ctr) ⊳ intarr)
s’ = sumseq((1..ctr’) ⊳ intarr’)
ctr’ ≤ n
intarr’ = intarr
ctr’ = ctr + 1
43
Iteration control structure
• The body of while can be simplified as
Addup_body
SumSpace
ctr, ctr’ : 0..n
ctr < n
s’ = s + intarr(ctr’)
intarr’ = intarr
ctr’ = ctr + 1
44
Iteration control structure
• Can be implemented by the following program
Addup_body ⊑ctr := ctr + 1;
s := s + intarr(ctr)