Welcome to PowerPoint “Normal” View with “Notes”. (Sorry, I had to give up

on providing audio annotations due to editing limitations with the version of

PowerPoint available to me. Hopefully, this will work OK – let me know if you

have suggestions for improving my notes…)

First, I hope you remember me. I’m Steve Thebaut and I’m teaching Soft. Test.

& Verif. this semester. I also hope that you are all coping OK with the current

calamity, and are well. If you are having trouble, let me know and I will try to

help. It looks like all of you will have the option to change to an S/U grading

scheme or just drop the course (presumably without penalty) through the end of

classes, but check with your academic advisor about this to be sure. More on

grades later…

Some loose ends that need to be taken care of: This is LN 21, the first of 3

dealing with the last (and arguably the most interesting) major topic of the

course: Functional Verification. The next (and last) Assignment Worksheet (#9)

will be posted on the course website this week (probably by 4/8/20) and will be

due on Saturday, April 18 at NOON. (Late submissions will be allowed, as

usual, until 3PM.)

1

Exam 1 grading is still underway(!), due in part to some logistical complications and

resource limitations imposed by the College. I hope to have an update for you (and

hopefully raw scores + a histogram) sometime later this coming week. Check the

announcements.

Exam 2, which will NOT cover the material covered in Exam 1, will take place (I think)

during the early part of the last week of classes. I don’t know yet what the logistics will

be. It will most likely either make use of Honorlock (on-line proctoring) or be some sort

of take-home (individual work) exam. Honorlock requires that you have a webcam, so

you might want to think about how you would obtain one (if necessary) if I’m advised to

go this route. I will provide more info about this in a week or so.

In addition to LN’s 21-23, I will also be posting some notes before Exam 2 to help you

review/prepare for the exam. These will include a primer on ROI Analysis, solutions to

the Functional verification exercises given in LN’s 21-23, notes on the King, et al.

reading (#7) and the Cleanroom SE reading (#9). (Reading #8 is highly technical and is

for reference purposes only – you are not required to study this for Exam 2, although

some may find it useful.)

About the PowerPoint Notes (such as the one you are reading now): I will provide

Notes at the bottom of SOME PowerPoint slides, when I think it may be useful. If you

would like to see additional notes to help you understand something, let me know.

2

The IRL is “Very Cool!” because it involves learning how to reason about the

functional correctness of loops by considering equivalent if-then statements

defined used recursion.

3

The Invariant Status Theorem is “EXTREMELY Cool!” because it describes a

very useful (and sometimes very useful) relationship between loop invariants

and loop functions!

4

Only the third item above is required reading. The first two are potentially

useful references, but are NOT required for completing the Assignment 9

Worksheet or studying for Exam 2.

8

The “equivalence” vs. “subset” relationship concerns the distinction between

“complete” and “sufficient” program correctness and is explained next…

13

So the idea here is that Sufficient correctness only requires that P computes f

wherever f is defined, but P may also terminate and thereby compute results

where f is NOT defined.

Complete correctness means that P computes f exactly, even for inputs where f

is not defined. This means P would also not be defined (i.e., would NOT

terminate) for inputs outside the domain of f.

These above interpretations are the gist of i!

27

Understanding the heuristics illustrated in the next several slides is important. It

involves reasoning about (“figuring out”) what function is computed by the loop

on termination based on the possible INITIAL values of the variable(s) as

reflected by the initial value of the loop predicate “b”.

28

29

In this case, when the initial value of y is > 0, we can see that the loop will

execute exactly y times with the final value of x being the sum of the initial

values of x and y, and the final value of y being 0. This is consistent with the

definition of f for initial values of y>0.

36

This is an aside: it suggests how defensive programming could be used to avoid

writing a program that computes f (sufficiently) without going into an infinite

loop

61

The solution for this exercise (and all others in LN’s 21-23) will be posted later.

In the mean time, try to complete the “correctness table” on your own.

62

This reflects the standard, informal interpretation of “P computes f”, as

illustrated, for example, in the Dunlap/Basili reference paper.

63

The Axiom of Replacement simply allows one to replace a sub-program with the

function it has been shown to compute in the process of proving a COMPOUND

program is correct.

68

A “working correctness question” is just an informal way to ASK whether or not

a formally stated correctness condition is satisfied. Using such questions is

suggested as a way to may proof presentation more “conversational”.

Note that SEQUENCING of instructions in a program is equivalent to

COMPOSING the functions computed by the instructions when describing the

function of the program.

71

Try to show this based on the example given. The solution will be posted

separately later.

119