The Greybox Approach: When Blackbox Specifications Hide Too Much

Development of different parts of large software systems by separate teams, replacement of individual software parts during maintenance without changing other parts, and marketing of independently developed software components require interface descriptions. Interoperation is impossible without sufficient description; only abstraction leaves room for alternate implementations. Specifications that only relate the state prior to service invocation (precondition) to that after service termination (postcondition) do not sufficiently capture external calls made during operation execution. If other methods called in the specification cannot be fully specified, it is not sufficient that the implementation only performs the specified state transformation. The implementation must also make the prescribed external calls in the respective states. We show how to specify both state change and external call sequences using simple extensions of programming languages. Furthermore, we give a formal definition of the correctness of implementations with respect to such specifications and show how to prove correctness in practice with data refinement in context.

[1]  Ivar Jacobson,et al.  The unified modeling language reference manual , 2010 .

[2]  Ralph-Johan Back,et al.  Trace Refinement of Action Systems , 1994, CONCUR.

[3]  Niklaus Wirth,et al.  The programming language oberon , 1988, Softw. Pract. Exp..

[4]  Ivar Jacobson,et al.  The Unified Modeling Language User Guide , 1998, J. Database Manag..

[5]  簡聰富,et al.  物件導向軟體之架構(Object-Oriented Software Construction)探討 , 1989 .

[6]  Ian M. Holland,et al.  Contracts: specifying behavioral compositions in object-oriented systems , 1990, OOPSLA/ECOOP '90.

[7]  Dale Rogerson,et al.  Inside COM , 1997 .

[8]  Ralph-Johan Back,et al.  Correctness preserving program refinements: Proof theory and applications , 1980 .

[9]  Gary T. Leavens,et al.  Forcing behavioral subtyping through specification inheritance , 1996, Proceedings of IEEE 18th International Conference on Software Engineering.

[10]  Emil Sekerinski,et al.  Class Refinement and Interface Refinement in Object-Oriented Programs , 1997, FME.

[11]  Emil Sekerinski,et al.  Developing Components in the Presence of Re-entrance , 1999, World Congress on Formal Methods.

[12]  Greg Nelson,et al.  Systems programming in modula-3 , 1991 .

[13]  D. L. Parnas,et al.  On the criteria to be used in decomposing systems into modules , 1972, Software Pioneers.

[14]  Ralph-Johan Back,et al.  Refinement Calculus: A Systematic Introduction , 1998 .

[15]  Wolfgang Weck,et al.  A Plea for Grey-Box Components , 1997 .

[16]  Ralph-Johan Back,et al.  Changing data representation in the refinement calculus , 1989, [1989] Proceedings of the Twenty-Second Annual Hawaii International Conference on System Sciences. Volume II: Software Track.

[17]  Jean-Raymond Abrial,et al.  The B-book - assigning programs to meanings , 1996 .

[18]  Niklaus Wirth,et al.  Programming in Modula-2 , 1985, Texts and Monographs in Computer Science.

[19]  Gary T. Leavens An Overview of Larch/C++: Behavioral Specifications for C++ Modules , 1996 .

[20]  Chris Dollin,et al.  Object-oriented development: the fusion method , 1994 .

[21]  Marsha Chechik,et al.  Automatic Analysis of Consistency between Requirements and Designs , 2001, IEEE Trans. Software Eng..

[22]  Kai Engelhardt,et al.  Data Refinement: Model-Oriented Proof Methods and their Comparison , 1998 .

[23]  Trygve Reenskaug,et al.  Working with objects - the OOram software engineering method , 1995 .

[24]  J. van Katwijk,et al.  VDM++, a formal specification language for object-oriented designs , 1992, CompEuro 1992 Proceedings Computer Systems and Software Engineering.

[25]  Anna Mikhajlova,et al.  Ensuring Correctness of Object and Component Systems , 1999 .

[26]  K. Rustan M. Leino,et al.  Extended static checking , 1998, PROCOMET.

[27]  David Lorge Parnas,et al.  A technique for software module specification with examples , 1972, CACM.

[28]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[29]  Bertrand Meyer,et al.  Eiffel: The Language , 1991 .

[30]  Eerke Albert Boiten,et al.  Grey Box Data Refinement , 1998 .

[31]  B. F. Castro Buschmann, Frank; Meunier, Regine; Rohnert, Hans; Sommerlad, Peter; Stal, Michael. Pattern-oriented software architecture: a system of patterns, John Wiley & Sons Ltd, 1996 , 1997 .

[32]  Emil Sekerinski,et al.  Formal Methods for Component Software: The Refinement Calculus Perspective , 1997, ECOOP Workshops.

[33]  Bertrand Meyer,et al.  Applying 'design by contract' , 1992, Computer.

[34]  Ana Cavalcanti,et al.  A Weakest Precondition Semantics for an Object-Oriented Language of Refinement , 1999, World Congress on Formal Methods.

[35]  Guy L. Steele,et al.  The Java Language Specification , 1996 .

[36]  Anneke Kleppe,et al.  The object constraint language: precise modeling with UML , 1998 .

[37]  Emil Sekerinski,et al.  Ensuring Correctness of Java Frameworks: A Formal Look at JCF , 1999 .

[38]  John Nicholls,et al.  Z notation , 1994 .

[39]  Sjouke Mauw,et al.  Message Sequence Chart (MSC) , 1996 .

[40]  Bjarne Stroustrup,et al.  C++ Programming Language , 1986, IEEE Softw..

[41]  Jeannette M. Wing,et al.  A behavioral notion of subtyping , 1994, TOPL.

[42]  Clemens A. Szyperski,et al.  Component software - beyond object-oriented programming , 2002 .

[43]  Cliff B. Jones,et al.  Systematic software development using VDM , 1986, Prentice Hall International Series in Computer Science.

[44]  Pierre America,et al.  Designing an Object-Oriented Programming Language with Behavioural Subtyping , 1990, REX Workshop.

[45]  Desmond D'Souza,et al.  Objects, Components, and Frameworks with UML: The Catalysis Approach , 1998 .

[46]  Carroll Morgan,et al.  Programming from specifications , 1990, Prentice Hall International Series in computer science.

[47]  David Lorge Parnas,et al.  Tabular Representations in Relational Documents , 1997, Relational Methods in Computer Science.

[48]  Stephen Travis Pope,et al.  A cookbook for using the model-view controller user interface paradigm in Smalltalk-80 , 1988 .