Lösungsvorschlag Software Architecture FS08: Unterschied zwischen den Versionen

Aus VISki
Wechseln zu: Navigation, Suche
Zeile 1: Zeile 1:
 
=Modularity, ADT, Designy by Contract and Concurrency (8 points)=
 
=Modularity, ADT, Designy by Contract and Concurrency (8 points)=
==1==
+
== ==
 
b
 
b
  
Zeile 7: Zeile 7:
 
f: true, since the visitor needs to know implementation details of the objects it visits
 
f: true, since the visitor needs to know implementation details of the objects it visits
  
==2==
+
== ==
 
b: true because class invariants are 'and'-ed, hence stronger assertions can be introduced
 
b: true because class invariants are 'and'-ed, hence stronger assertions can be introduced
  
Zeile 109: Zeile 109:
 
'''P1''' new_card (limit: INTEGER) '''require''' limit > 0
 
'''P1''' new_card (limit: INTEGER) '''require''' limit > 0
  
'''P2''' charge (c: CREDIT_CARD; amount: INTEGER) '''require''' amount + balance(c) <= limit(c)
+
'''P2''' charge (c: CREDIT_CARD; amount: INTEGER) '''require''' amount + balance(c) <= limit(c) and amount > 0
  
 
'''AXIOMS'''
 
'''AXIOMS'''
  
 
'''A1''' limit(new_card(l: INTEGER)) = l
 
'''A1''' limit(new_card(l: INTEGER)) = l
 +
 
'''A2''' balance(new_card(l: INTEGER)) = 0
 
'''A2''' balance(new_card(l: INTEGER)) = 0
 +
 
'''A3''' limit(settle(c: CREDIT_CARD)) = limit(c)
 
'''A3''' limit(settle(c: CREDIT_CARD)) = limit(c)
 +
 
'''A4''' balance(settle(c: CREDIT_CARD)) = 0
 
'''A4''' balance(settle(c: CREDIT_CARD)) = 0
 +
 
'''A5''' limit(charge(c: CREDIT_CARD; a: INTEGER)) = limit(c: CREDIT_CARD)
 
'''A5''' limit(charge(c: CREDIT_CARD; a: INTEGER)) = limit(c: CREDIT_CARD)
 +
 
'''A6''' balance(charge(c: CREDIT_CARD; a: INTEGER)) = balance(c: CREDIT_CARD) + a
 
'''A6''' balance(charge(c: CREDIT_CARD; a: INTEGER)) = balance(c: CREDIT_CARD) + a
 +
 +
== Proof of balance properties (6 points) ==
 +
 +
Prove that balance(c) >= 0:
 +
 +
Base case: <math> balance(c_0) = 0 </math> using A1, <math> c_0 = </math> new_card
 +
 +
Induction assumption: <math> c_n </math> is a correct expression of type CREDIT_CARD of length <math>n</math>, i.e. <math> balance(c_n) \geq 0 </math>
 +
 +
Induction step:
 +
 +
<math> balance(settle(c_n)) = 0 </math> using A4
 +
 +
<math> balance(charge(c_n, a)) = balance(c_n) + a \geq 0 </math> using A6, induction assumption for <math> balance(c_n) \geq 0 </math>, and P2 for <math> a > 0 </math>

Version vom 21. Mai 2009, 21:55 Uhr

Modularity, ADT, Designy by Contract and Concurrency (8 points)

b

d

f: true, since the visitor needs to know implementation details of the objects it visits

b: true because class invariants are 'and'-ed, hence stronger assertions can be introduced

c

Design by Contract (12 points)

<eiffel> class

 BANK_ACCOUNT

feature withdraw(v: INTEGER) is

 require TRUE

do end

feature balance: INTEGER

end

class STUDENT_ACCOUNT inherit BANK_ACCOUNT redefine withdraw end

feature withdraw(v: INTEGER) is require else balance >= v do

 balance := balance - v

ensure

 balance_altered: balance = balance - v

end

end

class B_A_NORMAL inherit BANK_ACCOUNT redefine withdraw end

feature withdraw(v: INTEGER) is require else balance - fee >= v do

 balance := balance -v

ensure

 balance_altered: balance = balance - v

end

feature

 fee: INTEGER

end

class B_A_BUSINESS inherit BANK_ACCOUNT redefine withdraw end

feature withdraw(v: INTEGER) is require else balance + credit >= v do

 balance := balance -v

ensure

 balance_altered: balance = balance - v

end

feature

 credit: INTEGER

end </eiffel>

Abstract Data Types (16 points)

Writing and ADT for CREDIT_CARD (7 points)

TYPES

CREDIT_CARD

FUNCTIONS

Creators:

new_card: INTEGER x INTEGER --|--> CREDIT_CARD

Queries:

limit: CREDIT_CARD ----> INTEGER

balance: CREDIT_CARD ----> INTEGER

Commands:

settle: CREDIT_CARD ----> CREDIT_CARD

charge: CREDIT_CARD x INTEGER --|--> CREDIT_CARD

PRECONDITIONS

P1 new_card (limit: INTEGER) require limit > 0

P2 charge (c: CREDIT_CARD; amount: INTEGER) require amount + balance(c) <= limit(c) and amount > 0

AXIOMS

A1 limit(new_card(l: INTEGER)) = l

A2 balance(new_card(l: INTEGER)) = 0

A3 limit(settle(c: CREDIT_CARD)) = limit(c)

A4 balance(settle(c: CREDIT_CARD)) = 0

A5 limit(charge(c: CREDIT_CARD; a: INTEGER)) = limit(c: CREDIT_CARD)

A6 balance(charge(c: CREDIT_CARD; a: INTEGER)) = balance(c: CREDIT_CARD) + a

Proof of balance properties (6 points)

Prove that balance(c) >= 0:

Base case: using A1, new_card

Induction assumption: is a correct expression of type CREDIT_CARD of length , i.e.

Induction step:

using A4

using A6, induction assumption for , and P2 for