Lösungsvorschlag Software Architecture FS08

Aus VISki
Wechseln zu: Navigation, Suche

Modularity, ADT, Designy by Contract and Concurrency (8 points)

b

d

f: true, since the visitor needs to know implementation details of the objects it visits

b: true because class invariants are 'and'-ed, hence stronger assertions can be introduced

c

Design by Contract (12 points)

<eiffel> class

 BANK_ACCOUNT

feature withdraw(v: INTEGER) is

 require TRUE

do end

feature balance: INTEGER

end

class STUDENT_ACCOUNT inherit BANK_ACCOUNT redefine withdraw end

feature withdraw(v: INTEGER) is require else balance >= v do

 balance := balance - v

ensure

 balance_altered: balance = balance - v

end

end

class B_A_NORMAL inherit BANK_ACCOUNT redefine withdraw end

feature withdraw(v: INTEGER) is require else balance - fee >= v do

 balance := balance -v

ensure

 balance_altered: balance = balance - v

end

feature

 fee: INTEGER

end

class B_A_BUSINESS inherit BANK_ACCOUNT redefine withdraw end

feature withdraw(v: INTEGER) is require else balance + credit >= v do

 balance := balance -v

ensure

 balance_altered: balance = balance - v

end

feature

 credit: INTEGER

end </eiffel>

Abstract Data Types (16 points)

Writing and ADT for CREDIT_CARD (7 points)

TYPES

CREDIT_CARD

FUNCTIONS

Creators:

new_card: INTEGER x INTEGER --|--> CREDIT_CARD

Queries:

limit: CREDIT_CARD ----> INTEGER

balance: CREDIT_CARD ----> INTEGER

Commands:

settle: CREDIT_CARD ----> CREDIT_CARD

charge: CREDIT_CARD x INTEGER --|--> CREDIT_CARD

PRECONDITIONS

P1 new_card (limit: INTEGER) require limit > 0

P2 charge (c: CREDIT_CARD; amount: INTEGER) require amount + balance(c) <= limit(c) and amount > 0

AXIOMS

A1 limit(new_card(l: INTEGER)) = l

A2 balance(new_card(l: INTEGER)) = 0

A3 limit(settle(c: CREDIT_CARD)) = limit(c)

A4 balance(settle(c: CREDIT_CARD)) = 0

A5 limit(charge(c: CREDIT_CARD; a: INTEGER)) = limit(c: CREDIT_CARD)

A6 balance(charge(c: CREDIT_CARD; a: INTEGER)) = balance(c: CREDIT_CARD) + a

Proof of balance properties (6 points)

Prove that balance(c) >= 0:

Base case: using A2, new_card(l)

Induction assumption: is a correct expression of type CREDIT_CARD of length , i.e.

Induction step:

using A4

using A6, induction assumption for , and P2 for


Prove that

Base case:

new_card(l: INTEGER)

using A2

using A1

Hence: using P1 for the last inequality

Induction assumption:

is a correct expression of type CREDIT_CARD and length , that is:

and

Induction step (reuse inequalities found for balance above):

(see above) and using A3 and induction assumption, hence


using P2

using A5

since above we could show that a stronger statement was true


Proof of sufficient completeness (3 points)

We need to show that calling both query functions on any valid CREDIT_CARD expression will either return a value (different from a CREDIT_CARD), or a CREDIT_CARD expression which is one element shorter than the original one.

limit(new_card(l)) = l, using A1

balance(new_card(l)) = 0, using A2


Let be a valid expression of type CREDIT_CARD and length n, then:

limit(charge(c_n, a)) = limit(c_n) using A5

balance(charge(c_n,a)) = balance(c_n) + a using A6

limit(settle(c_n)) = limit(c_n) using A3

balance(settle(c_n)) = 0 using A4