Formal specification

In each passing decade, computer systems have become increasingly more powerful and, as a result, they have become more impactful to society. Because of this, better techniques are needed to assist in the design and implementation of reliable software. Established engineering disciplines use mathematical analysis as the foundation of creating and validating product design. Formal specifications are one such way to achieve this in software engineering reliability as once predicted. Other methods such as testing are more commonly used to enhance code quality. ==Uses==

Given such a specification, it is possible to use formal verification techniques to demonstrate that a system design is correct with respect to its specification. This allows incorrect system designs to be revised before any major investments have been made into an actual implementation. Another approach is to use provably correct refinement steps to transform a specification into a design, which is ultimately transformed into an implementation that is correct by construction. A formal specification is not an implementation, but rather it may be used to develop an implementation. Formal specifications describe what a system should do, not how the system should do it. A good specification must have some of the following attributes: adequate, internally consistent, unambiguous, complete, satisfied, minimal. A good specification will have: • Constructability, manageability and evolvability • Usability • Communicability • Powerful and efficient analysis One of the main reasons there is interest in formal specifications is that they will provide an ability to perform proofs on software implementations. These proofs may be used to validate a specification, verify correctness of design, or to prove that a program satisfies a specification. ==Limitations==

A design (or implementation) cannot ever be declared “correct” on its own. It can only ever be “correct with respect to a given specification”. Whether the formal specification correctly describes the problem to be solved is a separate issue. It is also a difficult issue to address since it ultimately concerns the problem constructing abstracted formal representations of an informal concrete problem domain, and such an abstraction step is not amenable to formal proof. However, it is possible to validate a specification by proving “challenge” theorems concerning properties that the specification is expected to exhibit. If correct, these theorems reinforce the specifier's understanding of the specification and its relationship with the underlying problem domain. If not, the specification probably needs to be changed to better reflect the domain understanding of those involved with producing (and implementing) the specification. Formal methods of software development are not widely used in industry. Most companies do not consider it cost-effective to apply them in their software development processes. This may be for a variety of reasons, some of which are: • Time • High initial start-up cost with low measurable returns • Flexibility • A lot of software companies use agile methodologies that focus on flexibility. Doing a formal specification of the whole system up front is often perceived as being the opposite of flexible. However, there is some research into the benefits of using formal specifications with "agile" development • Complexity • They require a high level of mathematical expertise and the analytical skills to understand and apply them effectively • A solution to this would be to develop tools and models that allow for these techniques to be implemented but hide the underlying mathematics • Limited scope • They do not capture properties of interest for all stakeholders in the project • They do not do a good job of specifying user interfaces and user interaction • Not cost-effective • This is not entirely true; by limiting their use to only core parts of critical systems they have shown to be cost-effective Other limitations: • Isolation • Low-level ontologies • Poor guidance • Poor separation of concerns • Poor tool feedback ==Paradigms==

Formal specification techniques have existed in various domains and on various scales for quite some time. Implementations of formal specifications will differ depending on what kind of system they are attempting to model, how they are applied and at what point in the software life cycle they have been introduced. These types of models can be categorized into the following specification paradigms: • History-based specification • behavior based on system histories • assertions are interpreted over time • State-based specification • behavior based on system states • series of sequential steps, (e.g. a financial transaction) • languages such as Z, VDM or B rely on this paradigm • Transition-based specification • behavior based on transitions from state-to-state of the system • best used with a reactive system • languages such as Statecharts, PROMELA, STeP-SPL, RSML or SCR rely on this paradigm • Functional specification • specify a system as a structure of mathematical functions • OBJ, ASL, PLUSS, LARCH, HOL or PVS rely on this paradigm • Operational Specification • early languages such as Paisley, GIST, Petri nets or process algebras rely on this paradigm • Multi-paradigm languages • FizzBee is a multi-paradigm specification language that allows for transition/action based specification, behavioral specifications with non-atomic transitions and also has actor model. In addition to the above paradigms, there are ways to apply certain heuristics to help improve the creation of these specifications. The paper referenced here best discusses heuristics to use when designing a specification. They do so by applying a divide-and-conquer approach. ==Software tools==

The Z notation is an example of a leading formal specification language. Others include the Specification Language (VDM-SL) of the Vienna Development Method and the Abstract Machine Notation (AMN) of the B-Method. In the Web services area, formal specification is often used to describe non-functional properties (Web services quality of service). Some tools are: • Algebraic • Larch • OBJ • Lotos • Model-based • Z • B • VDM • CSP • Petri Nets • TLA+ • FizzBee ==References==