Software Design 2e - DIM

438A formal approach to designThis (and the next relation between eval and insert) should make the interpretationof these axioms somewhat clearer. The axioms define the effect of performingthe operation on the object when the object is in a particular state. However, ratherthan using an explicit model to define the state (as would be used in Z), it is defined interms of the constructor operations. So each axiom relates the effect of one of theinspection operations on the aircraft_table after it has been modified by a constructoroperation.The axiom used to relate eval and insert therefore first tells us that if theaircraft_track value is greater than the size of the table (however these are defined), theresult will not be specified by these relationships. It then goes on to show that if a particularvalue of aircraft_details has been inserted for the chosen track, then the detailsof this will be retrieved by eval. Failing such a correspondence, the rule will need to beapplied to another element.The relationships between eval and remove are similar. Again, the second of theseobserves that if a particular aircraft_track has been deleted from the table, then attemptingto read this will produce an undefined result.Having examined, therefore, something of the general form of such a specification,we now need to consider briefly how this might be developed.18.3.3 Algebraic specification: process partOnce again, the algebraic formal description technique really lacks any ‘process part’of the form that is provided by the systematic design methods, and most of the literatureis more concerned with describing the form of a specification than its derivation.As with the object-oriented strategies, the form of the specification makes it equallywell suited for use with a top-down or bottom-up development strategy. Features suchas the uses mechanism also aid the designer in the task of partitioning the functionalityof a system.In the absence of any overall strategic guidelines on how a system should be structured,there are various guidelines for the more detailed task of constructing thespecification of an object, or a set of objects. The techniques for ensuring that the setof axioms is complete and correct are also well established, and to the practising engineerthey have the particular attraction of using more familiar mathematical forms andtechniques (algebra). An added useful side-effect is that the task of generating theaxioms also effectively generates a set of guidelines for testing the eventual implementation(Bradley, 1989).The strategy for developing algebraic specifications, like that used for Z specifications,readily encompasses both the top-down and bottom-up strategies. But it isprobably more difficult to construct this form of specification for a very large systemwithout very extensive experience of its use.18.3.4 Heuristics for property-based specificationOne thing that the algebraic form currently lacks is a good tutorial textbook alongthe lines of those now available for Z. Partly as a result of this, there are no welldocumentedheuristics for algebraic forms, although this is not to imply that none havebeen developed by the practitioners.