View
225
Download
1
Category
Tags:
Preview:
Citation preview
Mathematics throughout the CS Curriculum
Support by NSF #
General Consensus
• Most CS faculty agree that math is important.• Discrete Math is usually required.
The Problem
• Students study math, but don’t see the connection to their CS courses.
• Content• Reasoning skills• Why Reasoning Skills?• What Reasoning Skills??
Beyond the Classroom
• Current Software is too large for one person to understand at the code level.
• Software engineers must work at the modular level.
• How do we prepare future programmers?• What do they need to know?• How can they reason about large programs
composed of many parts?
What reasoning skills are necessary?Concept Inventory
Boolean Logic Standard Logic Symbols, Standard Proof Techniques
Discrete Math Structures Sets, Strings, Numbers, Relations, and other mathematical theories as needed
Precise Specifications Mathematical Descriptions of Software interfaces for clients and implementers.Math models for structuresPre and Post conditions for operations.
Modular Reasoning Each Module needs to be proven correct only once.
Verification Conditions Mathematical Assertions equivalent to the correctness of the program.
Correctness Proofs Application of Proof Techniques to the program
Apply in All Courses
• Introductory Level Programming• Data Structures and Algorithms• Software Engineering• Theory of Programming Languages• Electives
Motivation for Reasoning
• Binary search in C++ library• Proven correct?• Failed!
Need Precise Specs
• Need to distinguish between mathematical integers and computer integers
• Specs take this distinction into account.
Introductory Programming
• Informal and Formal Reasoning• Reasoning Tables• Reasoning based on specification without
needing to see code.
Example
Operation PlusTwo(updates i: int)requires ??ensures i = #i + 2;
CodeIncrement(i);Increment(i);
Increment
• Operation Increment (updates i: int)requires i < max_int;
ensures i = #i + 1;
No need to seeCode i := i + 1;
Example
Operation PlusTwo(updates i: int) requires i < max_int - 1; ensures i = #i + 2;
Code Increment(i);Increment(i);
Reasoning TableOperation PlusTwo
State Number Assume Confirm
0 I0 < max_int - 1
Increment(i)
1 i1 = i0 + 1 i1 < max_int
Increment(i)
2 i2 = i1 + 1 i2 = i0 + 2
Upper Level
• Formal Methods in Software Engineering• Algorithms (Distinction between proving an
algorithm and that an implementation meets the specification of the algorithm)
• Theory of Programming Languages– (Verifying Compiler Challenge)
Formal Methods Unit
• Often at end of text• Missing altogether
Precise Specifications
• requires clause (pre-condition)• ensures clause (post-condition)• loop invariants• Math modeling
Stack Model
• Stack_Family is_modeled_by Str(Entry)exemplar S;Initialization
ensures S = Λ;
Note: Entry is a generic type.
Example
Operation Push(alters E: Entry; updates S: Stack);
requires |S| < Max_Depth; ensures S = <#E> o #S; Operation Pop(replaces R: Entry; updates S:
Stack); requires |S| > 0; ensures #S = <R> o S;
Proof Rules for Verification
• code: Assume B; code1; Confirm Q;• code; Assume B; code2; Confirm Q;• -------------------------------------------------------------
-• code; If B then code1 else code2; endif;
Confirm Q;
Verification Conditions
• Automated generation of VC’s• http://resolve.cs.clemson.edu/interface/#
Summary
• To meet the challenges of current software, students need– To reason about large programs modularly– To read and write mathematical specs– To distinguish between spec and implementation
Recommended