Re: [SystemSafety] Modelling and coding guidelines: "Unambiguous Graphical Representation"

From: Peter Bernard Ladkin < >
Date: Fri, 26 Feb 2016 12:54:02 +0100


David,

I agree with much of what you say, but I am not sure about SDL. When I was familiar with SDL a couple decades ago, people were claiming it was a formal specification language and that it had a well-defined semantics. Those people were largely in telecommunications and tool suppliers, and none of them had any training in computer science or what programming- or specification-language semantics really was. It was not true that SDL had an adequate formal semantics in the sense in which computer scientists use that term; neither was it true that SDL was unambiguous. If SDL 2010 is backwards compatible with previous SDLs, then that is likely still to be true. If, meanwhile, SDL were to have a formal definition and an unambiguous semantics then it would not be compatible with previous versions, and systems developed using SDL "specifications" some while ago would not be guaranteed to fulfil the meaning of those "specifications" in the current dialect, even if they did before.

On 2016-02-26 10:27 , David MENTRE wrote:
> * SDL is clearly defined (i.e. has semantics defined for each of its constructions).

That, of course, does not suffice for an unambiguous semantics.

> It is both a
> graphical and textual language. It is an international standard (ITU Z.100 to Z.109,
> http://www.itu.int/rec/T-REC-z) and is apparently freely available.

The ITU charges for its documents.

> * Another good candidate would be SCADE.

Yes.

> SCADE is a derivative of several academics synchronous data-flow languages: Signal, Lustre and
> Esterel. Those languages could be also good candidates for "unambiguous graphical representation".

Lustre and Esterel certainly. I don't know about Signal. There is the further question of whether the SCADE tools respect the semantics of Lustre and Esterel (and Signal). That was always the intent, and my colleagues at Esterel do claim it, but I am not sure to what extent it has ever been independently assessed (apart from what TüV Süd says).

> * Harel's Statecharts are also semantically defined, even if the semantics is very complex. I don't
> know if the associated tool is still available on the market.

Yes. But I understand there have been issues with the semantics of parts of it, certain concurrency constructs, with corresponding lack of universal agreement. If you stay away from those points of contention, then the semantics is unambiguous.

> * Counter-examples are UML and SysML ...

Yes.

>> What do those of you who practice in this field understand by “an
>> unambiguous graphical representation”?

>
> For me, a graphical representation is unambiguous if, for each graphical construction or combination
> of constructions, its semantics (i.e. its meaning) is described, in an exhaustive way.

Let X be a syntactic object specifying behavior. Let A, B and C be pairwise incompatible statements of a semantics.

"X means A, or B, or C" is an exhaustive description of a semantics of X. It is patently not unambiguous. Indeed, X can have any one of three mutually incompatible meanings.

You can, of course, say that "A or B or C" is unambiguous, and in logic it is. But in terms of understanding what X does, it is not.

So, as we see, the term "unambiguous" is ambiguous.

>> How do you know they are unambiguous ? J

>
> Because you can read the formal description and make tools from it.

People do that with C!

PBL Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany Je suis Charlie
Tel+msg +49 (0)521 880 7319 www.rvs.uni-bielefeld.de



The System Safety Mailing List
systemsafety_at_xxxxxx Received on Fri Feb 26 2016 - 12:54:09 CET

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:07 CEST