COMP 4600/7600 Software Specication and Testing

Lecture 2: Introduction to the Z

Notation
Predicate Calculus
A predicate is a statement that is either true or false.
today is Tuesday
29 is a prime number
x < 19 P(x)
x + y = 9 P(x, y)
for each natural number, there exists another nat-
ural number which is larger
there exists a negative number whose square is neg-
ative
1
Not ( )
Suppose P is a predicate:
P (not P)
is a predicate dened by
P P
T F
F T
P is true if and only if P is false.
e.g.
(11 < 3) is true
(2 + 2 = 4) is false
2
And ()
Suppose P and Q are predicates:
P Q (P and Q)
is a predicate dened by
P Q P Q
T T T
F T F
T F F
F F F
P Q is true if and only if both P and Q are true.
e.g.
(11 > 3) (2 + 2 = 4) is true
(11 < 3) (2 + 2 = 4) is false
P ( P) is false for any P (a contradiction)
3
Or ()
Suppose P and Q are predicates:
P Q (P or Q)
is a predicate dened by
P Q P Q
T T T
F T T
T F T
F F F
P Q is true if and only if either P or Q (or both) are
true.
e.g.
(11 > 3) (2 + 2 = 4) is true
(11 < 3) (2 + 2 = 4) is true
P ( P) is true for any P (a tautology)
4
Implies ()
Suppose P and Q are predicates:
P Q (P implies Q)
is a predicate dened by
P Q P Q
T T T
F T T
T F F
F F T
P Q is true if and only if P is false or Q is true.
e.g.
(11 > 3) (2 + 2 = 4) is true
(11 < 3) (2 + 2 = 5) is true
(11 > 3) (2 + 2 = 5) is false
P (P Q) is a tautology
5
Equivalence ()
Suppose P and Q are predicates:
P Q (P if and only if Q)
is a predicate dened by
P Q P Q
T T T
F T F
T F F
F F T
P Q is true if and only if P and Q are both true or
both false.
e.g.
(11 > 3) (2 + 2 = 4) is true
(11 < 3) (2 + 2 = 5) is true
(11 < 3) (2 + 2 = 4) is false
P P is a tautology
P ( P) is a contradiction
6
Universal Quantier ()
Consider the predicate
all natural numbers are bigger than zero.
We can write this formally as
n : N n > 0
More generally,
a
b
c
X
x : X P(x)
abbreviates
true P(a) P(b) P(c)
7
Examples
Are the following predicates true of false?
n : N n
2
> n
n : N (n
2
= n) (n = 0 n = 1)
Write predicates to express the following:
the square of any natural number is at least as
big as the number itself
2 is the only natural number whose double
equals its square
8
Existential Quantier ()
Consider the predicate
there is a natural number bigger than zero.
We can write this formally as
n : N n > 0
More generally,
a
b
c
X
x : X P(x)
abbreviates
false P(a) P(b) P(c)
9
Examples
Are the following predicates true or false?
x : N x = x + 1
x, y : N x > y
x : N (y : N y > x)
Write predicates to express the following:
there is some natural number whose square is
equal to its cube
every natural number is a perfect square
not every natural number is even
10
Sets
A set is a collection of elements (or members).
e.g.
a, b, c, 3, 1, 16
the elements are not ordered
a, b, c is the same set as b, a, c
the elements are not repeated
a, a, b is the same set as a, b
two sets are equal if and only if they have the same
elements
a, b, c = b, a, c
Some Given Sets
N == 0, 1, 2, . . . natural numbers
N
1
== 1, 2, 3, . . .
Z == 0, 1, 1, 2, 2, . . . integers
empty set: the set with no elements
11
Membership
x X
is a predicate which is
true if x is in the set X
false if x is not in the set X
e.g.
a a, b, c (T)
6 , 3, 1, 16 (T)
d a, b, c (F)
Notice the dierence between : and :
x : Z x > 5 x N
x : Z declares a new variable x of type Z
x N is a predicate which is true or false depending
upon the value of the previously declared x
12
Set Expressions
a, b, c, d (is a nite set)
N (is an innite set)
We can express a set by listing its elements, but this is
impractical if the set is large, and impossible if the set
is innite.
Instead, a set can be dened by giving a predicate which
species precisely those elements in the set.
e.g. the set of all natural numbers less than 99 is:
n : N [ n < 99
In general, the set
x : X [ P(x)
is the set of elements of X for which the predicate P is
true.
13
Examples
the set of even integers is
z : Z [ k : Z z = 2 k
the set of natural numbers which when divided by 7
leave a remainder of 4 is
n : N [ m : N n = 7 m+ 4
N is the set z : Z [ z 0
N
1
is the set n : N [ n 1
if a, b are any natural numbers then a . . b is dened as
the set of all natural numbers between a and b inclusive,
i.e.
a . . b is the set n : N [ a n b
14
Subset () and Proper Subset ()
If S and T are sets,
S T (S is a subset of T)
is a predicate equivalent to s : S s T
S T (S is a proper subset of T)
is a predicate equivalent to S T S ,= T
S
T
e.g. the following predicates are true
0, 1, 2 N
2 . . 3 1 . . 5
a, b a, b, c
X for any set X
x X x X
15
Power Set (P)
If X is a set,
PX (the power set of X)
is the set of all subsets of X.
The predicates
A PB and A B
are equivalent.
e.g. the following predicates are true
Pa, b = , a, b, a, b
P = (,= )
1 . . 5 PN
2 . . 4 P(1 . . 5)
If X has k elements, PX has 2
k
elements.
16
Set Union ()
Suppose S, T : PX (i.e. S X and T X); then
S T (S union T)
is a set equal to
x : X [ x S x T
a
b
c
d
e S T
S T = a, b, c, d, e
e.g. the following predicates are true
a, b, c b, g, h = a, b, c, g, h
(1 . . 5) (3 . . 7) = 1 . . 7
N
1
0 = N
A = A (for any set A)
17
Set Intersection ()
Suppose S, T : PX; then
S T (S intersection T)
is a set equal to
x : X [ x S x T
a
b
c
d
e S T
S T = c
e.g. the following predicates are true
a, b, c b, g, h = b
(1 . . 5) (3 . . 7) = 3 . . 5
a, b, c d, g = (the sets are disjoint)
A = (for any set A)
18
Set Dierence (\)
Suppose S, T : PX; then
S T (S subtract T)
is a set equal to
x : X [ x S x , T
a
b
c
d
e S T
S T = a, b
e.g. the following predicates are true
a, b, c b, g, h = a, c
(1 . . 5) (3 . . 7) = 1 . . 2
N
1
= N 0
A = A (for any set A)
19
Cardinality
If X is any nite set,
#X
is a natural number denoting the cardinality of (i.e. the
number of elements in) X.
e.g.
#a, b, c = 3
# = 0
#PA = 2
#A
(for any nite set A)
20
Cartesian Product ()
If A and B are sets,
AB (A cross B)
is the set of all ordered pairs (a, b) with a A and b B.
e.g. the following predicates are true
a, b a, c = (a, a), (a, c), (b, a), (b, c)
(5, 1) N Z
(5, 1) , N N
6 , N N
A = (for any set A)
21
Functions
A (partial) function f from a set A to a set B, denoted
by
f : A B,
is a subset f of A B with the property that for each
a A there is at most one b B with (a, b) f .
A
B
a b
f : A B
domf is the set a : A [ b : B (a, b) f
ranf is the set b : B [ a : A (a, b) f
22
Function Application
Suppose f : A B and a domf ; then f (a) denotes
the unique image element in B that a is mapped to by f .
A
B
a
f
f(a)
The predicates
(a, b) f and f (a) = b and a b f
are equivalent.
Total Functions
A function f : A B is a total function, denoted
f : A B,
if and only if domf is the set A.
23
Specifying Functions
A function f : A B can be specied by giving a pred-
icate determining which pairs (a, b) A B are in the
function.
e.g.
(a)
double : N N
n : N double(n) = 2n
(b)
halve : N N
domhalve = n : N [ m : N 2m = n
n : domhalve 2 halve(n) = n
(c)
fact : N
1
N
fact(1) = 1
n : N
1
1 fact(n) = n fact(n 1)
24
Relations
A relation R from A to B, denoted by
R : A B,
is a subset of AB.
e.g.
z
y
x
d
c
R B
A
R is the set (c, x), (c, z), (d, x), (d, y), (d, z)
Notation: the predicates
(c, z) R and c z R and c R z
and z R([ c [)
are equivalent.
Also,
domR is the set a : A [ b : B a R b
ranR is the set b : B [ a : A a R b
25
Examples
: N N
x, y : N
x y k : N x + k = y
i.e. the relation is the innite subset
(0, 0), (0, 1), (1, 1), (0, 2), (1, 2), (2, 2), . . .
of ordered pairs in N N.
divides : N
1
N
x : N
1
; y : N
x divides y k : N x k = y
e.g.
3 divides 6 but (3 divides 7)
26
Sequences
A sequence s of elements from a set A, denoted
s : seqA,
is a function s : N A where doms = 1 . . n for some
natural number n.
e.g.
b, a, c, b)
denotes the sequence (function)
1 b, 2 a, 3 c, 4 b
The empty sequence is denoted by ).
The set of all sequences of elements from A is denoted
seqA and is dened to be
seqA == s : N A [ n : N doms = 1 . . n
We dene seq
1
A to be the set of all non-empty se-
quences, i.e.
seq
1
A == seqA )
Notice that
a, b, a) ,= a, a, b) ,= a, b)
27
Special Functions for Sequences
Concatenation
a, b)

b, a, c) = a, b, b, a, c)
Head
head : seq
1
A A
s : seq
1
A head(s) = s(1)
e.g.
c, b, b) = c
Tail
tail : seq
1
A seqA
s : seq
1
A head(s))

tail(s) = s
e.g.
tailc, b, b) = b, b)
28
Domain and Range Restriction
Suppose R : A B and S A and T B; then
S R is the set (a, b) : R [ a S
R T is the set (a, b) : R [ b T
Notice that both
S R A B and R T A B
are true.
e.g. if
has sibling : People People
then
female has sibling is the relation is sister of
has sibling female is the relation has sister
29
Domain and Range Subtraction
Suppose R : A B and S A and T B; then
S R is the set (a, b) : R [ a , S
R T is the set (a, b) : R [ b , T
The following predicates are true
S R = (A S) R
R T = R (B T)
S R A B
R T A B
e.g.
female has sibling is the relation is brother of
has sibling female is the relation has brother
30
Function Overriding
Suppose f , g : A B; then
f g is the function (domg f ) g
i.e. the following predicates are true
domf g = domf domg
a : domg (f g)(a) = g(a)
a : domf domg (f g)(a) = f (a)
f g A B
e.g.
a x, b y, c x a y
= a y, b y, c x
31
Other notation

Predicates

1
x : X P(x) there exists exactly one element x in
X such that the predicate P(x) is true
let x == e P(x) the predicate P(e)
Sets
x : X [ P(x) e(x) the set of all values e(x) for each
element x in X for which the predicate P(x) is true
Functions and relations
id identity relation
R
1
o
9 R
2
relational composition
R
1
R
2
backward relational composition
R

relational inverse
R
+
transitive closure
R

reexive-transitive closure

See J.M. Spivey. The Z Notation: A Reference Manual,

2nd edition. Prentice Hall, 1992. (Available on-line at
http://spivey.oriel.ox.ac.uk/mike/zrm/).
32