[SystemSafety] Modelling and coding guidelines: "Unambiguous Graphical Representation"

Peter Bernard Ladkin ladkin at rvs.uni-bielefeld.de
Fri Feb 26 12:54:02 CET 2016


David,

I agree with much of what you say, but I am not sure about SDL. When I was familiar with SDL a
couple decades ago, people were claiming it was a formal specification language and that it had a
well-defined semantics. Those people were largely in telecommunications and tool suppliers, and none
of them had any training in computer science or what programming- or specification-language
semantics really was. It was not true that SDL had an adequate formal semantics in the sense in
which computer scientists use that term; neither was it true that SDL was unambiguous. If SDL 2010
is backwards compatible with previous SDLs, then that is likely still to be true. If, meanwhile, SDL
were to have a formal definition and an unambiguous semantics then it would not be compatible with
previous versions, and systems developed using SDL "specifications" some while ago would not be
guaranteed to fulfil the meaning of those "specifications" in the current dialect, even if they did
before.

On 2016-02-26 10:27 , David MENTRE wrote:
> * SDL is clearly defined (i.e. has semantics defined for each of its constructions). 

That, of course, does not suffice for an unambiguous semantics.

> It is both a
> graphical and textual language. It is an international standard (ITU Z.100 to Z.109,
> http://www.itu.int/rec/T-REC-z) and is apparently freely available.

The ITU charges for its documents.

> * Another good candidate would be SCADE. 

Yes.

> SCADE is a derivative of several academics synchronous data-flow languages: Signal, Lustre and
> Esterel. Those languages could be also good candidates for "unambiguous graphical representation".

Lustre and Esterel certainly. I don't know about Signal. There is the further question of whether
the SCADE tools respect the semantics of Lustre and Esterel (and Signal). That was always the
intent, and my colleagues at Esterel do claim it, but I am not sure to what extent it has ever been
independently assessed (apart from what TüV Süd says).

> * Harel's Statecharts are also semantically defined, even if the semantics is very complex. I don't
> know if the associated tool is still available on the market.

Yes. But I understand there have been issues with the semantics of parts of it, certain concurrency
constructs, with corresponding lack of universal agreement. If you stay away from those points of
contention, then the semantics is unambiguous.

> * Counter-examples are UML and SysML ...

Yes.

>> What do those of you who practice in this field understand by “an
>> unambiguous graphical representation”?
> 
> For me, a graphical representation is unambiguous if, for each graphical construction or combination
> of constructions, its semantics (i.e. its meaning) is described, in an exhaustive way. 

Let X be a syntactic object specifying behavior. Let A, B and C be pairwise incompatible statements
of a semantics.

"X means A, or B, or C" is an exhaustive description of a semantics of X. It is patently not
unambiguous. Indeed, X can have any one of three mutually incompatible meanings.

You can, of course, say that "A or B or C" is unambiguous, and in logic it is. But in terms of
understanding what X does, it is not.

So, as we see, the term "unambiguous" is ambiguous.

>> How do you know they are unambiguous ? J
> 
> Because you can read the formal description and make tools from it. 

People do that with C!

PBL

Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany
Je suis Charlie
Tel+msg +49 (0)521 880 7319  www.rvs.uni-bielefeld.de





-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20160226/160cedfa/attachment.pgp>


More information about the systemsafety mailing list