The Austalian National University
Research School of Computer Science
Dirk Pattinson
Semester 2, 2013
Z Specification Cheat Sheet
Formal Methods for Software Engineering
1
Given Types.
A given type is a type without internal structure. Given types are sets and
[Given1 , . . . , Givenn ]
declares that Given1 , . . . , Givenn are given types.
2
Built-In Types
The only built-in type in Z are the integers, and they are written Z.
3
Built-In Type Constructors
Z has a range of built-in type constructors of which we only use very few. If S and T are types, then
• P S is a type – the type of all subsets of S
• X ↔ Y is a type – the type of all relations between X and Y
• X→
7 Y is a type – the type of all partial functions from X to Y
• X → Y is a type – the type of all total functions from X to Y.
• seq X is the type of all sequences of elements of X
• bag X is the type of all bags (multisets) of elements of X.
Note that X → Y = P(X × Y) and that every function is a partial function is a relation: they are all just sets of pairs.
4
Notation for Types
• if x ∈ X and y ∈ Y, then x 7→ y is (popular) alternative notation for (x, y)
• if x1 , . . . , xn ∈ X then {x1 , . . . , xn } is the set with elements x1 , . . . , xn .
• if x1 , . . . , xn ∈ X then [[x1 , . . . , xn ]] is the bag with elements x1 , . . . , xn . Note that the xi ’s may not be distinct.
• if x1 , . . . , xn ∈ X then hx1 , . . . , xn i is the obvious sequence of elements.
5
Built-In Functions and Relations
Again, we only use very few of the built-ins, and most work generically (i.e. with any types in place of X and Y below.)
• ∈: X ↔ P X – set membership
• ⊆: P X ↔ P X – the subset relation
• =: X ↔ X – equality
• dom : X ↔ Y → P X – the domain of a relation, dom(R) = {x ∈ X | ∃ y ∈ Y • x 7→ y ∈ R}
• ran : X ↔ Y → P Y – the range of a relation, ran(R) = {y ∈ Y | ∃ x ∈ X • x 7→ y ∈ R}
• arithmetical operations on the integers like +, ∗, . . . that have their standard meaning
• comparison operators on the integers like ≤, <, . . . that have their standard meaning
• head : seqT →
7 T and last : seqT →
7 T return the first/last element of a sequence
• tail : seqT →
7 seq T and front : seqT →
7 seqT return the sequence with the first/last element removed
• a : (seqT × seqT) → seqT is concatenation of sequences.
• ] : bag T × bag T → bag T is bag union (perserving multiplicity)
• items : seq T → bag T turns sequences into bags (forgetting order)
• count : bag T → (T → N) s.t. count(b)(x) is the number of occurrences of x in b
6
Schemas
• Schemas are combination of data declarations and a constraint. The schema
Name(optional)
v1 : T1 ; . . . ; vn : Tn
c1 ; . . . ; ck
declares variables v1 , . . . , vn with indicated types, and c1 , . . . , ck are constraints (first order formulae) that may use
the variables. The constraint on a schema describes the values that the declared variables may assume. An alernative
way to write the above schema is Name =
b [v1 : T1 ; . . . ; vn : Tn | c1 ; . . . ; ck ].
• Schema Priming: If S is a schema, then S0 is the schema with all variable names primed (in declaration and constraints).
• Delta and Xi: If S is a schema, then ∆S is the union of S and S0 and ΞS is the schema ∆S together with v = v0 for
all declared variables v of S.
• Schema Import. If R is a schema, then
S
R; (other declarations)
(some constraints)
has the effect of adding all declared variables of R (to the declared variables) and adding all constraints of R (to the
constraints).
• Logical Connectives on Schemas. If R and S are schemas so that all declared variables have the same type, then
R ∧ S and R ∨ S and ∃ v : T • S and ∀ v : T • S are schemas if v : T is declared in S.
We can name such a schema by writing S =
b F where F is built from schema (names) using ∧ and ∨.
• Schemas as types. Every schema is a type. Given Name =
b [v1 : T1 ; . . . ; vn : Tn | c1 ; . . . ; ck ], then the elements
of the type Name are all combination of variable values that satisfy all constraints. If n : Name is an element, then
n.vi is the value of the (declared) variable vi .