Predicative programming is the original name of a formal method for program
specification and
refinement
Refinement may refer to: Mathematics
* Equilibrium refinement, the identification of actualized equilibria in game theory
* Refinement of an equivalence relation, in mathematics
** Refinement (topology), the refinement of an open cover in mathem ...
, more recently called a Practical Theory of Programming, invented by
Eric Hehner
The given name Eric, Erich, Erikk, Erik, Erick, or Eirik is derived from the Old Norse name ''Eiríkr'' (or ''Eríkr'' in Old East Norse due to monophthongization).
The first element, ''ei-'' may be derived from the older Proto-Norse ''* ain ...
. The central idea is that each specification is a binary (
boolean
Any kind of logic, function, expression, or theory based on the work of George Boole is considered Boolean.
Related to this, "Boolean" may refer to:
* Boolean data type, a form of data with only two possible values (usually "true" and "false" ...
) expression that is true of acceptable computer behaviors and false of unacceptable behaviors. It follows that refinement is just
implication. This is the simplest formal method, and the most general, applying to sequential, parallel, stand-alone, communicating, terminating, nonterminating, natural-time, real-time, deterministic, and
probabilistic
Probability is the branch of mathematics concerning numerical descriptions of how likely an Event (probability theory), event is to occur, or how likely it is that a proposition is true. The probability of an event is a number between 0 and ...
programs, and includes time and space bounds.
Commands in a
programming language are considered to be a special case of specification—those specifications that are compilable. For example, if the program variables are
,
, and
, the command
:=
+1 is equivalent to the specification (binary expression)
=
+1 ∧
=
∧
=
in which
,
, and
represent the values of the program variables before the assignment, and
,
, and
represent the values of the program variables after the assignment. If the specification is
>
, we easily prove (
:=
+1) ⇒ (
>
), which says that
:=
+1 implies, or refines, or implements
>
.
Loop proofs are greatly simplified. For example, if
is an integer variable, to prove that
while
>0 do
:=
–1 od
refines, or implements the specification
≥0 ⇒
=0, prove
if
>0 then
:=
–1; (
≥0 ⇒
=0) else
fi ⇒ (
≥0 ⇒
=0)
where
= (
=
) is the empty, or do-nothing command. There is no need for a
loop invariant or
least fixed point. Loops with multiple intermediate shallow and deep exits work the same way. This simplified form of proof is possible because program commands and specifications can be mixed together meaningfully.
Execution time (upper bounds, lower bounds, exact time) can be proven the same way, just by introducing a time variable. To prove termination, prove the execution time is finite. To prove nontermination, prove the execution time is infinite. For example, if the time variable is
, and time is measured by counting iterations, then to prove that execution of the previous while-loop takes time
when
is initially nonnegative, and takes forever when
is initially negative, prove
if
>0 then
:=
–1;
:=
+1; (
≥0 ⇒
=
+
) ∧ (
<0 ⇒
=∞) else
fi
⇒ (
≥0 ⇒
=
+
) ∧ (
<0 ⇒
=∞)
where
= (
=
∧
=
).
Bibliography
* E.C.R. Hehner, ''a Practical Theory of Programming'', Springer-Verlag 1993. Most recent edition online a
a Practical Theory of Programming
External links
by
Eric Hehner
The given name Eric, Erich, Erikk, Erik, Erick, or Eirik is derived from the Old Norse name ''Eiríkr'' (or ''Eríkr'' in Old East Norse due to monophthongization).
The first element, ''ei-'' may be derived from the older Proto-Norse ''* ain ...
.
Formal methods
Formal specification languages
Logical calculi
{{formalmethods-stub