Está en la página 1de 34

2

Z NOTES 1 SETS

Terry Marris July 2004 INTRODUCTION

Sets are the foundation of all mathematics and our attempts to describe the world about us.
We look at the properties of sets and some simple ways of describing them. We explain that a
CONTENTS set is a collection of similar objects. We see how to display a set. We see that a set has no
duplicates and no order. We examine a convention for naming sets. We look at some
1 Sets standard sets. We learn how to define number ranges. We examine the concepts of
2 Basic Types cardinality, membership and equality.
3 The Integer Type
4 Predicates
5 Schemas
6 Set Types 1.1 OBJECTS AND SETS
7 Set Operations
8 Schema Calculus An object is anything we can see, smell, hear, taste, touch or think about. A collection of
9 Binary Relations similar objects is called a set. Examples of sets include

the collection of people who have enrolled on this year's Access course
the collection of leap years since 1986
the collection of three letter passwords that can be generated from the letters a, b
and c

EXERCISE 1.1

Identify five sets drawn from your surroundings and experience.


3 4

1.2 SET DISPLAY 1.3 NAMING A SET

One way to describe a set is to list its contents. For example: If a set has too many members to conveniently list, we can simply give them descriptive
names.

{ tom, anne, jerry }


PERSON - the set of all people
{ 1988, 1992, 1996, 2000, 2004 }
LEAPYEAR - the set of all leap years ever
{ abc, bca, cab, acb, bac, cba }
PASSWORD - the set of all possible passwords

We use curly brackets to separate the list from its surroundings. The objects that make up a
set are known as its elements or members. We separate one member from the next by a We follow the convention that names we choose for our sets
comma.

Describing a set by listing its contents is called set display. are written entirely in capital letters - PERSON not Person
are singular - PASSWORD not PASSWORDS
A set is defined by its contents alone. So the order in which you write the elements in a set do not contain spaces, underscores or hyphens - LEAPYEAR not LEAP YEAR
display is not important. It makes no sense to talk about the first or last element in a set, or to
say that one element comes before another.

EXERCISE 1.3
{ tom, anne, jerry } is the same as { anne, jerry, tom }
Evaluate the names for the set of book titles shown below against the convention for naming
sets described in section 1.3 above.
If two elements in a set are the same, the repeated element is ignored. Writing the same
element more than once is harmless but confusing. So we leave out repeats. 1 BOOKTITLE

2 BOOK TITLE
{ tom, tom, jerry, anne } is better written { tom, jerry, anne }
3 BookTitle

4 BOOK_TITLE
EXERCISE 1.2
5 BOOKTITLES
Use set display notation to describe the sets given below.

1 the set of days you are timetabled to be in college.

2 the set of digits used in base 10 arithmetic (denary).

3 the set of digits used in base two arithmetic (binary).

4 the set of colours seen on a rainbow.

5 the set of departments in a small, manufacturing business.


5 6

1.4 SOME STANDARD SETS 1.5 NUMBER RANGE

Some sets have names already assigned to them. If a sequence of integers form a set, we can use number range notation.

(say fat zed) - the set of all whole numbers, negative, zero and positive. -1, 0, 1 are
members of this set. 1..7 (say 1 up to 7) is the set of all integers between 1 and 7 inclusive.

(say fat en) - the set of natural numbers including zero. 0, 1, 2 are members of this set.
1..7 is the set { 1, 2, 3, 4, 5, 6, 7 }. Note that there are just two dots between the two integers
- the empty set, the set with no members. Think of an empty bag - there is nothing in it. that mark the beginning and end of the sequence.

Z and are not the same thing. Z is the name of a notation that uses maths to specify
computer systems. is the set of all whole numbers. Whole numbers are also known as EXERCISE 1.5
integers.
Use number-range notation to define the sets described below.

1 the number of people who may be allowed in a lift if its capacity is five people.
EXERCISE 1.4
2 the set of hours used in 24-hour clock notation.
Explain the difference between
3 the set of numbers that define any person's age in years.
1 Z and

2 and {}
7 8

1.6 CARDINALITY 1.7 MEMBERSHIP

Some sets contain more members than we can count. Think of , the set of all possible If we look at the set { 1988, 1992, 1996, 2000, 2004 } we can see that 2000 is an element of
integers for example. No matter how many we count, there is always another one to be the set but 2001 is not. We write
counted. Such sets are called infinite sets.

Some sets contain a finite number of elements - we can count the number of elements they 2000 { 1988, 1992, 1996, 2000, 2004 }
contain. Look at the set { tom, anne, jerry }. We can see it has three elements.

The number of elements in a finite set is known as its cardinality. The symbol for cardinality where means is-a-member-of
is #. So for example:
And
#{ tom, anne, jerry } = 3

#{ 1988, 1992, 1996, 2000, 2004 } = 5 2001 { 1988, 1992, 1996, 2000, 2004 }

#{ abc, bca, cab, acb, bac, cba } = 6


where means is-not-a-member-of.
# is undefined

EXERCISE 1.7
EXERCISE 1.6
Which of the following expressions are true and which are false? Explain why.
State the value of
1 end { if, else, while, repeat, until, end }
1 #{ spaceKey, tabKey, returnKey, arrowKey, functionKey }
2 Key { spaceKey, tabKey, returnKey, arrowKey, functionKey }
2 #
3 0
3 #
4 3.142

5 -1
9 10

1.8 EQUALITY REVIEW

Two sets are equal if they both have exactly the same elements. For example We defined what a set is - a collection of similar objects. We saw how to display a set. We
learned that a set has no duplicates and no order. We saw how to choose names for a set. We
looked at some standard sets. We learned how to define number ranges. We examined the
{ 1988, 1992, 1996, 2000, 2004 } = { 2000, 1996, 1988, 2004, 1992 } concepts of cardinality, membership and equality.

Next, we look at basic types.


= means is-the-same-as.

But if two sets do not have exactly the same elements, they are not equal. For example
BIBLIOGRAPHY

{ 1988, 1992, 1996, 2000, 2004 } { 1988, 1992, 1996, 2000 } BARDEN R., STEPNEY S. & COOPER D. 1994 Z in Practice Prentice Hall pp 377
JACKY J 1997 The Way of Z Cambridge pp 63
SPIVEY J.M. 1992 The Z Notation Prentice Hall pp 25, 111
are not equal because 2004 is a member of one set but not the other. WOODCOCK J. & DAVIES J. 1996 Using Z: Specification, Refinement & Proof Prentice
Hall pp 57, 112
means is-not-the-same-as.

EXERCISE 1.8

Which of the following expressions are true and which are false? Explain why.

1 { robin, thrush, starling, sparrow, blackbird } = { wren, swallow, hawk, crow, magpie }

2 { 0, 1 } { 1, 0 }

3 { 1, 2, 4, 8, 16 } = { 16, 8, 4, 2, 1 }
11 12

2 BASIC TYPES EXERCISE 2.1

1 Explain what is meant by the term abstraction. Illustrate your explanation with an
INTRODUCTION example.

In the last chapter we looked at sets and some of their properties. We noted that elements in a 2 We are looking at defining a video rental system. A video has a title and a subject by
set are similar. It is this similarity that we focus on in this chapter. which it is classified. We do not need to know anything about the internal details of titles
and subjects. Introduce titles and subjects as given sets.
To help describe the world about us, we classify objects into sets called types. We go on to
look at how we can represent any element in a set, no matter how large that set is. We look at 3 Each room in a hotel is given a number or a name. No two rooms have the same number
the properties of variables. or name. Since the number or name uniquely identifies a room, introduce room id as a
given set.
We see the importance of types in detecting errors and inconsistencies.

2.2 DECLARATIONS
2.1 BASIC TYPES
PERSON, the set of all possible people on this planet, is pretty large. If we want to refer to
There is just one inbuilt type that is part of the Z Notation; it is , the set of all integers. We just one of them we write
define all other types ourselves. We are in charge here.

We use a basic type when we want to just focus on essentials and hold off looking at details. aPerson : PERSON
For example, a person has a name, a date of birth and an address. If we do not need to be
concerned with details such as title, forename, middle names and surname, we introduce the
type NAME, the set of all possible names. If we do not need to bother with days, months, aPerson represents just one, any one, of all the possible elements in PERSON.
years and calendars (e.g. Chinese, Bengali and Gregorian) we introduce the type DATE, the
set of all possible dates. If we do not need to bother with house number, street, city and aPerson : PERSON is an example of a declaration. A declaration has two parts.
postcode, we introduce the type ADDRESS, the set of all postal addresses. Focussing on
essentials is called abstraction. To the right of the colon is the name of a set; this name is PERSON.

To define basic types of our own choosing we just list them (in alphabetical order) as given To the left of the colon is a name for any element from that set; this name is aPerson. Since
sets between square brackets, and explain what we mean by them. For example: we do not necessarily know which element aPerson represents, aPerson is called a variable.

We introduce as given sets ADDRESS, DATE and NAME. ADDRESS is the set of all postal A variable has a name (e.g. aPerson) a type (e.g. PERSON) and a value taken from the type.
addresses anywhere. DATE, the set of all possible dates in all possible calendars. NAME is
the set of all names in full that any person might have. Look at this declaration.

[ ADDRESS, DATE, NAME ] aPersonsAge : 0..130

The name of the variable is aPersonsAge. Its type is because the values 0, 1, 2, and so on
up to 130 are all elements from the larger set . We think of a type as an inclusive set. Each
element in the same set has the same type.
13 14

We cannot make a variable declaration if its type has not yet been introduced. For example, 2.3 NAMING VARIABLES
we cannot declare
We choose our own names for variables. We choose descriptive names whenever clarity is
required. For example.
aRoom : ROOM

aPersonsAge : 0..130 rather than a : 0..130


before introducing ROOM as a given set (by writing [ ROOM ] and describing what we mean
by ROOM).
We choose a single letter when there is no doubt about clarity (but readers often appreciate
We define it before we use it. This is known as the definition before use principle. But note more descriptive names).
that the type is pre-defined; it is part of the Z notation. So you do not have to define
before you use it.
p : PERSON is ok but aPerson : PERSON might be preferable.

EXERCISE 2.2 We follow the convention that names we choose for our variables

1 An employee has an annual salary that is always a whole number of pounds. Declare a
variable to represent an employee's annual salary. start with a lower case letter - person not Person
are written entirely in lower case except the first letter of each word in the name -
2 My car's thermometer displays air temperature to the nearest 0.5 degree Celsius. Thinking aPersonsAge not apersonsage
that 18.5 degrees C could be represented by 185, and 19 degrees by 190, declare a variable do not contain spaces, underscores or hyphens - anAddress not an Address
to represent the temperature displayed by my car's thermometer.

3 The printable characters found on a keyboard include letters of the alphabet, e.g. a, b, c, X, Writing variable names in a mixture of lower and upper case (capital) letters helps us to tell
Y, Z, digits e.g. 1, 2, 3, symbols e.g. /, >, &, and white space such as tab and spacebar. them apart from type names, which are written entirely in upper case.
Introduce a suitable type and declare a variable that could represent one of these printable
characters.

4 In an office supplies catalogue, items of stationery are identified by their catalogue EXERCISE 2.3
number. Introduce suitable types and declare variables that could represent items of
stationery and their catalogue numbers. Evaluate the variable names shown below against the convention for naming variables
described in section 2.3 above.
5 Snakes and Ladders is a game played on a board of 100 squares, numbered 1 to 100.
Declare a variable that could represent the position of a square on the board. 1 numberOfPersons : 0..5

2 NumberOfPersons : 0..5

3 number Of Persons : 0..5

4 NUMBEROFPERSONS : 0..5

5 n : 0..5
15 16

2.4 CONSISTENCY REVIEW

Every Z object is a type of one kind or another. This is important because it helps us discover We have seen that a basic type is a given set name. We think of a type as being an inclusive
inconsistencies in what we write. set. We noted that all the elements of a set belong to the same type.

For example, given the type We looked at declarations. A declaration introduces a variable and associates it with a type.

We looked at the importance of types in reducing inconsistencies and errors.


[ PERSON ]
We shall look at composite types such as set types, Cartesian product types and schema types
in later chapters.
and the declarations
Next, we look at the integer type.

p, q : PERSON
r:
BIBLIOGRAPHY

p = q is consistent because both p and q are variables of type PERSON. BOTTACI L & JONES J. 1995 Formal Specification Using Z Thompson pp 139
JACKY J. 1997 The Way of Z Cambridge University Press pp 64
But to say p = r is a nonsense because p is of type PERSON and r is of type integer. How NORCLIFFE A. & SLATER G. 1991 Mathematics of Software Construction Ellis Horwood
can you say that a person and an integer are the same object? pp 43
SPIVEY J.M. 1992 The Z Notation Prentice Hall pp 7, 24, 51
WOODCOCK J. & DAVIES J. 1996 Using Z: Specification, Refinement and Proof Prentice
Hall pp 70
EXERCISE 2.4

1 Comment on the validity of the expression { red, blue, green } = { 1, 2, 3 }

2 Given CHARACTER is the set of all printable characters found on any computer keyboard
for any country,

[ CHARACTER ]

and the declaration

ch : CHARACTER

comment on the validity of the expression

ch

3 Given the declaration

capacity :

comment on the validity of the expression

capacity = 5
17 18

3 THE INTEGER TYPE 3.2 THE div AND mod OPERATORS

We may remember from our days at junior school, before we learned about decimal points
and how to use a calculator, that
INTRODUCTION

In the last chapter we looked at types. A type is an inclusive set and all the elements of a set 7 3 = 2 remainder 1 [ because 7 = 3 2+1]
belong to the same type. We looked at declarations. A declaration introduces a variable and
associates it with a type. We looked at how consideration of types helps us to detect
inconsistencies and errors. div (for integer division) works in a similar way to but without the remainder. So

Now we go on to look at the integer type in more detail. We review the arithmetic operations
+, - and *, div and mod. We introduce max and min. We look at the numerical comparison 7 div 3 = 2
operators <, , > and . And we look at rules of precedence.

div gives the integer result after dividing one integer by another. Any remainder or fractional
part is truncated, cut off and lost.
3.1 THE ARITHMETIC OPERATORS
mod (for modulo) works in a way similar to remainder. So
The type is the set of all possible integers.

7 mod 3 = 1
... -3, -2, -1, 0, 1, 2, 3, ...

mod gives the integer remainder after dividing one integer by another.
We can add two integers together. 7 + 3 = 10
We remember that division by zero is not defined. So both
We can subtract one from another. 10 - 7 = 3
7 - 10 = -3
7 div 0 and 7 mod 0
We can multiply two integers. 7 * 3 = 21 [ * means multiply ]

But we have a problem with division. 7 / 3 = 2.3333 [ 21/3 = 2.3333 ] have no defined answer.

2.3333 is not an integer. div and mod are part of the Z Notation.

Z provides the div and mod operators so the problem does not arise.

EXERCISE 3.1

1 Evaluate

a 16 div 3 b 20 div 4 c 5 div 5 d 4 div 5 e 7 div 5

2 Evaluate

a 16 mod 3 b 20 mod 4 c 5 mod 5 d 4 mod 5 e 7 mod 5


19 20

3.3 ARITHMETIC OPERATOR PRECEDENCE 3.4 max AND min

Precedence is the order in which operations are always carried out. In arithmetic: Z also provides the max and min operators. max gives the largest value in a non-empty set of
integers, and min the least value. For example:
brackets have the highest priority

then *, div and mod in the order written from left to right max{ 11, 7, 13, 3, 5 } = 13

then + and - in the order written from left to right. min{11, 7, 13, 3, 5 } = 3

For example:

EXERCISE 3.3
(40 - 32) * 5 div 9 = 8 * 5 div 9 [ brackets first ]
= 40 div 9 [ multiply ] Evaluate
= 4 [ integer division ]
1 min{ -1, 0, 1 }

2 max{ 3, 4, 7, 1, 2 }
EXERCISE 3.2
3 max{ }
Evaluate

1 5+7*9

2 (5 + 7) * 9

3 5 div 9 * (212 - 32)

4 Given the declaration n : and the observation n div 2 = 0, what can you conclude about
n?

5 Given the declaration n : , what is the set of possible results of n mod 5?


21 22

3.4 THE NUMERICAL COMPARISON OPERATORS EXERCISE 3.4

40% is a critical mark in some exams. A mark of 40 or more is a pass. A mark of 39 or less 1 Given the declaration n : and that n 0 and n < 10 are both true, write down the set of
is a fail. The boundary between fail and pass is shown on the number line below. values that n belongs to.

2 Given the declaration n : and that n div 10 > 0 and n div 10 20 are both true, write
number line down the set of values that n belongs to.
37 38 39 40 41 42 43
3 Given the declaration n : and that n < 0 and n > 9 are both true, what can you conclude
fail pass
about the values of n?

39 is-less-than 40. We write 39 < 40. < means is-less-than.


REVIEW
41 is-more-than 40. We write 41 > 40. > means is-more-than.
We looked at the integer type in more detail. We reviewed the arithmetic operations +, - and
< and > are known as comparison or relational operators. They are easy to remember. Less
*, div (integer division) and mod (integer remainder) We introduced max and min - the
than has its point on the Left. MoRe than has its point on the Right.
largest and least values in a non-empty set of integers. We looked at the numerical
comparison operators < (less than), (less than or equal to), > (more than) and (more than
Evidently
or equal to). And we looked at rules of precedence (brackets, times and divide, add and
subtract) for the arithmetic operations.
39 < 40 is true
40 < 39 is false Next, we see how the values of variables may be constrained by predicates.

And
BIBLIOGRAPHY

40 > 39 is true SPIVEY J.M. 1992 The Z Notation Prentice Hall pp 108
39 > 40 is false

means less-than-or-equal-to. means more-than-or-equal-to. So

39 40 is true
40 40 is true
41 40 is false

And

40 39 is true
40 40 is true
40 41 is false
23 24

4 PREDICATES above is the set of all integers greater than zero, that is, the set of natural counting numbers
from one upwards.

INTRODUCTION
{ n: | n > 0 } = { 1, 2, 3, ... } [ Note: the ... is not Z. It means and so on.
In the last chapter we looked at the integer type. We reviewed the arithmetic operations +, - We write it to help our understanding. ]
and *, div and mod. We introduced max and min. We looked at the numerical comparison
operators <, , > and . And we looked at rules of precedence for the arithmetic operations. We define a predicate in terms of the set of objects that satisfy it.

Now we see how the values of variables may be constrained by predicates and how satisfying Look at this example.
a predicate defines a set. The types of predicate we shall discuss include

{n: |n 1..5 } = { 1, 2, 3, 4, 5 }
=, equals and membership
<, > relations: less than and more than
, connectives: conjunction (and) and disjunction (or) The declaration n : is the source. The predicate n 1..5 is the filter. It says n is a member
of the set of integers from 1 up to 5 inclusive. Only elements from that satisfy the
predicate pass through the filter .

4.1 PREDICATES A predicate puts a constraint on the values a variable might have. For example

A declaration introduces a variable. For example


capacity :
capacity = 10
n:

says capacity is 10.


introduces the variable named n, of type , without any constraints or bounds on the values
that n may have. We could use the declaration and predicate together to define the set containing just one
integer element, 10.
Suppose we require n to be not less than one, values 1, 2, 3, ... are what we require. To
declare that n is more than zero we would write
{n: | n = 10 } = { 10 }

n>0

EXERCISE 4.1
n > 0 is an example of a predicate. Values 1, 2, 3, ... and so on are said to satisfy the
predicate n > 0, i.e. make n > 0 true. Using set display notation write out the contents of the sets defined below. If the set is too
large to conveniently list, write down just five elements from the set.
Putting the declaration and predicate together, as shown below, specifies a set.
a {n: |n 0}

{ n: |n>0} b {n: |n 0..5 }

c { n : 1..9 | n mod 2 = 0 }
The declaration and predicate parts are separated by a | symbol. The declaration to the left of
the | is the source of the elements of the set. The predicate to the right of the | is like a filter: d { h : 0..23 | h < 12 }
only elements whose values are more than zero pass through the filter. The set just defined
25 26

4.2 THE CONNECTIVES Here are two small predicates that say n is less than 1 and n is more than 5.

The connectives include conjunction (and) and disjunction (or). They allow us to connect
smaller predicates together to form larger ones. n<1
n>5
For example, given the declaration n : , here are two small predicates that say n is more than
zero and n is less than 6.
Now join them together with , meaning or.

n>0
n<6 n<1 n>5

Now join them together with a , which means and-at-the-same-time. We then have a composite predicate known as a disjunction. The predicate is true if either n
is less than 1 or n is more than 5.

n>0 n<6
{n: |n<1 n > 5 } = { ..., -2, -1, 0, 6, 7, 8, ...}

We then have a composite predicate known as a conjunction. This predicate is true if n is


more than 0 and, at the same time, n is less than 6. This is the set of all integers excluding { 1, 2, 3, 4, 5 }

{n: |n>0 n < 6 } = { 1, 2, 3, 4, 5 } n<1 n>5

number line
-2 -1 0 1 2 3 4 5 6 7
n>0 n<6

number line It is easy to remember what the two symbols and mean when you notice that the looks
... -1 0 1 2 3 4 5 6 ... a bit like the A in And.

EXERCISE 4.2

Using set display notation enumerate (list) the contents of the sets defined below. If the set is
too large to enumerate then list just five elements from the set.

a {n: |n -1 n 1}

b {d: |d 1 d 7}

c {n: |n=0 n=1}

d {n: |n 0 n mod 10 = 0 n div 10 10 }

e { m, n : |n>1 m>2 n mod m 0}


27 28

5 SCHEMAS
REVIEW

We saw how the values of variables may be constrained by predicates. We saw how to define
a predicate in terms of the set of objects that satisfy it. We discussed predicates including INTRODUCTION

=, equals and membership In the last chapter we saw how the values of variables may be constrained by predicates and
<, > the relations less than and more than how satisfying a predicate defines a set. The types of predicate discussed included
, the connectives conjunction and disjunction

Next we see how schemas describe computer systems, a named combination of declarations =, equals and membership
with predicates. <, > the relations less than and more than
, the connectives conjunction (and) and disjunction (or)

BIBLIOGRAPHY Now we see how to combine declarations and predicates into structures called schemas. A
schema represents a system's state. A collection of schemas models the behaviour of a
JACKY J. 1997 The Way of Z Cambridge University Press pp 63, 66, 74, 96 computer system. We look at pre-conditions.
SPIVEY J.M. 1992 The Z Notation Prentice Hall pp 28, 67
WOODCOCK J. & DAVIES J Using Z: Specification, Refinement and Proof Prentice Hall
pp 28, 81
5.1 SYSTEM

The system we shall look at is a simple counter. A counter would be used, for example, to
count the number of vehicles passing a census point, the number of people entering a stadium
or the number of fleas in a bird's nest.

EXERCISE 5.1

Describe three other situations where a counter might be used.


29 30

5.2 STATE 5.3 ABBREVIATION DEFINITION

The contents of a system's memory are called its state. For our counter system that would be Count and maximum are whole numbers. We could represent them as integers of type , but
the current value of the count together with the maximum it can reach. that will allow negative values for count and maximum. So we introduce (say fat N) as an
abbreviation for the set of all natural (integer) counting numbers including zero but excluding
We would have the initial state when the count is zero, maximum is 9999 (say). negative values.

Initial state: count = 0, maximum = 9999 == { n : |n 0}

We might have an interim state when the count is between zero and the maximum value that
Declaring in this way allows us to use the relational operators < and .> as well as =. The
count can have.
type of is .

Interim state: count = 147, maximum = 9999 If we had introduced as a given set like this

[ ]
We might have an end state when the count has reached it maximum value and cannot be
advanced any further. and if we had variables a, b : , then for sure we could write a = b, but we could not write,
for example, a < b. The only number type that is part of the Z Notation is .
End state: count = 9999, maximum = 9999
The == is known as the definition symbol. We cannot use = because its is reserved for the
equals predicate.
Effectively, the state of a system is the collection of values stored in its variables.
EXERCISE 5.3

EXERCISE 5.2 Introduce and define the set 1, the set of all natural counting numbers from 1 upwards,
excluding zero and negative numbers.
A cash point machine has a number of £10 notes available for issue to customers. Describe
three distinct states of the cash point machine.
31 32

5.4 SYSTEM STATE SCHEMA 5.5 THE INITIAL STATE

A counter has just two variables, one that we shall name count, one that we shall name We describe the state the system is in when it is first started. The InitCounter schema defined
maximum. count can equal, but never exceed, maximum. Variables are derived from what an below describes the initial state of Counter.
object has.

A schema is a set of variables together with a set of predicates constraining those variables. InitCounter
A schema is drawn as an open box - see below. Counter

count = 0
Counter maximum = 9999
count :
maximum :

count maximum The line Counter says include all the variables defined in the Counter schema (count and
maximum in this instance) and all the predicates (count maximum in this instance).
InitCounter written out in full is shown below.

Our schema, named Counter and shown above, has two variables, count and maximum, and
one predicate count maximum. count is constrained to be a value between zero (because its InitCounter
count :
values are drawn from the set ) and maximum (whatever value that is) inclusive.
maximum :
We (nearly) always start schema names with an uppercase letter. A schema name cannot
contain spaces. count maximum
count = 0
The variables are declared above the line that separates declarations from predicates. The maximum = 9999
variables' scope is strictly confined to the schema. This means that you cannot refer
Counter's variables count and maximum outside the schema.

The predicates are described below the dividing line. If there were more than one predicate, The initial state is that count is zero, maximum is 9999. There is nothing special about 9999 -
they would all be joined by conjunction - the symbol is assumed - by default. it is a randomly chosen value.

The variables of a schema are described as its components. The predicates of a schema are We can see at a glance that the predicates are consistent - there are no contradictions.
described as its property.
The mechanism of schema inclusion, just by quoting the schema's name, allows us to
The schema shown is the system state schema. No matter what process we define, add 1 to
count, report on the value stored in count, subtract one from count, for example, we are
obliged to ensure that the predicate count maximum is always satisfied. concentrate on just a few things at a time
keep schemas small and simple
The schema that describes a system's variables, and predicates on those variables, is called a re-use pre-written schemas in different contexts or situations.
system state schema. It represents an object's state, the collection of values stored in its
variables at a moment in time. Its variables are called state variables.

The processes that we shall describe in other schemas both update and report the values
stored in the state variables, count and maximum.
33 34

5.6 QUERY SYSTEM STATE 5.7 CHANGE SYSTEM STATE

The schema QueryCount shown below outputs the current value of count. Not only does a schema define and report on a system's state, it also describes changes in that
state.

QueryCount The value of count does not remain the same forever. From time to time the counter will be
Counter clicked and the value stored in count will be moved on. The Click schema shown below
count! : updates the count system state variable but leaves the maximum variable unchanged.

count! = count
Click
Counter

Counter (say Xi Counter) says include all the variables and predicates defined in the count < maximum
Counter schema; the values stored in these variables will not change. count' = count + 1
maximum' = maximum
The declaration count! : says count output is drawn from the set . The ! mark stands for
output.
Counter (say delta Counter) says
The predicate count! = count says count output is the same as the (system variable) count.

include all the variables and predicates defined in the Counter schema
the values stored in some (or all) of these variables may well change
decorate each variable with a ' to represent the state after an update has taken place

Writing out the schema in full we get


35 36

REVIEW
Click
count : We combined declarations and predicates into structures called schemas. We saw that a
maximum : schema represents a system's state. We saw how a collection of schemas models the
count' : behaviour of a computer system. We looked at an example of a pre-condition. Next we look
at set types. A set type variable represents a collection of similar objects.
maximum' :

count maximum
count < maximum BIBLIOGRAPHY
count' = count + 1
maximum' = maximum BARDEN R., STEPNEY S. & COOPER D 1994 Z In Practice Prentice Hall pp 370
JACKY J. 1997 The Way of Z Cambridge University Press pp 49, 122
SPIVEY J.M. 1992 The Z Notation Prentice Hall pp 7, 28, 48, 82, 128
WOODCOCK J. & DAVIES 1996 Using Z: Specification, Refinement and Proof Prentice
count' = count + 1 says the updated value of count is the same as the original value of count Hall pp 203
plus one. So, for example, if count was 4, count' would be 5. count' and count are both the
same variable. The ' in count' means the state of count after an update has taken place.

maximum' = maximum says the value after an update is the same as the one before the update.
In other words, its value remains unchanged.

The essential requirement is that count maximum at all times. If count = maximum how can
count' = count + 1 be met? We need ensure that count is strictly less than maximum before
adding 1 to it. We do this by specifying the pre-condition

count < maximum

A pre-condition of an operation schema describes the set of states for which the outcome of
the operation is defined. In our Click operation schema, the set of states for which the
outcome is defined is count 1..9998. If count = 9999 for example, then the outcome of the
schema is undefined - we have no way of knowing what it will be; it could be anything.

EXERCISE 5.4

1 Write and fully explain a schema named Cancel, which undoes a Click operation. Does
the cancel operation have a pre-condition? If so, what is it? If not, why not?

2 Write and fully explain a set of schemas for the car park system described below.

A car park has a capacity - a limited number of spaces. A count is maintained of the number
of cars currently occupying spaces. When a car enters the car park, the count is increased.
When a car leaves the car park the count is decreased. The system outputs the number of
spaces left in the car park.
37 38

6 SET TYPES 6.2 SUBSETS

A subset is part of a set, a set within a set. A is a subset of B if every element in A is also in
INTRODUCTION B. We write

In Chapter One we looked at sets. In Chapter Two we looked at basic types and saw that a A B
type is itself a set. A variable of a basic type represents just a single element drawn from the
type set. Now we look at set types. A variable of a set type is itself a set and is used to where means is-a-subset-of. To illustrate the point we list all the subsets of { 1, 2, 3 }.
represent collections such as a class of students, a herd of cows and a set of hotel rooms. They are

{1} [the singletons]


6.1 PROPER SUBSETS {2}
{3}
In Chapter Three we introduced , the set of all integers, negative, zero and positive. In
Chapter Five we defined , the set of all positive integers including zero and excluding the {1,2} [the sets of pairs]
negative integers. {1,3}
{2,3}

== { n : |n 0} {1,2,3} [because every element in {1, 2, 3 } is also in { 1, 2, 3 }]

{} [because if it was not, there would be an element in { }


We say that is a proper subset of because every element in is also in and . We that is not in { 1, 2, 3 }. But { } has no elements.
So { } must be a subset of { 1, 2, 3 }]
write
The empty set is a subset of every set.

If we make the following variable declaration:

x : {1,2,3}
where means is-a-proper-subset-of.
then x could be any one of the elements in
EXERCISE 6.1 { {}, {1}, {2}, {3}, {1,2}, {1,3}, {2,3}, {1,2,3} }
1 Which of the following expressions are true, which are false? Give reasons for your where each element is itself a set. x could be { } or { 1 } or { 2 } or { 3 } or { 1, 2 } or { 1, 3 }
answers. or { 2, 3 } or { 1, 2, 3 }.
a { mon, wed, fri } { tue, thu, sat, mon, wed, fri, sun } We say that x is a finite set of elements drawn from { 1, 2, 3 }. In short, x is a set.

b { key } { hotKey, deleteKey, escapeKey } Compare this with the declaration y : { 1, 2, 3 } which says y could be 1, or it could be 2, or it
could be 3, and nothing else. In short, y is a single value from the set { 1, 2, 3 }. The
c { 1, 2, 5, 7, 11 } { 11, 7, 5, 2, 1} difference in the two declarations is the presence or absence of fat .

{ 1, 2, 3 } means the set of all subsets of { 1, 2, 3 }.


39 40

EXERCISE 6.2 6.3 SET TYPE DECLARATIONS

1 List the possible values of b if b : { 0, 1 } Access students study a number of subjects. Types here could include

2 Explain the difference between a subset and a proper subset.


STUDENT - the set of all students
3 Explain the meaning of each of the expressions shown below: SUBJECT - the set of all subjects

a a { a, b, c }
We might define
b {a} { a, b, c }
accessStudents : STUDENT
c {a} { a, b, c }
accessCourse : SUBJECT

and say accessStudents is a finite set of STUDENTs, accessCourse is a finite set of


SUBJECTs.

An example of accessStudents is { tom, deepak, harriet, anita, mayuri }.

An example of accessCourse is { maths, formalMethods, programming, systemsAnalysis }.

EXERCISE 6.3

1 Explain the difference between and .

2 Given [ PERSON ] the set of all people, explain the difference between

p : PERSON and q : PERSON

3 A hotel system reserves rooms for guests from an arrival date to a departure date. Types
here could include

HOTEL - the set of all hotels


RESERVATION - the set of all reservations
ROOM - the set of all rooms
GUEST - the set of all guests
DATE - the set of all dates

Declare and explain variables to represent a single hotel, a finite set of rooms, a single
reservation and a finite set of guests.
41 42

REVIEW 7 SET OPERATIONS


We listed the subsets of a small set. We saw that set type variables store collections of
similar objects. INTRODUCTION

Next we look at the set operations union, intersection and difference. In Chapter One we looked at sets. In Chapter Six we looked at subsets and set types. Now
we look at the set operations union, intersection and difference and see how sets may be
combined to create new sets. We look at set operator precedence.

BIBLIOGRAPHY

JACKY J. 1997 The Way of Z Cambridge University Press pp 69 7.1 SET UNION
SPIVEY J.M. 1992 The Z Notation Prentice Hall pp 90
The union of two sets is itself a set with all the elements from both sets combined.

{ 1, 2, 3, } { 2, 3, 4 } = { 1, 2, 3, 4 }

The union operator, , looks a bit like the u in union - only there is no tail.

EXERCISE 7.1

Evaluate each of the expressions shown below.

a { 1, 2, 3, 5, 8, 13 } { 3, 5, 7, 11, 13 }

b { bigJ, littleJ, may, pat, alice } { tom, denise, may }

c { daisy, buttercup } { rani }

d { daisy, buttercup } rani


43 44

7.2 SET INTERSECTION 7.3 SET DIFFERENCE

The intersection of two sets is itself a set with elements that are common to both sets. The difference of two sets is itself a set with the elements of the second set removed from the
first set.

{ 1, 2, 3, } { 2, 3, 4 } = { 2, 3 }
{ 1, 2, 3, 4 } \ { 2, 3 } = { 1, 4 }

The intersection symbol, , looks a bit like the n in intersection, only there is no tail.
A useful trick here is to write out the first set, then cross out elements that are in the second
set. For example:

EXERCISE 7.2
{ a, c, b, d } \ { a, f, e, b } = { a, c, b d }
Evaluate each of the expressions shown below. = { c, d }

a { 1, 2, 3, 5, 8, 13 } { 3, 5, 7, 11, 13 }
EXERCISE 7.3
b { bigJ, littleJ, may, pat, alice } { tom, denise, may }
Evaluate each of the expressions shown below.
c { daisy, buttercup } { rani }
a { 1, 2, 3, 5, 8, 13 } \ { 3, 5, 7, 11, 13 }
d { daisy, buttercup } rani
b { bigJ, littleJ, may, pat, alice } \ { tom, denise, may }

c { daisy, buttercup } \ { rani }

d { daisy, buttercup } \ rani


45 46

7.4 PRECEDENCE REVIEW

Precedence is the priority given to operations; those with the highest priority are evaluated We looked at the set operations union, intersection and difference.
before those with the lower priority.
The union of { 1, 2, 3 } and { 2, 3, 4 } is { 1, 2, 3, 4 } - the combined elements from both sets.
brackets ( ) have the highest priority
The intersection of { 1, 2, 3 } and { 2, 3, 4 } is { 2, 3 } - the elements in common to both sets.
then intersection
The difference { 1, 2, 3, 4 } \ { 2, 3 } is { 1, 4 } - the elements from the first set with elements
then union and difference \ in the second set removed .

We looked at the order of precedence: brackets first, then intersection, then union and
difference in the order they are written.
EXERCISE 7.4
Next we look at the Schema Calculus - how to create larger schemas from smaller ones by
Evaluate each of the set expressions shown below. using conjunction and disjunction.

a { 1, 2, 3 } { 2, 3, 4 } { 3, 4, 5 }
BIBLIOGRAPHY
b ({ 1, 2, 3 } { 2, 3, 4 }) { 3, 4, 5 }
JACKY J. 1997 The Way of Z Cambridge University Press pp 73
c { 1, 2, 3 } { 2, 3, 4 } \ { 3, 4, 5 } SPIVEY J.M. 1992 The Z Notation Prentice Hall pp 90
STEWART I 1975 Concepts of Modern Mathematics Penguin pp 50
d { 1, 2, 3 } \ { 2, 3, 4 } { 3, 4, 5 }

e { 2, 3, 4 } \ { 3, 4, 5 } { 1, 2, 3 }
47 48

8 SCHEMA CALCULUS Then we define maxClassSize, the maximum number of students that can be in the class.
Here, we have set this size arbitrarily (for no special reason) to 20 even though its actual
value is not relevant.
INTRODUCTION

In Chapter Six we saw how declarations and predicates were combined in structures called maxClassSize :
schemas. We saw that a schema represents a system's state, that a schema can change a
system's state, and that a collection of schemas models the behaviour of a computer system. maxClassSize = 20

Now we go on to see how larger schemas may be formed by combining smaller ones using
conjunction (and) and disjunction (or).
We model the class system as two sets of students. enrolled is the set of students who have
joined the class. passed is a subset of enrolled and represents the set of enrolled students who
have passed their assignments. The size of the class is constrained by maxClassSize.
8.1 THE CLASS SYSTEM

First, we set the scene. Class


enrolled : STUDENT
Students may join the Z class providing the class is not full. Those who successfully passed : STUDENT
complete all the assignments may leave with a certificate.
#enrolled maxClassSize
We are not concerned with details such as students' number, name, date of birth and so on.
passed enrolled
So we introduce the basic type STUDENT as a given set.

[ STUDENT ]
To begin with there are no enrolled students and no student has passed.

There is a limit to the number of students who can join the class. To define this we first
introduce , the set of all natural counting numbers including zero. InitClass
Class

enrolled =
== { n : |n 0}
passed =
49 50

A student may join the class if the class is not already full and if the student has not already EXERCISE 8.1
enrolled. A new student cannot have passed all their assignments.
1 Explain each line of Z introduced so far in Section 8.1 above as if to a beginning Access
EnrolOk student.
Class
student? : STUDENT 2 Write and explain the schema LeaveWithoutCertificateOk that specifies the process of a
student leaving the class without having passed all their assignments.
#enrolled < maxClassSize
student? enrolled 3 Write and explain the schema ReportNumberEnrolled that outputs the number of students
enrolled' = enrolled { student? } who are currently enrolled.
passed' = passed

8.2 FREE TYPE DEFINITION


The ? in student? means input.
In Section 8.1 above, in which we introduced the Class system, we were concerned with the
An existing student is transferred to the passed set provided they have passed all their
simple, straightforward, no problem scenarios. For example, we did not concern ourselves
assignments and have not already been transferred. Every student in passed must also be in
with the possibility that the class is full and so no one can be enrolled on it. We ignored the
enrolled.
possibility that a student could be enrolled twice. We ignored the possibility that a student
who is not enrolled could be transferred to the passed set. We now address these error
CompleteOk
scenarios.
Class
student? : STUDENT First, we draw up a table of pre-conditions, the set of states for which successful outcomes
are defined. We add on to that table the conditions for failure.
student? enrolled
student? passed
enrolled' = enrolled Schema Pre-condition for Conditions for failure
passed' = passed { student? } success
EnrolOk #enrolled < maxClassSize class is full: #enrolled maxClassSize
student? enrolled student already enrolled: student? enrolled
Only those existing students who have passed may leave with a certificate. CompleteOk student? enrolled student not enrolled: student? enrolled
student? passed student already passed: student? passed
LeaveWithCertificateOk LeaveWithCertificate student? passed student not passed: student? passed
Class
student? : STUDENT
Then, in a free type definition, we define REPORT to be the set of values that describe either
student? passed a schema's success or the reasons for its failure.
enrolled' = enrolled \ { student? }
passed' = passed \ { student? }
REPORT ::= success | classFull | alreadyEnrolled | notEnrolled | alreadyPassed | notPassed

::= stands for free type definition. The | separates one element from the next. A variable of
type REPORT has a value drawn from the given list. Notice that each element name begins
with a lower case letter and contains no spaces.
51 52

EXERCISE 8.2 A student cannot be enrolled again if they are already enrolled.

1 For the schema LeaveWithoutCertificateOk written in Exercise 8.1 above define and
explain AlreadyEnrolled
Class
a the pre-conditions for success student? : STUDENT
b the conditions for failure report! : REPORT

2 extend the REPORT type defined in Section 8.2 above to include the reasons why the student? enrolled
LeaveWithoutCertificateOk process could fail. report! = alreadyEnrolled

8.3 SUCCESS AND ERROR SCHEMAS If a student is not enrolled they cannot be passed.
The Success schema has just one declaration and one predicate. It will be combined with
other schemas to indicate their successful outcome. NotEnrolled
Class
student? : STUDENT
Success
report! : REPORT
report! : REPORT
student? enrolled
report! = success
report! = notEnrolled

We define a schema for each identified error case. We do not expect an error case to update
any system variables. The same student cannot be passed twice.

The class is full if the number of enrolled students has reached (or by some mistake has
exceeded) the maximum class size. AlreadyPassed
Class
student? : STUDENT
ClassFull report! : REPORT
Class
report! : REPORT student? passed
report! = alreadyPassed
#enrolled maxClassSize
report! = classFull
53 54

A student who has not passed cannot leave with a certificate. Similarly,

NotPassed Complete (CompleteOk Success) NotEnrolled AlreadyPassed


Class
student? : STUDENT
report! : REPORT LeaveWithCertificate (LeaveWithCertificateOk Success) NotPassed

student? passed
report! = notPassed
EXERCISE 8.3

1 Explain each line of Z introduced in Section 8.4 above, as if to a beginning Access student.

EXERCISE 8.2 2 Write and explain the total process LeaveWithoutCertificate.

Explain each line of Z introduced in Section 8.3 above, as if to a beginning Access student. 3 A hotel maintains a record of the current state of its rooms, whether occupied or not. Write
and explain a Z specification for the system described below.

Use Case: Commission


8.4 SCHEMA CALCULUS Purpose: to add a new room to the hotels rooms for guests system
Pre-conditions: the room has not already been added
We use conjunction (and) to combine two schemas. Initiating Actor: accommodation manager
1 manager inputs details of the new room
2 system confirms new room added
EnrolOk Success 3 exit success
Exceptions
2a room already in the system
Say enrol ok and success. 2a1 exit failure

We use disjunction (or) to represent alternatives. Use Case: Occupy


Purpose: to inform the system that a room is now occupied by a hotel guest
Pre-conditions: the room is in the hotel rooms for guests system
(EnrolOk Success) classFull alreadyEnrolled the room is not currently occupied
Initiating Actor: receptionist
1 receptionist inputs room
Say enrol ok and success, or class full, or already enrolled. 2 system confirms room now occupied
3 exit success
Now we can define the total, complete version of the enrol process. Exceptions
2a room not in the system
2a1 exit failure
Enrol (EnrolOk Success) classFull alreadyEnrolled 2b room already occupied
2b1 exit failure

stands for schema definition. So, the Enrol schema is defined to be EnrolOk and Success,
or ClassFull, or AlreadyEnrolled.
55 56

9 BINARY RELATIONS
Use Case: Vacate
Purpose: to inform the system that a room is now vacant INTRODUCTION
Pre-conditions: the room is in the hotel rooms for guests system
the room is currently occupied We find pairs of objects all around us: wives and their husbands, friends and their telephone
Initiating Actor: receptionist numbers, students and the subjects they study, customers and their bank accounts, guests and
1 receptionist inputs room their hotel reservations. We see that a binary relation is just a set of ordered pairs. We see
2 system confirms room now vacant how the first and second functions split an ordered pair into its coordinates. We look at the
3 exit success domain and range, and the source and target, of a binary relation.. We see how domain and
Exceptions range restriction work like database queries. We see how relational image works like a table
2a room not in the system lookup. We look at the inverse function. We see how two binary relations may be composed
2a1 exit failure to form a third binary relation.
2b room already vacant
2b1 exit failure 9.1 BINARY RELATIONS

Notes A binary relation is just a set of pairs.

A use case describes a sequence of interactions between a system and its users. The users are a pair
known as actors. Exceptions are the error scenarios - what can go wrong. The pre-conditions
of a use case describe the set of states for which the successful outcome is defined. The pre-
condition for the add a new room use case, Commission, is that the room has not already been { (madge, homer), (wilma, fred) }
added.
{ (kylie, 1), (kylie, 2), (robbie, 3) }

{ (sue, formalMethods), (sam, formalMethods), (tim, maths) }


REVIEW
We can use the usual set operations on binary pairs.
We defined a class of students system in terms of two sets, enrolled and passed, where
passed is a subset of enrolled. We looked at the error cases that could occur and expressed { (1, a), (2, b) } { (2, b), (3, c) } = { (1, a), (2, b), (3, c) }
them in a table of pre-conditions and in schemas. We combined schemas using conjunction
and disjunction to form larger, more complete schemas. { (1, a), (2, b) } { (2, b), (3, c) } = { (2, b) }
Next, we look at binary relations. { (1, a), (2, b) } \ { (2, b) (3, c) } = { (1, a) }

#{ (1, a), (2, b), (3, c) } = 3


BIBLIOGRAPHY Each element in a binary relation is a pair of objects.
JONES and WORDSWORTH, both cited in BARDEN et al, described the classic two sets
EXERCISE 9.1
pattern used in the Class system example.
BARDEN R., STEPNEY S. & COOPER D 1994 Z In Practice Prentice Hall pp 126, 166 1 Describe five further examples of binary relations.
JACKY J. 1997 The Way of Z Cambridge University Press pp 122
JONES C.B. 1980 Software Development: a Rigorous Approach Prentice Hall 2 Evaluate
NORCLIFFE A & SLATER G 1991 Mathematics of Software Construction Ellis Horwood
pp 50
a { (a, x), (b, y) } { (a, z), (b, w) }
WORDSWORTH J.B. 1992 Software Development with Z Addison-Wesley
b { (a, x), (b, y) } { (a, z), (b, y) }
c { (a, x), (b, y) } \ { (a, x), (b, w) }
d #{ (a, x), (b, y), (c, z), (d, w) }
57 58

9.2 FIRST AND SECOND 9.3 DOMAIN AND RANGE

Each element in a binary relation is a pair of objects, e.g. (madge, homer). Look at this binary relation:

(madge, homer) is not the same pair as (homer, madge). Order matters.
{1 a, 2 b, 3 c}
The ordered pair (madge, homer) may be written as madge homer. This is known as
maplet notation, and madge homer is known as a maplet.
The set formed by all the the first coordinates

(madge, homer) = madge homer


{ 1, 2, 3 }

In general, we use maplet notation to represent an element in a binary relation, we use


coordinate notation to represent a pair by itself. is known as its domain. We write

partners = { madge homer, wilma fred) } dom { 1 a, 2 b, 3 c } = { 1, 2, 3 }

aPair = (madge, homer)


where dom is Z for domain.

The Z functions first and second split an ordered pair into its first and second coordinates. The set formed by all the second coordinates

first (madge, homer) = madge { a, b, c }

second (madge, homer) = homer


is known as its range. We write

first and second are known as the projection functions for ordered pairs.
ran { 1 a, 2 b, 3 c } = { a, b, c }

EXERCISE 9.2 where ran is Z for range.

Evaluate (first(a, 1), second(a, 1))


EXERCISE 9.3

Evaluate

a dom { A301 office, a302 classRoom, A303 lab, A304 classRoom }


b ran { A301 office, a302 classRoom, A303 lab, A304 classRoom }
c dom { terry Access, garry ECDL, kanti ALevel, kanti HND }
d ran { terry Access, garry ECDL, kanti ALevel, kanti HND }
e dom { richardI 1921, richardII 1952, richardIII 1976 }
f ran { richardI 1921, richardII 1952, richardIII 1976 }
59 60

9.5 DECLARING A BINARY RELATION


9.4 SOURCE AND TARGET
We introduce as given types the set of all dates and the set of all people.
Look at the binary relation shown below.

[ DATE, PERSON ]
{1 23, 2 29, 3 31, 4 37, 5 41 }

We define appointments as a binary relation from DATE to PERSON like this:


Its domain is 1..5, a subset of . A domain is a subset of its source.

appointments : DATE PERSON


dom { 1 23, 2 29, 3 31, 4 37, 5 41 }
appointments = { 7Nov tom, 7Nov ann, 8Nov jerry }

source
is the binary relation operator. Even though it looks like a double-headed arrow, it
associates from left to right.
The range of { 1 23, 2 29, 3 31, 4 37, 5 41 } is { 23, 29, 31, 37, 41 } and is also
a subset of . A range is a subset of its target.
EXERCISE 9.4

ran { 1 23, 2 29, 3 31, 4 37, 5 41 } Introduce appropriate types and declare the binary relations described below, and give an
example of an element in each binary relation

a debtors and the money they owe


target
b driving instructors and their pupils

c owners and their horses

d students and the subjects they study

e authors and the titles of the books they have had published
61 62

9.6 DOMAIN RESTRICTION 9.7 RANGE RESTRICTION

Domain restriction works like a database query, a bit like using an internet search engine to Look at this binary relation:
list all entries that contain the phrase "Z Notation". You might get many entries listed, or
none at all.
{1 a, 2 b, 3 c}
Look at this binary relation:

Its range is { a, b, c }.
{1 a, 2 b, 3 c}
If we restrict the binary relation so that its range is { b } we get

Its domain is { 1, 2, 3 }
{2 b}
If we restrict the binary relation so that its domain is { 2 } we get

We write
{2 b}

{1 a, 2 b, 3 c} {b} ={ 2 b}
We write

where means range restriction. is known as the range restriction operator.


{2} {1 a, 2 b, 3 c}={2 b}
The range restriction operator defines a subset of a given binary relation. For example:

where means domain restriction. is known as the domain restriction operator.


{1 a, 2 b, 3 c} {d} ={ }
The domain restriction operator defines a subset of a given binary relation. For example:
{1 a, 2 b, 3 c} { a, c } = { 1 a, 3 c}

{4} {1 a, 2 b, 3 c}={ }

EXERCISE 9.5
{ 1, 3 } {1 a, 2 b, 3 c}= {1 a, 3 c}
1 Evaluate

a { A, C } {A carrots, B1 pasta, C potatoes, C tomatoes, D milk }

b { red 1, brown 2, green 3, yellow four, blue 5, pink 6, black 7 } 3..5

c { king } { pawn 1, rook 5, knight 3, bishop 3, queen 9}

d { pawn 1, rook 5, knight 3, bishop 3, queen 9} {n: |n>3}

2 Given R = { 1 a, 2 b, 3 c }, X = { 1, 2, 3 } and A = { 1, 3 } evaluate (X \ A) R


63 64

9.8 RELATIONAL IMAGE EXERCISE 9.6

The relational image operator works like a table look-up. For example, look at this table: 1 Evaluate

a { eatsMeat tom, vegetarian ann, eatsMeat jerry } { eatsMeat }


colour value
red 1 b { 65 A, 66 B, 67 C, 68 D, 69 E } { 65, 67, 69 }
brown 4
green 3 c { tea 50, coffee 75, hotChocolate 75 } { soup }
yellow 2
blue 5 d { tom 12:00, ann 12:20, jerry 12:40 } { ann }
pink 6
black 7 e {1 2, 2 3, 3 5, 4 7, 5 11 } 1..5

You ask: what is blue's numerical value? You look down the table and see that it is 5.
2 If R = { (1, a), (2, b), (3, c), (4, d), (5, e) } and S = 2..4 evaluate
Look at this binary relation.
a R S

{1 a, 2 b, 3 c} b ran(S R)

What do you notice about your answers to 2a and 2b above?


What is the second coordinate of the pair whose first coordinate is 2? The answer is b.

We write

{1 a, 2 b, 3 c} {2} ={b}

where ... is the relational image operator. You provide a subset of a binary relation's
source, it gives you the corresponding elements in the binary relation's range. For example:

{1 a, 2 b, 3 c} {4} ={ }

{1 a, 2 b, 3 c } { 1, 3 } = { a, c }
65 66

9.9 INVERSE EXERCISE 9.7

The binary relation symbol, , associates from left to right. We introduce as a given type 1 Given [ PERSON, EMAIL ] the set of all people and the set of all e-mail addresses, and
DRINK, the set of all drinks. We define costs as a binary relation from drink to price.

hasAddress : PERSON EMAIL

costs : DRINK hasAddress = { terry tmarris@lec.ac.uk, garry grigby@lec.ac.uk,


kanti klpatel@lec.ac.uk, terry terrymarris@xmail.com,
costs = { tea 50, coffee 75, hotChocolate 75, soup 75 } garry garryX@basucks.com
}

evaluate
So, for example, tea costs 50 pence.
a hasAddress~
If we reversed the binary relation, if we made it from price to drink and called it buys, so, for
example, 50 pence buys tea: b { terry } hasAddress

c hasAddress { terry }
buys : DRINK
d dom (hasAddress \ { terry, kanti }) hasAddress
buys = { 50 tea, 75 coffee, 75 hotChocolate, 75 soup }
e hasAddress (ran hasAddress \ { xmail.com, basucks.com })

then buys is the inverse of costs. We write 2 We introduce the type NAME, the set of all people's names, and define

alias : NAME NAME


costs~ = buys
alias = { tom dopey, sam dozy, stu dreamy, tom sleepy, sam titch }
(say costs inverse equals buys). ~ (tilde) is the inverse operator. The inverse of a binary
relation is another binary relation with the coordinates of their ordered pairs reversed.
evaluate

a alias~

b alias { dozy, dreamy }

c alias { tom, sam }

d alias { sue }

e alias~ { dreamy, dozy }

f (dom alias \ { tom, sam }) alias


67 68

9.9 COMPOSITION EXERCISE 9.8

Given the types In a horse trials competition, an owner may enter more than one horse and a rider may ride
more than one horse. Given the types [ OWNER, HORSE, RIDER ] and the binary relations

[ PERSON, ROOM ]

entered : OWNER HORSE


the set of all persons and rooms respectively, look at the two binary relations, hasPhone and
phoneInRoom, given below. entered = { sam merryTom, sam jumpingJack, pam hissingSid,
jan ticTac, tel isAGas }

hasPhone : PERSON
riddenBy : HORSE RIDER
hasPhone = { roy 317, tom 208, tom 209, jim 326, lee 225 }
riddenBy = merryTom jones, ticTac jan, jumpingJack french,
isAGas jan, hissingSid fraser }
phoneInRoom : ROOM

phoneInRoom = { 317 A306, 208 A39, 209 A39, 326 A306,


write down the contents of ridesFor when ridesFor = riddenBy~ entered~
225 A39 }

REVIEW
roy has phone 317 that is in room A306. Therefore, we can conclude that roy is in room
We find pairs of objects all around us: wives and their husbands, friends and their telephone
A306. Starting from PERSON we can reach ROOM via (their phone number).
numbers, students and the subjects they study, customers and their bank accounts, guests and
their hotel reservations. We noted that a binary relation is just a set of ordered pairs. We
The composition of two binary relations is another binary relation where the range of one is a saw how the first and second functions extracted the first and second coordinates of an
subset of the domain of the other. ordered pair. We saw how domain and range restriction work like database queries. We saw
how relational image works like a table lookup. We looked at the inverse and composition
functions.
ran hasPhone dom phoneInRoom

BIBLIOGRAPHY
We write
BARDEN R., STEPNEY S. & COOPER D. 1994 Z in Practice Prentice Hall Hemel
Hempstead UK pp 57, 179
hasPhone phoneInRoom = { roy A306, tom A39, jim A306, lee A39 } JACKY J. 1997 The Way of Z Cambridge University Press Cambridge UK pp 82
SPIVEY J.M. 1992 The Z Notation Prentice Hall Hemel Hempstead UK pp 93, 95
WOODCOCK J. & DAVIES J 1996 Using Z Prentice Hall Hemel Hempstead UK pp 83

También podría gustarte