is known to exist, the second premise CLS(Customer, abstract) also exists because it was just added to the model. The third premise Customer ≈
Customers from the equivalence relations also exists. Since all the formulas
in M have an equivalent formula derived from the specificationS, we infer that the model is sound.
However, the specification S contains an ACTIVITY(Borrow, items)
whose production is not equivalent to any element in the model. To solve this problem, predicate OPR(∗, Borrow,∗,∗,∗,∗) is added to the model. In this way, the premise δa |=Oωx0 is applied, and the newly added predicate
takes the place of the premise ωx, with x =Borrow and x0 = Borrow the
premise x≈x0 also holds. In this way, the new model M is both sound, and complete with respect to the predicates defined in S’ before.
These examples show an invalid model due to lack of soundness, and invalid model due to lack of partial completeness, and finally a weakly valid model.
Two calculus have been proposed, one for model inference and another for model validation. In the following section, we provide a calculus for equivalence.
5.4
Class Model Equivalence
The number of class diagrams created throughout the development life cycle of a software application is considerable; this is usually the result of changes in the requirements or in the software that are not updated in previously existing diagrams. Another reason is that multiple stakeholders may generate diagrams from different perspectives (also known as viewpoints), for instance, there can be a diagram that describes only the problem domain, whereas there are others that also capture the solution domain. For this reason, there is a need to compare different class diagrams. Also, it makes it possible to compare different solutions generated by different teams.
The first approach for diagram comparison may be based on human judge- ment and perception. A stakeholder may, for instance, consider different diagrams and decide on how similar they are or whether they are equivalent. However, this manual approach is time-consuming and error-prone. Fur- thermore, it is not practical for large system models. Our approach instead relies on the formalization described in Section 5.1.2 and a formal system to establish the equivalence of two class diagrams formally.
This work should reduce human effort and error in the scenarios described before, at the same time that it is used to automatically check academic assignments, purge documentation of existing software systems, evaluate
designs and generate augmentation for machine learning.
In this chapter, our approach for model comparison is expressed in terms of a formal system to establish the equivalence of two models. An analysis of its reliability and an example are also shown.
5.4.1
Equivalence Calculus
In this section, a formal system to compare class diagrams is described. It takes two formal class models and establishes the equivalence relationship between them. Two types of equivalence are defined here, which we call left equivalence and right equivalence. They are determined based on a set of
axioms presented below.
Let us introduce first de definition of model equivalence.
Definition 14. Two modelsM1 and M2 are equivalent if:
1. For every predicate in M1 there is an equivalent predicate in M2. ∀φlX ∈M1,∃ψmY ∈M2, φlX ≈ψmY
2. For every predicate in M2 there is an equivalent predicate in M1. ∀ψmY ∈M2,∃φlX ∈M1, ψmY ≈φlX
Where φ and ψ are formulas representing predicates of type l and m
applied to the tuple of parameters X and Y. Also, M1 and M2 are equivalent if both are empty:
M1 =∅ ∧M2 =∅
In the previous definition, the concept of predicate equivalence has been mentioned, and now it is defined as follows.
Definition 15. Two predicatesφlX andψmY with predicate namesl and
m and parameters X and Y are equivalent if: 1. The predicate names ofφ and ψ are the same.
5.4. CLASS MODEL EQUIVALENCE 89
2. The number of parameters is the same for both predicates. |X|=|Y|
3. Thei-th parameter inφ is equivalent to thei-th parameter inψ. ∀xi, yi xi ≈yi
Where xi ≈yi is the same equivalence relation from Definition 13.
The previous axioms allow us to establish the equivalence of two class diagrams through their models. However, it is the case that some diagrams can be partially equivalent as well, that is to say, that they contain some similar elements but not all of them. To differentiate these cases, two types of equivalence are proposed: left equivalence and right equivalence, which are defined as follows:
Definition 16. Left equivalence occurs when all the elements of M1 have an equivalent element in M2. This corresponds to the first rule of Definition 14.
Definition 17. Right equivalence occurs when all the elements ofM2 have an equivalent element in M1. This corresponds to the second rule of Definition 14.
In this way, it is possible to establish a more accurate comparison between the two class models. The following rules of inference allow us to reason about the equivalence of every predicate φlX and ψmY within modelsM1 and M2.
Class Axiom
This axiom allows us to establish the equivalence between two classes.
γx γy x≈y
>
Where γx is a formula of the type CLASS(x) and γy is a formula of
the type CLASS(y). In here, x and y represent the name of the classes; hence, the type of class (classifier, abstract or interface) does not affect their equivalence.
Operation Axiom
This axiom allows us to establish the equivalence between two operation predicates.
ωab ωxy a≈x∧b ≈y
>
For these formulas, the predicate name is OPR, and the variables a, x represent the class for the operation and the variablesb, y represent the name of the operation. Other parameters, such as visibility and scope are not checked.
Attribute Axiom
This axiom allows us to establish the equivalence between two attribute predicates.
ρab ρxy a≈x∧b ≈y
>
TheATRpredicates are checked here, where the variablesaandxrepresent the class of the attribute, and variables b and y represent the name of the attribute.
Inheritance Axiom
The equivalence of the class inheritance captured in IN H predicates is established with this axiom.
ηab ηxy a≈x∧b≈y
>
In here, a and x are the names of the superclasses, and b and y are the subclasses.
To this point, model equivalence has been defined, and two types of equivalence have been discussed. The rules to prove equivalence have also been presented. As it has been done with our inference and validation calculus, we proceed now to evaluate the reliability of our equivalence calculus.