Elements of style: analyzing a software design feature with a counterexample detector

D. Jackson, C.A. Damon
1996 IEEE Transactions on Software Engineering  
We illustrate the application of Nitpick, a specification checker, to the design of a style mechanism for a word processor. The design is cast, along with some expected properties, in a subset of Z. Nitpick checks a property by enumerating all possible cases within some finite bounds, displaying as a counterexample the first case for which the property fails to hold. Unlike animation or execution tools, Nitpick does not require state transitions to be expressed constructively, and unlike
more » ... provers, operates completely automatically without user intervention. Using a variety of reduction mechanisms, it can cover an enormous number of cases in a reasonable time, so that subtle flaws can be rapidly detected.
doi:10.1109/32.538605 fatcat:6l5t6dmykjfavd22at7nqpifce