Ivan Marsic • Rutgers University 80 to renting, and will spell out its condition subsequent to renting. For example, for the operations Unlock and Lock, the possible contracts are: Operation Unlock • set of valid keys known to the system is not empty • numOfTrials maxNumOfTrials Preconditions • numOfTrials = 0 , for the first trial of the current user • numOfTrials = 0 , if the entered Key ∈ Valid keys Postconditions • current instance of the Key object is archived and destroyed The system should be fair, so each user should be allowed the same number of retries maxNumOfTrials . Thus, the precondition about the system for a new user is that numOfTrials starts at zero value. I already discussed the issue of detecting a new user and left it open, but let us ignore it for now. The postcondition for the system is that, after the current user ends the interaction with the system, numOfTrials is reset to zero. Operation Lock Preconditions None that is, none worth mentioning • lockStatus = “ closed ”, and Postconditions • lightStatus remains unchanged see text for discussion In the postconditions for Lock, we explicitly state that lightStatus remains unchanged since this issue may need further design attention before fully solved. For example, we may want to somehow detect the last person leaving the home and turn off the light behind them. The operation postconditions specify the guarantees of what the system will do, given that the actor fulfilled the preconditions for this operation. The postconditions must specify the outcomes for worst-case vs. average-case vs. best-case scenarios, if such are possible.

2.4 Design: Assigning Responsibilities

Analysis dealt with what is needed for our system; we determined how the customer interacts with the system to obtain services and what workers concepts need to be acquired to make this possible. Analysis is in a way the acquisition phase of the enterprise establishment. Design, on the other hand, deals with organization, how the elements of the system work and interact. Therefore, design is mainly focused on the dynamics of the system. Unlike analysis, where we deal with abstract concepts, here we deal with concrete software objects. Chapter 2 • Object-Oriented Software Engineering 81 We already encountered system sequence diagrams in Section 2.2.4 above. As Figure 2-9 illustrates, in the design phase we are zooming-in inside the system and specifying how its software objects interact to produce the behaviors observed by the actors. Software designer’s key activity is assigning responsibilities to the acquired software objects. Figure 2-10 shows an example of responsibility assignment. Here the dilemma is, who should invoke the method setOpen on the LockCtrl once the key validity is established? Although the Checker is the first to acquire the information about the key validity, we decide to assign the responsibility to notify the LockCtrl to the Controller. This is because Controller would need to know this information anyway—to signal to the user the outcome of the key validity checking. In this way we maintain the Checker focused on its specialty and avoid assigning too many responsibilities to it. INTERACTION DIAGRAMS select function“unlock : System User «initiating actor» prompt for the key enter key verify key signal: valid key, lock open open the lock, turn on the light Timer «offstage actor» start duration“ checkKey sk := getNext setOpentrue : Checker : KeyStorage val == null : setLittrue alt val = null [else] ystem ystem Controller : LockCtrl System Sequence Diagram Design Sequence Diagram Figure 2-9: Designing object interactions: from system sequence diagrams to interaction diagrams. The magnifier glass symbolizes looking at interactions inside the system.