See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/301403830

Specification of e-Health system using Z: A motivation to formal methods

Conference Paper · April 2014

DOI: 10.1109/I2CT.2014.7092123

CITATIONS READS
4 501

4 authors, including:

Muhammad Ahsan Nasir Mehmood Minhas

Nanjing University of Science and Technology Blekinge Institute of Technology
23 PUBLICATIONS   186 CITATIONS    33 PUBLICATIONS   92 CITATIONS   

SEE PROFILE SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Formal Specifications for commercial applications View project

Agile Scalability for Large Scale Projects View project

All content following this page was uploaded by Nasir Mehmood Minhas on 03 January 2018.

The user has requested enhancement of the downloaded file.

 International Conference for Convergence of Technology - 2014
Specification of e-Health System using Z: A
Motivation to Formal Methods
Muhammad Waqar Azeem Muhammad Ahsan
UIIT-PMAS UIIT-PMAS
Arid Agriculture University Arid Agriculture University
Rawalpindi-Pakistan Rawalpindi-Pakistan
Waqar_mcs@hotmail.com mailahsan@gmail.com
Abstract: Formal Method (FM) is an emergent feature that uses
mathematical notations to mark accurate and explicit
specifications that error and discrepancies are identified during
early phases of the software development process. By using the Z
specification, system specification, design and verification can
improve the quality effectively. In this paper, we present the
formal specification for the e-Health system by using Z schema.
This paper will be motivation to Formal Methods that FM not
only beneficial for mission critical systems but also in the
commercial and business oriented applications, because the
development time, verification and maintenance cost will
drastically reduce.
Keywords: Formal Methods, Formal Specification, E-health, Z
Schema.
I. INTRODUCTION
The major objective of software engineering is to allow
developers to develop software’s that work efficiently. One of
the way to attain this objective is the use of formal method [5].
One of the key problems with software systems is the lack
of software specification. These are discrepancies and
misunderstandings which therefore cause difficulties in later
phases of design and implementation. These difficulties are
often familiar in the integration stages of system. These issues
are reduced by formal methods because they specify the
system precisely, and provide a smooth way from
specification through design to implementation [2].
Formal methods are mathematically based practices that
can be useful during the development of a software system to
accurately define a system to ensure the correctness,
completeness and consistency of specification [3].
E-health is a system that is supported by electronic process
and communication. The information kept in the system must
be accurate. The aim of E-Health system is to provide remote
access to only authorized doctors and patients through internet
[9].
One of the key benefits of E-Health systems is in the
digitization of data, which allows electronic digital
transmission, sorting, retrieval and other manipulations.[5]
978-1-4799-3759-2/14/$31.00©2014 IEEE
Nasir Mehmood Minhas Khadija Noreen
UIIT-PMAS UIIT-PMAS
Arid Agriculture University Arid Agriculture University
Rawalpindi-Pakistan Rawalpindi-Pakistan
nasirminhas@uaar.edu.pk Khadija-niazi22@yahoo.com
A formal specification language such as Z notation, OCL,
VDM, LARCH can be used to specify the task at hand in a
clear and concise manner. Formal methods and formal
specification language has strong mathematical basis, it
provides to prove that the specification is reachable, perfect,
reliable and clear [4].
The primary goal of this paper is to produce specification
of an e-Health system using Z schema to manage the doctor’s
appointment, schedule of the doctors. It will be a chance to
open a way for other scholars and investigators toward the use
of Formal Methods for the commercial systems specification
design and verification. It is the reality that Z language has not
been widely used in the business oriented applications.
Section II related work and Section III demonstrates the e-
Health system case study that present a use case diagram of
the system. Section IV describes the Z specification of the
system, section V motivation and finally Section VI concludes
the paper.
II. RELATED WORK
The requirement specifications are often defined by the
natural languages, which are indefinite and unclear. FM can
be used to produce precise, unambiguous specification. These
can be describe that what should do the system without
describing how it is to be done [12].
By the use of FM faults in the specification can be reduced
deeply and as a result the specifications can be created that are
more complete, reliable and explicit than those created by
using traditional methods [5].
Formal specification is a complete mathematical
representation that is used to validate about system
description. Commonly, formal specification, verification and
validation performed manually. Currently, tools of FM like Z
and VDM++ to perform verification [8].
By using Z, not only more errors are uncovered in the
specification during the software system development, but
also that they are already uncovered in early stages rather than
1
 International Conference for Convergence of Technology - 2014

in the testing and maintenance stage. Cost of fixing errors in Entities in the System
later phase is much higher than in earlier phase[3].
[USER],[DOCTOR],[DOCTORSCHEDULE],[APPOINTMENT]
The Z language is a way of decomposing a specification
[UserId,Username, Password,State,UserStatus,Role]
into small parts called schemas[9]. A schema generally
consists of two parts: a declaration of variables; and a [DoctorId, Name ,Max_Appointment_per_Day,DoctorFee,UserId]
predicate compelling their values [3]. The Z is actually
prevailing on mathematical notations, set and function [9]. [DoctorId, Date ,Tot_Appointment ]
The most unique feature of Z is the schema. Z schema are
[AppointmentId, AppointmentDetails, UserId, AppointmentDate,
a boxed notation used to describe both system state and DoctorId,AppointmentStatus ,Amount,Prescription]
operations. The Z schema make it possible to made
specifications in an incremental manner. Figure .1Entities in the system
The Z schema can effectively improve system reliability
and reduce defect in developing the system [10]. Below is the use case diagram of the system, and the flow
Formal methods has the ability of ensuring precision, of the system is specified in the algorithm.
consistency and assurance during the different stages of
building a trusted computing system [11].
Using Z language, the number of the faults in developed E-Health Use Case Diagram
system is less than the systems developed by other
approaches, the resulted system also have more productivity &
efficiency and the using of FM language didn’t add extra cost, Change Password

so the using of formal language was effective and accomplish Register User
«extends»
its goal. Z language to enhance the Commercial Development Admin «extends»

Process and develop system that can add more reliability &
productivity [4]. Manage Payments Login
Using FM like Z notation & B method can improve user
trust in the system and its impacts on system usage[7]. «extends»
Patient
FM are required to improve the software system
correctness and trust. The paper describes the C-by-C Manage Prescription
Make/Change
Appointment Check Availability
(Correctness by Construction) methodology and how to apply
formal methods with it. The paper describes how to apply the «uses»
«uses» «uses»
formal methods with the C-by-C methodology to increase «uses»

system correctness [6]. Doctors

The literature shows that the formal specifications have not
been made of scheduling system such as an e-health system, Change Status Update Doc Schedule

therefore, we make specifications of some aspects of the e-

health.
Figure .2 Use Case Diagram
III. CASE STUDY OF AN e-E-HEALTH SYSTEM
A developer wants to develop an e-Health system to
records the scheduling of doctors and patients. First the
patient/user, login and checks the availability of the particular
doctor. If the slot of the doctors is available, reserve that slot
for the patient and generate the confirmation report. The first
step of the system is to determine the requirements analysis of
the system. The stakeholder of the system are (i) Admin, (ii)
User and (iii) Doctors. The system has basic entities that are
User, Login, Register User, User State, User Status, Doctor,
Appointment, Appointment Status Doctor Schedule, Check
Availability, Make Appointment, Manage Payment and
Manage Prescription, which are presented as follows:

Figure .3 Case Model

978-1-4799-3759-2/14/$31.00©2014 IEEE 2
 International Conference for Convergence of Technology - 2014

BEGIN ChangePassword
Login (Admin, Doctor, Patient) provided by the Admin. Ǽ User
Change Password (Admin, Doctor, Patient)
If login success, following actions can be performed: Username, Password? :P User //inputs
Register user (Admin) U_state ! : State
Appointment(Patient)
Check availability of doctors
Make Appointment If username ^ password ∈ User ^ U_Status Ѯ Normal
Change Appointment ^ U_state ѮOnline
Manage Doctors username! = username?
Add doctors (Admin) password!=password?
Update doctors schedule (Patient)
R! = Success
Update doctors configuration (Admin)
Make Payments& Prescription Else
Payments (Admin) R! = Failed
Prescription (doctor)
Else, re-login. Figure 5. Change Password Schema
END
RegisterUser
IV SPECIFICATIONS OF AN E-HEALTH SYSTEM
The specification of the proposed e-health system has been Ǽ User
generated by making the Z schema. Z schema provides the
complete specification that will be used for the development, UserId, UserName,Password,UserId,State,Role: U? User//input
verification and maintenance process of the system.
R! : Response
a) Z Schema for users login
The first schema is LOGIN (shown in figure 4) and it
checks if the username and passwords are match in the If DoctorId? ∉ Doctor ^ (Role ∈ Admin or Role ∈ Patient ˅ Role ∈
database Table of the users, then system will respond success Doctor) then
and goes to the main window of the system, if not, then the
user cannot log on to the system. If user login successfully
U` = U` U {U?}
then user state will change to online and also user can change R! = Success
his/her password as in the figure 5 change password schema. Else
The change password required that the user must be login and R! = Failed
registered, otherwise he/she needs to login/request for
register(Figure 6.) Figure 6. Register user schema

Login b) Schema for Appointments

UserStatus ::= Normal \ Blocked
To enter in the main window of the system, user/patient
Ǽ User Status \ inActive must be logged in to the system. By accessing the system, user
UserState ::= On-line\ Offline is able to check the availability of the doctors, make
Username, Password? :P User //inputs Response ::= Success\ Failed appointment and change appointments of the doctors. The
AppointmentStatus ::= New \ system will respond success when the action performed,
U_state ! : State otherwise failed in case if doctors appointment maximum
Cancelled \ PaymentMade\ limit reached per day.
R! : Response Completed In the below mentioned schema (Figure 7). User can check
Role ::= Patient\ Admin\ the availability of the particular doctors and if the slot vacant
If username ∩password ∈ User Doctor and the total appointments of that particular doctor are less
than the allocated, he/she will be given availability.
U_state != On-line
R! = Success
else
R! = Failed
Figure 4. Login Schema

978-1-4799-3759-2/14/$31.00©2014 IEEE 3
 International Conference for Convergence of Technology - 2014

CheckAvailibility c) Schema for Manage Doctors

Ξ DoctorSchedule If the doctors are not already registered, then new doctors
Ξ Doctor can be added and their fee & maximum appointments per day
can be assigned by the administrator.
DoctorID? : Appointment//input AddDoctor
R! = Response //output
ǼDoctor ȆUser
DoctorId, Name
If DoctorId? ∈ Doctor ,Max_Appointment_per_Day,DoctorFee ,UserId:
If Tot_Appointment < Max_Appointment_per_Day then D? Doctor //input
R! = Success R! : Response
Else
R! = Failed
If DoctorId? ∉ Doctor ^ Role ∈ Admin then
Figure7. Check Availability of Doctors Schema D` = D` U {D?}
The user can add schedule appointment of doctors by R! = Success
addscheduleappointment schema mentioned in Figure 8. If the Else
availability is vacant, then the appointment is confirmed and R! = Failed
the doctor schedule is upadted accordingly. The user can
change his/her confirmed schedule appointment as given in Figure 10. Add doctor Schema
Figure 8.
UpdateDoctorsSchedule
AddScheduleAppointment
Ǽ Appointment Ξ User Ȇ Doctor
AppointmentId, AppointmentDetails, UserId, AppointmentDate, Ǽ DoctorSchedule
DoctorId,AppointmentStatus : S? Appointment //input DoctorId, Date ,Tot_Appointment : D? DoctorSchedule//input
R! : Response R! : Response

If DoctorId? ∈ Doctor ^ CheckAvailibility then

If S? ∉ Appointment ^ CheckAvailibility ^ Role ∈ Patient then Tot_Appointment! = Tot_Appointment +1
S’ = S U S? D’ = D U {D?}
UpdateDoctorsSchedule! = UpdateDoctorsSchedule R! = Success
R! = Success Else
else R! = Failed
R! = Failed
Figure11. Update Doctors Schedule Schema

Figure 8. Add Schedule Appointment Schema UpdateDoctorConfig

ChangeScheduleAppointment Ǽ Doctor Ȇ User
Ǽ Appointment Ξ User DoctorId, Name
,Max_Appointment_per_Day,DoctorFee,UserId : D?
AppointmentId, AppointmentDetails, UserId, AppointmentDate,
DoctorId : S? Appointment //input
Doctor //input
R! : Response R! : Response

If AppointmentId? ∈Appointment ^ AppointmentStatus ∈ New ^ If DoctorId? ∈ Doctor ^ Role ∈ Admin then

Role ∈ Patient then D` = D` U {D?}
S’ =S U {S?}
R! = Success R! = Success
Else Else
R! = Failed R! = Failed
Figure 9. Change Appointment Schema Figure 12. Update Doctors Configuration Schema

978-1-4799-3759-2/14/$31.00©2014 IEEE 4
 International Conference for Convergence of Technology - 2014

d) Manage Payments & Prescription x Z supports object oriented concepts

In this part, the payments and prescription are recorded in the x Tools support are available for (i) syntax checking (ii)
system. If the user/patient visits and he/she has confirmed editing (iii) creating specification.
appointment then he/she has to made payment. Finally the x Overall Time and Cost reduced of the software
prescription of the patient is recorded by the doctor who will give to systems that are developed by formal specification
patient after checkup. languages and the developed system is more reliable
and maintainable.
AddPayment
x The Z requirements specification can easily be
Ǽ Appointment Ȇ Doctor ȆUser converted into code.
x Automatic test case generation from Specification.
AppointmentId,AppointmentStatus,Amount,
UserId: S? Appointment//input The Formal Methods are greatly effective, because the rate
R! : Response of errors is higher in early phases of software development
and these methods make possible in finding errors in reviews
If AppointmentId? ∈ Appointment ^ and tests .Z specification is an effective and efficient method
AppointmentStatus ∈ New ^ Amount? = of detecting errors, Z founds more errors, at a lesser cost per
DoctorFee ^ Role ∈ Admin then error, than unit testing. There is a significant evidence that use
AppointmentStatus! = PaymentMade of formal techniques can greatly reduce defect rates in
S’ = S U {S?} delivered products.[1]
R! = Success We have also checked our specifications by creating a
control group in the university located in Islamabad, Pakistan.
Else
2 Teams consist of 4 peoples in each team were selected by
R! = Failed
their academic grades obtained in the selected courses. First of
Figure 13. Add payment Schema all teams were trained about the project and were given the
same e-health system to develop. Team A have traditional
expertise and Team B have Formal Methods. Team A
ManagePrescription s
developed the system through traditional development and
Ǽ Appointment Ȇ Doctor ȆUser they developed in 90 days. The team B developed the e-health
AppointmentId,AppointmentStatus,UserId,Prescription: system through FM (z schema) in overall 79 days. Team A
S? Appointment//input spent more time in designing, implementation & test and in
R! : Response maintenance and verification. Whereas the Team B focuses
Prescription!: Prescription//Output more time on the development of specifications and as a result
If AppointmentId? ∈ Appointment ^ they produce the system in overall 79 days. As this was the
AppointmentStatus ∈ PaymentMade ^ Role ∈ free project to test the formal methods with traditional
Doctor ^ UserId ∈ DoctorId then methods, therefore, we did not consider the cost factor. Below
AppointmentStatus! = Completed is the comparison of both the Traditional development and
Prescription!: Prescription? Formal Methods development in 4 different phases of the
S’ = S U {S?} software development.
R! = Success
Else Table 1. Comparison of Time vs Program Phase
R! = Failed Formal Method
Traditional
(Z schema )
Figure 14. Manage Prescription Development
Phases Development

In this schema, the prescription is specified, if all the Time (days) Time (days)
conditions are met, then prescription of the patients are
Specifications Development 27 40
specified. This completes the specification of an e-health
system. Design 15 12
V. MOTIVATION& DISCUSSION
Implementation & Test 18 10
In 2012, a comprehensive study was conducted for
analysis of FM (Z and B). In this study it is found that errors Verification & Maintenance 30 17
in the specification can be drastically reduced by using FM, by Total 90 79
which analyst can create a specifications that are more
complete, reliable and explicit. They conclude that [3]:
x Z and B formal specification language is basically These factors are clearly indicating that Formal Methods
established for recording user requirements in a form are better than traditional approaches for the development of
that can be proved mathematically. the system, so it is the motivation to the developers as well as

978-1-4799-3759-2/14/$31.00©2014 IEEE 5
 International Conference for Convergence of Technology - 2014

the organization to use FM in developing the systems and [8] M. Man, "Designing Spatial Information Databases Integration
bridging the gap between industry and academia. Modelling using Z Spec," Proc. of the Second Intl. Conf. on
Advances in Computer and Information Technology -ACIT,
VI. CONCLUSION 2013.
[9] P. Salini and S. Kanmani, "Elicitation of Security
In this paper, we have presented some cases of Requirements for E-Health System by applying Model
specifications for an e-Health system using Z. Formal Oriented Security Requirements Engineering (MOSRE)
Methods make it possible to uncover those errors which Framework," in CCSEIT-12, October 26-28, 2012,
remain during the early phase of requirements collection. Coimbatore, India.
Because a program is said to be correct if it behaves exactly [10] S.H. Bakri, H.Harun, A. Alzoubi, and R. Ibrahim, “ The
what is defined in the specification. By using the Z language Formal Specification for the Inventory System Usning Z
system design and development can improve the quality Language,” 4th International Conference on Computing and
Informatics, ICOCI, 28-30 August, 2013 Sarawak, Malaysia.
efficiently and reduce time, cost, fixing bugs at an initial phase [11] W. James and A. Marshall, "Formal Methods and Models,"
is cheaper than adjusting in the deployed system.We have Information Security: An Integrated Collection of Essays, 2005,
implemented the specifications in traditional method and in pp. 170-186.
formal method and found that formal methods are better than [12] Y. Jun and H. Zhi-Yi, "Using Formal Methods to Design a
traditional. It is also be proved from the literature. This study Class Scheduling System," 2008 IEEE International
is motivation for developers and industry to develop their Conference on Computer Science and Software Engineering,
system specifications by using Formal Methods which results China.
in systems developed in less time and cost. This will also
bridge the gap between industry and academia. These methods
not only helpful for safety critical systems but will also in the
commercial and business oriented applications, because time,
verification and maintenance cost will drastically reduce and
system performance also be increased. In future Z
specifications can be implemented for large systems and can
be tested in terms of cost and time for the whole software life
cycle to check the significance of formal methods in
commercial system development.
ACKNOWLEDGEMENT
We would like to thankful of PMAS-Arid Agriculture
University, Rawalpindi, ZTBL, Islamabad and Higher
Education Commission of Pakistan for supporting to conduct
this study.
REFERENCES

[1] A. Hall. "What does industry need from formal specification

techniques?", Proceedings 2ndIEEE Workshop on Industrial
Strength Formal Specification Techniques WIFT-98, 1999
[2] A. K. Sharma and M. Singh, "Comparison of the Formal
Specification Languages Based Upon Various Parameters,"
IOSR Journal of Computer Engineering (IOSR-JCE), vol.11,
PP 37-39,(May-June 2013).
[3] A. Kaur, S. Gulati, S. Singh, "A Comparative Study of Two
Formal Specification Languages: Z-Notation & B-Method,"
CCSEIT-12, October 26-28, 2012, Coimbatore, India
[4] A. Kaur, S. Gulati, S. Singh, "Analysis of Three Formal
Methods-Z, B and VDM," International Journal of Engineering
Research & Technology (IJERT), vol. 1 Issue 4, June - 2012
[5] J. Li, L.P. W. Land, S. Chattopadhyay, and P. Ray, "An
Approach for E-Health System Assessment & Specification,"
10th IEEE Intl. Conf. on e-Health Networking, Applications
and Service (HEALTHCOM 2008).
[6] J. F. Davis, "The Affordable Application of Formal Methods to
Software Engineering," SIGAda’05, November 13–17, 2005,
Atlanta, Georgia, USA.
[7] M. Butler, M. Leuschel, S. L .Presti, P. Turner, "The Use of
Formal Methods in the Analysis of Trust, Springer, 2004, pp
333-339.

978-1-4799-3759-2/14/$31.00©2014 IEEE 6
View publication stats