Preorders on Labelled Transition Systems Ed Brinksma Course 2004

 Formal Testing i imp s i passes T imp S i specification test generation test suite T  imp implementation i test execution pass / fail

Implementation Relation i imp s : implementation i implements specification s imp reflexive ? s imp s imp symmetric ? i imp s  s imp i imp transitive ? i imp s, s imp t  i imp t imp anti-symmetric? i imp s, s imp i  i = s imp linear ? i imp s or s imp i imp congruent ? i imp s  f( i ) imp f( s ) Yes No Prefer equivalence : reflexive, symmetric, transitive preorder : reflexive, transitive partial order : anti-symmetric preorder linear/total order : linear partial order

Preorders on Transition Systems  i  s   e  E . obs ( e, i )  obs (e, s ) implementation i specification s i  s   e  E . obs ( e, i ) = obs (e, s )  environment e    ? ? ?

Preorders on Transition Systems  implementation i specification s environment e Suppose an environment interacts with the black box implementation i and with the specification s : i correctly implements s iff all observation of i can be related to observations of s

Preorders on Transition Systems For almost any equivalence  you can define a corresponding preorder  such that p  q  p  q and q  p : S1 h S2 homomorphism S1 b S2 various simulation relations S1 tr S2 trace preorder S1 te S2 testing preorder S1 ready S2 ready preorder S1 Q S2 queue preorder S1 ft S2 failure (trace) preorder ……… ………

Equivalences on Transition Systems now you need to observe 's …… isomorphism test an LTS with another LTS, and undo, copy, repeat as often as you like bisimulation ( weak ) weak strong test an LTS with another LTS, and try again (continue) after failure failure trace = refusal test an LTS with another LTS failures = testing observing sequences of actions and their end completed trace observing sequences of actions trace

Preorders on Transition Systems now you need to observe 's …… isomorphism test an LTS with another LTS, and undo, copy, repeat as often as you like bisimulation ( weak ) weak strong test an LTS with another LTS, and try again (continue) after failure failure trace = refusal test an LTS with another LTS failures = testing observing sequences of actions and their end completed trace observing sequences of actions trace

tr Trace Preorder i tr s  traces ( i )  traces ( s ) implementation i specification s environment e i tr s  traces ( i )  traces ( s ) traces (s) = {   L* | s  } Traces:

Trace Preorder tr tr tr tr tr tr coffee coffee coffee i tr s = dub tr coffee dub tea tr tr tr dub coffee tea tr tr i tr s = traces(i)  traces(s)

Trace Preorder tr tr tr coffee coffee i tr s = coffee dub coffee dub tea tr dub coffee tea i tr s = traces(i)  traces(s)

te Testing Preorder i te s   e  E . obs ( e, i )  obs (e, s ) implementation i specification s environment e i te s   e  E . obs ( e, i )  obs (e, s )   LTS(L) Ctraces (e||s)

te Testing Preorder e||i after  refuses L  e||s after  refuses L implementation i specification s environment e i te s   e  LTS(L) .    L* . e||i after  refuses L  e||s after  refuses L  FP (i)  FP (s) FP (p) = {  , A  | A  L,  traces(p), p afer  refuses A }

Testing Preorder te te p q c b a a c b p after a b refuses L q after a b refuses L p after a refuses {b} q after a refuses {b} p after a refuses {c} q after a refuses {c} p after a refuses {b,c} q after a refuses {b,c}

Testing Preorder te te p q a a c b b p after a refuses {a} q after a refuses {a} p after a refuses {b} q after a refuses {b} p after a refuses {c} q after a refuses {c} p after a refuses {b,c} q after a refuses {b,c} p after a refuses {a,b,c} q after a refuses {a,b,c}

Testing Preorder te te te te te te  c b a a c b c b a i te s = FP(i)  FP(s)

Testing preorder te te te te te te p q   a a a a Environment e : obs(e,p) = { a  } obs(e,q) = { a ,  }

Testing Preorder a ? te a b ? te a b ? te a  b ? te b  a ? te

Testing Preorder p te q p te q ? q te p ? p q tea coin bang coffee

rf Refusal Preorder i rf s   e  E . obs ( e, i )  obs (e, s ) implementation i specification s environment e i rf s   e  E . obs ( e, i )  obs (e, s )   LTS(L{}) Ctraces (e||i)

rf Refusal Preorder e||i after  refuses L  e||s after  refuses L implementation i specification s environment e i rf s   e  LTS(L{}) .    L* . e||i after  refuses L  e||s after  refuses L  Ftraces( i )  Ftraces ( s )

Refusal Preorder    A  {  } : s    ( L ( L ) )* : s Failure A :     A  {  } : s A s s    ( L ( L ) )* : s  Failure trace  : Failure traces of p : Ftraces (p) = {   ( L ( L ) )* | p }  p rf q  Ftraces(p)  Ftraces (q) Failure trace preorder = refusal preorder : a c b Ftraces : {b,c} a {a,c} b L a {c} b {a} {b} {c}  a {b} {b} c Not Ftraces : {a,b,c} a {a,c} b L a {c} c L a a 

Refusal Preorder q rf p p rf q p q Ftrace of p : tea coin bang coffee p coffee tea coin bang q q rf p p rf q Ftrace of p : coin {coffee} bang {coffee} tea Not an Ftrace of q : coin {coffee} bang {coffee} tea Not an Ftrace of p : coin {coffee} bang coffee An Ftrace of q : coin {coffee} bang coffee

Preorders on Transition Systems failure trace = refusal preorder test an LTS with another LTS, and try again (continue) after failure weak strong failures = testing preorder test an LTS with another LTS trace preorder observing sequences of actions