Department of CIS University of Pennsylvania 1/31/2001 Specification-based Protocol Testing Hyoung Seok Hong Oleg Sokolsky CSE 642.

Slides:

Advertisements

Similar presentations

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

Advertisements

Behavioral Modeling: State Diagrams CIS 4800 Kannan Mohan Department of CIS Zicklin School of Business, Baruch College Copyright © 2009 John Wiley & Sons,

SOFTWARE TESTING. INTRODUCTION  Software Testing is the process of executing a program or system with the intent of finding errors.  It involves any.

Testing Concurrent/Distributed Systems Review of Final CEN 5076 Class 14 – 12/05.

COVERAGE CRITERIA FOR TESTING 1. ill-defined terms in Testing  complete testing  exhaustive testing  full coverage Are poorly defined terms because.

Galit Friedman, Alan Hartman, Kenneth Nagin, Tomer Shiran IBM Haifa Research Laboratory ISSTA 2002.

Object-Oriented Analysis and Design

Winter 2007SEG2101 Chapter 41 Chapter 4 SDL – Structure and Behavior.

Software Testing and Quality Assurance

Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.

Model-based Testing.

Software Engineering, COMP201 Slide 1 Protocol Engineering Protocol Specification using CFSM model Lecture 30.

Systems Engineering Project: System Validation and Verification Using SDL Ron Henry ENSE 623 November 30, 2004.

Modeling State-Dependent Objects Using Colored Petri Nets

SEBASE 2007 Testing from Finite State Machines R. M. Hierons Brunel University, UK

Testing Components in the Context of a System CMSC 737 Fall 2006 Sharath Srinivas.

System Design Research Laboratory Specification-based Testing with Linear Temporal Logic Li Tan Oleg Sokolsky Insup Lee University of Pennsylvania.

Winter 2012SEG Chapter 11 Chapter 1 (Part 2) Introduction to Requirements Modeling.

Software Testing and QA Theory and Practice (Chapter 10: Test Generation from FSM Models) © Naik & Tripathy 1 Software Testing and Quality Assurance Theory.

1 Software Testing Techniques CIS 375 Bruce R. Maxim UM-Dearborn.

Protocol Analysis/Testing Based on Sidhu et al in IEEE TSE 89 and TN 93 Figures from the papers.

Intrusion and Anomaly Detection in Network Traffic Streams: Checking and Machine Learning Approaches ONR MURI area: High Confidence Real-Time Misuse and.

Software Testing Sudipto Ghosh CS 406 Fall 99 November 9, 1999.

02/06/05 “Investigating a Finite–State Machine Notation for Discrete–Event Systems” Nikolay Stoimenov.

Cheng/Dillon-Software Engineering: Formal Methods Model Checking.

Multi-Agent Model to Multi-Process Transformation A Housing Market Case Study Gerhard Zimmermann Informatik University of Kaiserslautern.

Timed UML State Machines Ognyana Hristova Tutor: Priv.-Doz. Dr. Thomas Noll June, 2007.

Introduction to Software Testing Chapter 9.4 Model-Based Grammars Paul Ammann & Jeff Offutt

1 Object-Oriented Testing CIS 375 Bruce R. Maxim UM-Dearborn.

Object-Oriented Software Testing. C-S 5462 Object-Oriented Software Testing Research confirms that testing methods proposed for procedural approach are.

AMOST Experimental Comparison of Code-Based and Model-Based Test Prioritization Bogdan Korel Computer Science Department Illinois Institute of Technology.

©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 7 Slide 1 System models l Abstract descriptions of systems whose requirements are being.

Overview of Software Testing 07/12/2013 WISTPC 2013 Peter Clarke.

White-Box Testing Techniques II Originals prepared by Stephen M. Thebaut, Ph.D. University of Florida Dataflow Testing.

Institute e-Austria in Timisoara 1 Author: prep. eng. Calin Jebelean Verification of Communication Protocols using SDL ( )

Software Engineering Research paper presentation Ali Ahmad Formal Approaches to Software Testing Hierarchal GUI Test Case Generation Using Automated Planning.

Introduction to Software Testing Chapter 2.5 Graph Coverage for Specifications Paul Ammann & Jeff Offutt

Model Based Testing Group 7  Nishanth Chandradas ( )  George Stavrinides ( )  Jeyhan Hizli ( )  Talvinder Judge ( )  Saajan.

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

Ch. 2. Specification and Modeling 2.1 Requirements Describe requirements and approaches for specifying and modeling embedded systems. Specification for.

Test Coverage CS-300 Fall 2005 Supreeth Venkataraman.

Winter 2007, rev. 2008SEG Chapter 21 Chapter 2 Basic Principles.

Sommerville 2004,Mejia-Alvarez 2009Software Engineering, 7th edition. Chapter 8 Slide 1 System models.

Natallia Kokash (Accepted for PACO’2011) ACG, 31/05/ Input-output conformance testing for channel-based connectors 1.

System Testing Beyond unit testing. 2 System Testing Of the three levels of testing, system level testing is closest to everyday experience We evaluate.

1 Graph Coverage (5). Reading Assignment P. Ammann and J. Offutt “Introduction to Software Testing” ◦ Section

Automatic Testing of Neighbor Discovery Protocol Based on FSM and TTCN Zhiliang Wang, Xia Yin, Haibin Wang, Jianping Wu Department of Computer Science.

Testing OO software. State Based Testing State machine: implementation-independent specification (model) of the dynamic behaviour of the system State:

Finite State Machines (FSM) OR Finite State Automation (FSA) - are models of the behaviors of a system or a complex object, with a limited number of defined.

SOFTWARE TESTING. Introduction Software Testing is the process of executing a program or system with the intent of finding errors. It involves any activity.

Formal Verification. Background Information Formal verification methods based on theorem proving techniques and modelchecking –To prove the absence of.

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

Workshop on Integrating Software Testing into Programming Courses (WISTPC14:2) Friday July 18, 2014 Introduction to Software Testing.

From Natural Language to LTL: Difficulties Capturing Natural Language Specification in Formal Languages for Automatic Analysis Elsa L Gunter NJIT.

Hardware/Software Co-Design of Complex Embedded System NIKOLAOS S. VOROS, LUIS SANCHES, ALEJANDRO ALONSO, ALEXIOS N. BIRBAS, MICHAEL BIRBAS, AHMED JERRAYA.

Introduction to Software Testing. Graph Coverage For Specifications 2 Call graphs for classes often wind up being disconnected, and in many cases, such.

Copyright 1999 G.v. Bochmann ELG 7186C ch.1 1 Course Notes ELG 7186C Formal Methods for the Development of Real-Time System Applications Gregor v. Bochmann.

SOFTWARE TESTING LECTURE 9. OBSERVATIONS ABOUT TESTING “ Testing is the process of executing a program with the intention of finding errors. ” – Myers.

Testing Integral part of the software development process.

Introduction to Software Testing (2nd edition) Chapter 5 Criteria-Based Test Design Paul Ammann & Jeff Offutt

From requirements to specification Specification is a refinement of requirements Can be included together as Software Requirements Specifications (SRS)

Laurea Triennale in Informatica – Corso di Ingegneria del Software I – A.A. 2006/2007 Andrea Polini VII. System Specification (I)

Software Testing.

Methodological Issues in Model-Based Testing (MBT)

Input Space Partition Testing CS 4501 / 6501 Software Testing

Graph Coverage for Specifications CS 4501 / 6501 Software Testing

Structural testing, Path Testing

Graph Coverage for Design Elements CS 4501 / 6501 Software Testing

Graph Coverage for Specifications CS 4501 / 6501 Software Testing

Presentation transcript:

Department of CIS University of Pennsylvania 1/31/2001 Specification-based Protocol Testing Hyoung Seok Hong Oleg Sokolsky CSE 642

Department of CIS University of Pennsylvania 1/31/2001 Outline Introduction –Specifications, implementations –Conformance relations –Tests, testing architectures –Assumptions, etc. Formal protocol specifications Finite-state machine (FSM) testing Extended FSM (EFSM) testing Test generation for StateCharts

Department of CIS University of Pennsylvania 1/31/2001 Testing problem A specification gives a description of the system behavior. An implementation should behave according to the specification. Is this really true? c a b a b a b

Department of CIS University of Pennsylvania 1/31/2001 Black-box vs. White-box testing Black-box: unknown system structure –Testing against reference specification –Use the specification interface for test selection, coverage criteria, result analysis White-box: known system structure –Testing against reference specification –Use system structure for test selection, etc.

Department of CIS University of Pennsylvania 1/31/2001 Protocol testing architectures Tester Local architecture IUT IUT – implementation under test PCO PCO – point of control and observation

Department of CIS University of Pennsylvania 1/31/2001 Protocol testing architectures Upper Tester IUT PCO 1 PCO 2 underlying service layer Lower Tester Distributed architecture Coordinated architecture Remote architecture

Department of CIS University of Pennsylvania 1/31/2001 General testing architecture IUT PCO Tester

Department of CIS University of Pennsylvania 1/31/2001 Tests and test suites A test case defines: –A finite sequence of inputs –A finite sequence of expected outputs A test suite is a collection of tests to achieve a certain test coverage Testing process –test generation: construct a test suite –test application: execute each test –result evaluation: interpret outputs

Department of CIS University of Pennsylvania 1/31/2001 Test structure Test purpose –e.g., identify a state of the implementation Test preamble –lead the IUT into known state Test body –invoke behavior corresponding to the test purpose Checking of test results

Department of CIS University of Pennsylvania 1/31/2001 Modeling approach Testing criteria on a concrete system are hard to formulate implementation detailed specification ? conformance relation Abstract models make reasoning easier abstract model of specification abstract model of implementation assumptions and test hypothesis assumptions and test hypothesis

Department of CIS University of Pennsylvania 1/31/2001 Outline Introduction Formal protocol specifications –Formal specification languages Finite-state machine (FSM) testing Extended FSM (EFSM) testing Test generation for StateCharts

Department of CIS University of Pennsylvania 1/31/2001 Formal specification languages Extended FSM –SDL –Estelle –StateCharts Process Algebras –LOTOS Algebraic Specification –Z, VDM

Department of CIS University of Pennsylvania 1/31/2001 Outline Introduction Formal protocol specifications Finite-state machine (FSM) testing –FSM model –FSM fault models –FSM test selection Extended FSM (EFSM) testing Test generation for StateCharts

Department of CIS University of Pennsylvania 1/31/2001 FSM model A set of states An initial state Finite sets of input (X) and output (Y) events Transfer function x1x1 x2x2 x3x3 Output function /y 1 /y 2 /y 3

Department of CIS University of Pennsylvania 1/31/2001 FSM-based fault model Output faults Transfer faults Transfer faults with additional states Additional or missing transitions Control and data flow faults?

Department of CIS University of Pennsylvania 1/31/2001 Testing based on FSM models Testing methods based on control flow –Transition-tour (TT) method a single sequence of inputs to traverse all transitions simple but weak –Unique-input-output (UIO) method a test to identify each state in the specification –Distinguishing sequence (DS) method identify each state by the same test body provides full coverage, but may not have a DS

Department of CIS University of Pennsylvania 1/31/2001 UIO testing method Assumption: for each state, there is an input sequence that produces a unique output Each test identifies one state s1b/1 s2a/0a/0 b/1 s3b/1a/1 preamble body s1s1 s2s2 s3s3 b/1 b/0 a/1 a/0

Department of CIS University of Pennsylvania 1/31/2001 Outline Introduction Formal protocol specifications Finite-state machine (FSM) testing Extended FSM (EFSM) testing –EFSM model –EFSM fault models –EFSM test selection Test generation for StateCharts

Department of CIS University of Pennsylvania 1/31/2001 EFSM model A set of states An initial state Finite sets of input (X) and output (Y) events Transition relation x1x1 x2x2 x3x3 A finite set of variables (V) – Guards b1 b1  b2 b2  b3 b3  {output y 1 } {update v 2 } {output y 3 } – Update blocks

Department of CIS University of Pennsylvania 1/31/2001 Tests for EFSM models EFSM executions depend on input signals and data A test consists of: –test sequence –test data Executability problem: –Find data to execute the test sequence Undecidable, in general 

Department of CIS University of Pennsylvania 1/31/2001 Executability problem introduces an additional step in the testing process: –test generation: construct a test suite –test application: execute each test –result evaluation: interpret outputs Test validation –test validation: keep only executable tests –test application: execute each test –result evaluation: interpret outputs

Department of CIS University of Pennsylvania 1/31/2001 Control and data flow testing EFSM executions are data-dependent Control flow FSM testing methods are not adequate for EFSM models Data flow testing methods account for data dependencies

Department of CIS University of Pennsylvania 1/31/2001 Data flow: definitions and uses Data variables are –defined by inputs and updates (def) –used in updates (c-use) guards (p-use) Data-flow graph captures data dependencies

Department of CIS University of Pennsylvania 1/31/2001 Data flow graph Directed graph with nodes labeled with definitions and uses of variables v=0  {input u} u<0  {v:=u+1} p-use v def u p-use u c-use u def v

Department of CIS University of Pennsylvania 1/31/2001 Data-flow coverage criteria all-def –test suite covers each definition at least once all-use –cover each def-use association at least once all-du-paths –exercise all paths from each definition of a variable to every its use.

Department of CIS University of Pennsylvania 1/31/2001 all-use coverage Find at least one definition-free path for every def-use association def v use v no definitons of v

Department of CIS University of Pennsylvania 1/31/2001 Outline Introduction Formal protocol specifications Finite-state machine (FSM) testing Extended FSM (EFSM) testing Test generation for Statecharts

Department of CIS University of Pennsylvania 1/31/2001 EFSMs (FSMs + variables) + concurrency + hierarchy + communication + real-time Widely used for specifying real-time embedded HW/SW controllers Also used in most of object-oriented methodologies, e.g., UML Statecharts

Department of CIS University of Pennsylvania 1/31/2001 A coffee vending machine Statecharts = off power-on/ light-on; m:=0 power-off/ light-off Hierarchy + not empty inc/m:=0 dec[m=1]/m:=0 inc/m:=m+1 dec[m>1]/m:=m-1 money EFSMs + busyidle coffee on done/stop Concurrency + coffee[m>0]/start Real-time tm(coffee,[3,5])/stop Communication + coffee[m>0]/start;dec

Department of CIS University of Pennsylvania 1/31/2001 Test sequences for Statecharts The main purpose –What should implementations do? {power-on}/{light-on}, {inc}/{}, {coffee}/{start} –What should not implementations do? {power-on}/{light-on}, {coffee}/{} The main issue –How can we generate a finite and reasonable number of test sequences?

Department of CIS University of Pennsylvania 1/31/2001 State coverage off power-on/ light-on; m:=0 power-off/ light-off not empty inc/m:=0 dec[m=1]/m:=0 inc/m:=m+1 dec[m>1]/m:=m-1 money busyidle coffee on done/stop coffee[m>0]/start tm(coffee,[3,5])/stop coffee[m>0]/start;dec

Department of CIS University of Pennsylvania 1/31/2001 Transition coverage off power-on/ light-on; m:=0 power-off/ light-off not empty inc/m:=0 dec[m=1]/m:=0 inc/m:=m+1 dec[m>1]/m:=m-1 money busyidle coffee on done/stop coffee[m>0]/start tm(coffee,[3,5])/stop coffee[m>0]/start;dec

Department of CIS University of Pennsylvania 1/31/2001 Data flow oriented coverage off power-on/ light-on; m:=0 power-off/ light-off not empty inc/m:=0 dec[m=1]/m:=0 inc/m:=m+1 dec[m>1]/m:=m-1 money busyidle coffee on done/stop coffee[m>0]/start tm(coffee,[3,5])/stop coffee[m>0]/start;dec

Department of CIS University of Pennsylvania 1/31/2001 Test generation from Statecharts (I) Basic idea –Transforms Statecharts into EFSMs Advantage –Can reuse the existing methods and tools for EFSMs –Can handle infinite state space Disadvantage –Cannot determine the executability of test sequences

Department of CIS University of Pennsylvania 1/31/2001

Department of CIS University of Pennsylvania 1/31/2001 Test generation from Statecharts (II) Basic Idea –Test generation can be reduced into model checking –TG: for each state s, is there a path leading to s –MC: a temporal logic formula EFs express this property Advantage –Fully automatic –Generates only executable test sequences Disadvantages –Can handle only finite state space

Department of CIS University of Pennsylvania 1/31/2001 Another perspective Testing classes in object-oriented programs –Can we show an CLASS implementation conforms to a Statechart specification? –Variables of Statecharts: data members of classes –Events of Statecharts: member functions of classes Testing inheritance in object-oriented programs –Can we reuse the test sequences of a super-class for testing its subclasses ?

Department of CIS University of Pennsylvania 1/31/2001 A coffee-cocoa vending machine off power-on/ light-on; m:=0 power-off/ light-off busyidle cocoa on not empty inc/m:=0 dec[m=1]/m:=0 inc/m:=m+1 dec[m>1]/m:=m-1 money tm(coffee,[3,5])/stop cocoa[m>0]/start;dec busyidle coffee tm(coffee,[3,5])/stop coffee[m>0]/start;dec Vending Machine Coffee Vending Machine Cocoa Vending Machine Coffee- Cocoa Vending Machine