Presentation is loading. Please wait.

Presentation is loading. Please wait.

TESTCOM/FATES 20081 Test Plan Generation for Concurrent Real-Time Systems based on Zone Coverage Analysis Farn Wang Dept. of Electrical Eng. National Taiwan.

Published byLeon Evans Modified over 9 years ago

Similar presentations

Presentation on theme: "TESTCOM/FATES 20081 Test Plan Generation for Concurrent Real-Time Systems based on Zone Coverage Analysis Farn Wang Dept. of Electrical Eng. National Taiwan."— Presentation transcript:

1 TESTCOM/FATES 20081 Test Plan Generation for Concurrent Real-Time Systems based on Zone Coverage Analysis Farn Wang Dept. of Electrical Eng. National Taiwan University joint work w. G.-D. Huang

2 TESTCOM/FATES 20082 Background Testing is still the main verification technique. CRTS (Concurrent Real-Time Systems) imposes challenges to test coverage. –concurrency  event ordering –event time instances –appropriate coverage mertics for CRTS ? states ? regions ? zones ?

3 TESTCOM/FATES 20083 Proposal CTA (communicating timed automata) for the model of CRTS AZC (Active Zone Coverage) –Estimate how big a zone is. –Only active variables are used in determining zones Testplan for efficient AZC gains Experiments

4 TESTCOM/FATES 20084 Related work (1/2) Classic: –statement coverage, visited-state, transition coverage TA (timed automata) reachability –arc coverage, trigger coverage –region coverage, estimation technique of regions in a zone. UPPAAL –time-optimal testplans –edge coverage, location coverage, dataflow coverage

5 TESTCOM/FATES 20085 Related work (2/2) event-recording automata  reachability graph of equivalence classes  test plan –arc coverage, location coverage, domain analysis, dataflow coverage uniformly priced timed automata  test plans with a minimum cost Test plan based on fault-detection rate for regression testing Test case with region coverage annotations for timed automata model

6 TESTCOM/FATES 20086 CTA Communicating Timed Automata wait retry x<=52 ?cd !end x1==808 idle busy collision x<26 ?begin x3<26 x3=0; ?begin x3=0; ?end Sender 1 Sender 2 Bus 1 2 15 17 18 16 !begin x1=0; !cd Sender1,Sender2, and Bus are all PTAs. ?cd send x1<=808 !begin x1=0; 4 ?cd 3 5 wait retry x<=52 ?cd !end x2==808 13 8 9 14 !begin x2=0; ?cd send x2<=808 !begin x2=0; 11 ?cd 10 12

7 TESTCOM/FATES 20087 CTA LGT (legitimate global transitions) synchronized: for every event e, every !e is received by exactly a ?e. minimal: it cannot be decomposed to more than one legitimate global transitions

8 TESTCOM/FATES 20088 CTA LGT (legitimate global transitions) wait retry x<=52 ?cd !end x1==808 idle busy collision x<26 ?begin x3<26 x3=0; ?begin x3=0; ?end Sender 1 Sender 2 Bus 1 2 15 17 18 16 !begin x1=0; !cd ?cd send x1<=808 !begin x1=0; 4 ?cd 3 5 wait retry x<=52 ?cd !end x2==808 13 8 9 14 !begin x2=0; ?cd send x2<=808 !begin x2=0; 11 ?cd 10 12 (1,15) is an LGT.(8,15) is an LGT. (4,13,18) is an LGT. (1,8,15) is not. not sync’d (4) is not. not sync’d (4,18) is not. not sync’d (19,8,15) is not. not minimal 19

9 TESTCOM/FATES 20089 CTA states and transitions state, a valuation from propositions to {true, false} from clocks to non-negative reals +t, a state identical to except that for all clocks x, ( +t)(x) = (x)+t, transitions  g ’ satisfies the trigger of g. ’ is identical to except that clocks are reset according to g.

10 TESTCOM/FATES 200810 Regions & Zones Zones: convex space characterizable with constraints of the form x-y<c, x-y≤c –x,y: clocks or zeros, –c: an integer with |c| ≤ the biggest timing constant used in the model and property. Regions: the smallest non-empty zones Region-equivalence is fine enough for TCTL model-checking. Zone-equivalence can also be fine enough and efficient for the same purpose.

11 TESTCOM/FATES 200811 Symbolic postcondition  ’ = post( ,g): the zone for the timed postcondition  ’ of zone  after LGT g. post( ,g)={ | ’ , t  R, t≥0, ’+t  g }

12 TESTCOM/FATES 200812 Zone Forest construct the reachability graph ZoneForest(A,  ) { Rewrite the initial condition of A in DN  1  …   n R:={  1, …,  n }; V:=R; Φ:=R; K:=  ;  :=  1  …   n ; While  , { Pick a zone  from  ; let  :=  – {  }; For each LGT g { Let  ’ := post( , g); If  ’   is satisfiable, {  :=    ’;  :=   {  ’}; V:=V  {  ’ }; K:=K  {( ,g,  ’)}. } } } return (V,R,K); } The reachability predicate already- reachables are not explored.

13 TESTCOM/FATES 200813 Active zones (1/2) A variable x is active in a state iff there is a run from along which x is read before ever written to.  (Write(x)  Read(x)) U Read(x) Write(x), the disjunction of triggers of all LGT g which writes to x. Read(x), –the disjunction of triggers of all LGT g which reads x in either triggers or the RHS of actions –the invariance condiitons –the risk conditions

14 TESTCOM/FATES 200814 Active zones (2/2) ActiveZone (  ) { for every clock x, if    (Write(x)  Read(x)) U Read(x) is unsatisfiable,  :=  x(  ); return  ; } Reduce the representation sizes of reachable spaces! Improve performance in ZoneForest construction! Gain more regions in coverage!

15 TESTCOM/FATES 200815 Prioritized Test Plan Generation TestPlan(A,  ) { Let  be the set of root-to-leaf paths in ZoneForest(A,  ); Let  be an empty sequence;  := false. While    { Pick a  1 …  n   s.t.   ’ 1 …  ’ m   RCM(ActiveZone(  1  …   n   )) ≥ RCM(ActiveZone(  ’ 1  …   ’ m   ))  :=  - {  1 …  n };  :=  testcase(  1 …  n );  :=    1  …   n ; } return  } The region coverage estimation technique in FORTE 2003, by Wang, Hwang, Yu. Sequence concatenation.

16 TESTCOM/FATES 200816 Experiments RED, version 7.0 –model-checker for TCTL and TAs –simulation-checker for TAs –parametric analyzer for LHAs –In sourceforge project REDLIB. BLUETOOTH, L2CAP Linux, REDHAT 9, 3.2GHz We did not compare with other tools. previous state-based coverage for timed systems ? could have to concoct some SUTs that show our performance.

17 TESTCOM/FATES 200817 AZC estimation for zone forest construction

18 TESTCOM/FATES 200818 AZC gain for prioritized test plan

19 TESTCOM/FATES 200819 Future work The strength of state-based coverage for timed systems ? New state-based coverage metrics for timed systems Cost of testcases ?

Download ppt "TESTCOM/FATES 20081 Test Plan Generation for Concurrent Real-Time Systems based on Zone Coverage Analysis Farn Wang Dept. of Electrical Eng. National Taiwan."

Similar presentations

Model Checking Lecture 4. Outline 1 Specifications: logic vs. automata, linear vs. branching, safety vs. liveness 2 Graph algorithms for model checking.

Model Checking Lecture 4. Outline 1 Specifications: logic vs. automata, linear vs. branching, safety vs. liveness 2 Graph algorithms for model checking.
An improved on-the-fly tableau construction for a real-time temporal logic Marc Geilen 12 July 2003 /e.

An improved on-the-fly tableau construction for a real-time temporal logic Marc Geilen 12 July 2003 /e.
Analyzing Regression Test Selection Techniques

Analyzing Regression Test Selection Techniques
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Partial Order Reduction: Main Idea

Partial Order Reduction: Main Idea
SAT Based Abstraction/Refinement in Model-Checking Based on work by E. Clarke, A. Gupta, J. Kukula, O. Strichman (CAV’02)

SAT Based Abstraction/Refinement in Model-Checking Based on work by E. Clarke, A. Gupta, J. Kukula, O. Strichman (CAV’02)
1 Fault Diagnosis for Timed Automata Stavros Tripakis VERIMAG.

1 Fault Diagnosis for Timed Automata Stavros Tripakis VERIMAG.
1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.

1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
1 Finite Constraint Domains. 2 u Constraint satisfaction problems (CSP) u A backtracking solver u Node and arc consistency u Bounds consistency u Generalized.

1 Finite Constraint Domains. 2 u Constraint satisfaction problems (CSP) u A backtracking solver u Node and arc consistency u Bounds consistency u Generalized.
Dana Nau: Lecture slides for Automated Planning Licensed under the Creative Commons Attribution-NonCommercial-ShareAlike License:

Dana Nau: Lecture slides for Automated Planning Licensed under the Creative Commons Attribution-NonCommercial-ShareAlike License:
UPPAAL Introduction Chien-Liang Chen.

UPPAAL Introduction Chien-Liang Chen.
Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?

Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?
Timed Automata.

Timed Automata.
Testing Concurrent/Distributed Systems Review of Final CEN 5076 Class 14 – 12/05.

Testing Concurrent/Distributed Systems Review of Final CEN 5076 Class 14 – 12/05.
UPPAAL Andreas Hadiyono Arrummaisha Adrifina Harya Iswara Aditya Wibowo Juwita Utami Putri.

UPPAAL Andreas Hadiyono Arrummaisha Adrifina Harya Iswara Aditya Wibowo Juwita Utami Putri.
CSE 522 UPPAAL – A Model Checking Tool Computer Science & Engineering Department Arizona State University Tempe, AZ 85287 Dr. Yann-Hang Lee

CSE 522 UPPAAL – A Model Checking Tool Computer Science & Engineering Department Arizona State University Tempe, AZ Dr. Yann-Hang Lee
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 13.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 13.
CS 267: Automated Verification Lecture 10: Nested Depth First Search, Counter- Example Generation Revisited, Bit-State Hashing, On-The-Fly Model Checking.

CS 267: Automated Verification Lecture 10: Nested Depth First Search, Counter- Example Generation Revisited, Bit-State Hashing, On-The-Fly Model Checking.
Compatibility between shared variable valuations in timed automaton network model- checking Zhao Jianhua, Zhou Xiuyi, Li Xuandong, Zheng Guoliang Presented.

Compatibility between shared variable valuations in timed automaton network model- checking Zhao Jianhua, Zhou Xiuyi, Li Xuandong, Zheng Guoliang Presented.

Similar presentations

Ads by Google