Download presentation
Presentation is loading. Please wait.
Published byJordan Chambers Modified over 9 years ago
1
VerTeCS Verification models and techniques applied to the Testing and Control of reactive Systems Thierry Jéron IRISA/INRIA Rennes, France http://www.irisa.fr/vertecs Team : 4 Inria researchers, 1 Post Doc, 4 PhD, 1 Engineer T Ve C r e s
2
Main research activities Verification of finite/infinite state systems Controller synthesis for Discrete Event Systems Model-based test generation Model-based fault diagnosis
3
Verification M P Model M ⊨ P ? Y/N (witnesses/diagnostic) Prop Model-checking Abstract Interpretation Theorem proving
4
Controler synthesis for DES P M x C M c uc Controler synthesis Prop Build C s.t. M x C ⊨ P Model
5
Testing Vis(IUT) fail Vis(M) TC !otherwise Test generation ioco ? Build TC s.t. TC sound / M & ioco TS={TC} is exhaustive Impossible in practice ⇒ selection IUT Model TC || IUT ioco S STraces(IUT) ⋂ STraces(S). ! Straces(S)
6
Main research activities in test generation Enumerative on-the-fly techniques → TGV off-line selection of behaviors of vis(M) accepted by TP based on reachability & co-reachability analysis Symbolic test generation techniques → STG off-line selection by symbolic transformations and approximated analysis ∼ slicing of M wrt TD execution : on-line constraint solving Methodological combination of V & T: “test on IUT what you tried to verify on M” (Vlad’s talk) M ⊨ P ? TC that detects ⌝( I ioco S) and/or I ⊭ P ? For enumerative and symbolic techniques
7
Test selection by test purpose fail Vis(M) ! TP Acc coreach(Acc) TC Vis(M) x TP inconc Pass ! !otherwise Coreach(Acc) not computable for (infinite) models with data ⇒ over-approximation needed
8
Test selection by approximate analysis Wait Acc * ⌝ (p=2 ∧ x≥3) !ok(p) Sink * p=2 ∧ x≥3 !ok(p) !err(p) * Idle Ry Rx Cmp End ?start x≥0 ?a(p) y:=p ?a(p) x:=p !end p=y-x ∧ -2≤p≤2 !ok(p) x<0 ∧ p=x !err(p) y<0 ∧ p=y !err(p) p=y-x ∧ ⌝( -2≤p≤2) !nok(p) M TP Idle Wait Ry Wait Rx Wait Cmp Wait End Wait ?start x≥0 ?a(p) y:=p ?a(p) x:=p !end p=2 ∧ x≥3 ∧ p=y-x ∧ -2≤p≤2 !ok(p) x<0 ∧ p=x !err(p) y<0 ∧ p=y !err(p) p=y-x ∧ ⌝( -2≤p≤2) !nok(p) Pass - Sink ⌝ (p=2 ∧ x≥3) -2≤p≤2; !ok(p) Syntactical product M x TP
9
Test selection by approximate analysis Idle Wait Ry Wait Rx Wait Cmp Wait End Wait ?start x≥0 ?a(p) y:=p ?a(p) x:=p !end p=2 ∧ x≥3 ∧ p=y-x ∧ -2≤p≤2; !ok(p) x<0 ∧ p=x !err(p) y<0 ∧ p=y !err(p) p=y-x ∧ ⌝( -2≤p≤2) !nok(p) Rx Acc - Sink ⌝ (p=2 ∧ x≥3) ∧ p=y-x ∧ -2≤p≤2; !ok(p) M x TP ⊤ ⊥ ⊤ ⊥ x≥3 y-x=2 ∧ x≥3 Idle Wait Ry Wait Rx Wait Cmp Wait End Wait ?start p=x+2; ?a(p) y:=p p≥3 ?a(p) x:=p !end p=2 ∧ x≥3 ∧ p=y-x ∧ -2≤p≤2; !ok(p) x<0 ∧ p=x !err(p) y<0 ∧ p=x !err(p) p=y-x ∧ ⌝( -2≤p≤2) ! nok(p) Pass - Sink ⌝ (p=2 ∧ x≥3) ∧ p=y-x -2≤p≤2; !ok(p) reach (Acc) computed by NBAC → simplification !otherwise fail coreach (Acc) computed by NBAC → guard strengthening p=2 !ok(p) inconc ⊤ ⊤ x≥3 x≥3 ∧ y-x=2 ⊤ ⊥ TC x≥3 ∧ y-x=2 ⊤ Test execution against IUT: check output / choose input values by on-line constraint solving
10
Perspectives linked with Artist Extension of symbolic techniques to symbolic timed models Testing of security policies: formalization of conformance, generation of attacks (Potestat French project with LSR, Verimag) Tools extensions
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.