共查询到20条相似文献,搜索用时 62 毫秒
1.
We study the testing and certification of UML and OCL models as supported by the validation tool USE. We extend the available
USE features by introducing a language for defining properties of desired snapshots and by showing how such snapshots are
generated. Within the approach, it is possible to treat test cases and validation cases. Test cases show that snapshots having
desired properties can be constructed. Validation cases show that given properties are consequences of the original UML and
OCL model. 相似文献
2.
This paper describes the Mondex case study with UML class diagrams and restricting OCL constraints. The constraints have been
formulated either as OCL class invariants or as OCL pre- and postconditions. The proposed two models include UML class diagrams
and OCL constraints which have been checked by the UML and OCL tool USE (UML-based Specification Environment). USE allows
validation of a model by testing it with scenarios. The Mondex case study has been validated by positive and negative test
cases. The test cases allow the validity of the various constraints to be traced and checked. Validation results are presented
as textual protocols or as UML sequence diagrams where starting, intermediate, and resulting system states are represented
by UML object diagrams. UML sequence diagrams, UML object diagrams, and textual protocols are shown with varying degrees of
detail for the attributes, constraints, and executed commands.
J. C. P. Woodcock 相似文献
3.
Most Unified Modeling Language (UML) computer-aided software engineering tools have been insufficient in the development process because they provide little support for conceptual model testing. Model testing aims to ensure the correctness of a UML/OCL class diagram, or, in other words, that a given class diagram can perfectly meet the user’s requirements. This study proposes the validation of class diagrams with black-box testing, a technique used to test software without focusing on the software’s implementation or structure. An approach is proposed for the automatic transformation of the constraints of a UML/OCL class diagram into test cases. Following the creation of the test cases, they are executed with JUnit and the results produced are shown to the tester. To demonstrate the applicability of this approach, an effectiveness evaluation and an efficiency evaluation are performed here. Evaluation studies show that all faults included in a class diagram have been detected within an efficient time. 相似文献
4.
Bruce Russell 《Acta Informatica》1977,8(2):113-123
Summary A class of continuation models and a class of stack models for defining the semantics of programming languages are specified. A transformation is given that maps any continuation model into an equivalent stack model, and the equivalence is proved. The transformation is illustrated for an example language which includes gotos and recursive procedures. 相似文献
5.
QVT Relations (QVT-R) is the standard language proposed by the OMG to specify bidirectional model transformations. Unfortunately, in part due to ambiguities and omissions in the original semantics, acceptance and development of effective tool support have been slow. Recently, the checking semantics of QVT-R has been clarified and formalized. In this article, we propose a QVT-R tool that complies to such semantics. Unlike any other existing tool, it also supports meta-models enriched with OCL constraints (thus avoiding returning ill-formed models) and proposes an alternative enforcement semantics that works according to the simple and predictable “principle of least change.” The implementation is based on an embedding of both QVT-R transformations and UML class diagrams (annotated with OCL) in Alloy, a lightweight formal specification language with support for automatic model finding via SAT solving. We also show how this technique can be applied to bidirectionalize ATL, a popular (but unidirectional) model transformation language. 相似文献
6.
Bentley James Oakes Javier Troya Levi Lúcio Manuel Wimmer 《Software and Systems Modeling》2018,17(3):815-849
The Atlas Transformation Language (ATL) is currently one of the most used model transformation languages and has become a de facto standard in model-driven engineering for implementing model transformations. At the same time, it is understood by the community that enhancing methods for exhaustively verifying such transformations allows for a more widespread adoption of model-driven engineering in industry. A variety of proposals for the verification of ATL transformations have arisen in the past few years. However, the majority of these techniques are either based on non-exhaustive testing or on proof methods that require human assistance and/or are not complete. In this paper, we describe our method for statically verifying the declarative subset of ATL model transformations. This verification is performed by translating the transformation (including features like filters, OCL expressions, and lazy rules) into our model transformation language DSLTrans. As we handle only the declarative portion of ATL, and DSLTrans is Turing-incomplete, this reduction in expressivity allows us to use a symbolic-execution approach to generate representations of all possible input models to the transformation. We then verify pre-/post-condition contracts on these representations, which in turn verifies the transformation itself. The technique we present in this paper is exhaustive for the subset of declarative ATL model transformations. This means that if the prover indicates a contract holds on a transformation, then the contract’s pre-/post-condition pair will be true for any input model for that transformation. We demonstrate and explore the applicability of our technique by studying several relatively large and complex ATL model transformations, including a model transformation developed in collaboration with our industrial partner. As well, we present our ‘slicing’ technique. This technique selects only those rules in the DSLTrans transformation needed for contract proof, thereby reducing proving time. 相似文献
7.
Testing model transformations poses several challenges, among them the automatic generation of appropriate input test models and the specification of oracle functions. Most approaches for the generation of input models ensure a certain coverage of the source meta-model or the transformation implementation code, whereas oracle functions are frequently defined using query or graph languages. However, these two tasks are usually performed independently regardless of their common purpose, and sometimes, there is a gap between the properties exhibited by the generated input models and those considered by the transformations. Recently, we proposed a formal specification language for the declarative formulation of transformation properties (by means of invariants, pre-, and postconditions) from which we generated partial oracle functions used for transformation testing. Here, we extend the usage of our specification language for the automated generation of input test models by SAT solving. The testing process becomes more intentional because the generated models ensure a certain coverage of the transformation requirements. Moreover, we use the same specification to consistently derive both the input test models and the oracle functions. A set of experiments is presented, aimed at measuring the efficacy of our technique. 相似文献
8.
An examination of the structure of fault-tolerant systems incorporating backward error recovery indicates a partitioning into two broad classes. Two canonical models, each representing a particular class of systems, have been constructed. The first model incorporates objects and actions as the entities for program construction whereas the second model employs communicating processes and conversations. Applications in areas such as office information and banking systems are typically described and built in terms of the first model whereas applications in the area of process control are usually described and built in terms of the second model. The paper claims that the two models are duals of each other and presents arguments and examples to substantiate this claim. It will be shown that the techniques that have been developed within the context of one model turn out to have interesting and hitherto unexplored duals in the other model. 相似文献
9.
针对航天软件高可靠性的特点,构建一种输入与输出模型测试方案,提出基于覆盖测试算法的测试方法,测试覆盖算法主要包含三种功能测试方法和三种结构测试方法。功能测试主要使用基于边界的方法、定义等价类、使用决策表分析三种方法。结构测试主要使用基于路径的测试、数据流测试、片测试三种方法。实例验证,该方法清晰明了、便于发现航天软件缺陷、降低航天软件开发风险与代价以及保证航天软件质量。 相似文献
10.
R. I. Podlovchenko 《Programming and Computer Software》2014,40(3):107-116
For a particular two-parameter algebraic program model, two fundamental problems are solved: the recognition of the equivalence of program schemas in this model and the construction of a complete system of equivalent transformations (ETs) of program schemas in the model. The solution is performed by methods developed for one-parameter algebraic program models. This summarizes previous studies of this model. An important functional feature of the model is revealed: the existence of several canonical forms for the representation of schemas in their equivalence class. 相似文献
11.
在软件测试研究领域,测试用例约简一直以来都是研究的重点,目前的一些研究利用测试需求之间复杂的相互关系得到约简的测试需求集,在此基础上可以优化对应的测试用例集,但单个测试需求所对应的测试用例集可能是一个密度分布且数量较大的集合.对单个测试需求所对应的测试用例集合进行合理优化约简,本文在这个方面做了深入的研究和探索,提出了两种基于黑盒测试的类等价划分和类边界值分析策略.基于DBSCAN算法提出了科学合理的参数取值方法,提高了算法的适应问题程度和效率,结合优化的算法和两种策略从而得到优化约简的测试用例集. 相似文献
12.
13.
Nicoleta Bîlaˇ 《Journal of Symbolic Computation》2011,46(6):659-671
A new efficient method for finding generalized equivalence transformations for a class of differential equation systems via its related extended classical symmetries is presented. This technique can be further adapted to find the equivalence transformations for the mathematical model. It applies to classes of differential systems whose arbitrary functions involve all equations’ independent variables. As a consequence, any symbolic manipulation program designed to find classical Lie symmetries can also be used to determine generalized equivalence transformations and equivalence transformations, respectively, without any modification of the program. The method has been implemented as the maple routine gendefget and is based on the maple package desolv(by Carminati and Vu). The nonlinear stationary heat conduction parameter identification problem is considered as an example. 相似文献
14.
Roberts S.J. Holmes C. Denison D. 《IEEE transactions on pattern analysis and machine intelligence》2001,23(8):909-914
Problems in data analysis often require the unsupervised partitioning of a data set into classes. Several methods exist for such partitioning but many have the weakness of being formulated via strict parametric models (e.g., each class is modeled by a single Gaussian) or being computationally intensive in high-dimensional data spaces. We reconsider the notion of such cluster analysis in information-theoretic terms and show that an efficient partitioning may be given via a minimization of partition entropy. A reversible-jump sampling is introduced to explore the variable-dimension space of partition models 相似文献
15.
现代安全关键性系统的软件规模和复杂性的快速增长给这类安全关键性软件系统的开发带来了很多挑战。传统文本文档的需求描述方法无法保证此类系统的开发进度和系统可靠性要求。为此文中提出了一种兼具可读性和可自动分析的形式化表格需求建模方法。文中介绍了一种针对这种表格模型测试用例的自动生成方法,工作包括对该形式化需求表格模型展开语义分析,建立需求模型的控制树结构,得到其测试等价类;为了减少不必要的测试,定义了不同安全级别的软件需求模型的测试覆盖标准,并针对不同覆盖率准则分别给出基于控制树结构的测试路径约束选择方法;对于每条路径约束测试等价类,提出了基于域错误的测试用例选择方法,能够自动生成所需的检测域错误的测试用例集。最后,通过一个需求模型实例展示了所提方法的有效性。 相似文献
16.
Bernhard Westfechtel 《Software and Systems Modeling》2018,17(3):989-1029
QVT Relations (QVT-R), a standard issued by the Object Management Group, is a language for the declarative specification of model transformations. This paper focuses on a particularly interesting feature of QVT-R: the declarative specification of bidirectional transformations. Rather than writing two unidirectional transformations separately, a transformation developer may provide a single relational specification which may be executed in both directions. This approach saves specification effort and ensures the consistency of forward and backward transformations. This paper explores QVT-R’s support for bidirectional model transformations through a spectrum of transformation cases. The transformation cases vary with respect to several factors such as the size of the transformation definition or the relationships between the metamodels for source and target models. The cases are solved in QVT-R, but may be applied to other bidirectional transformation languages, as well; thus, they may be used as a benchmark for comparing bidirectional transformation languages. In our work, we focus on the following research questions: functionality of bidirectional transformations in terms of relations between source and target models, solvability (which problems may be solved by a single relational specification of a bidirectional transformation), variability (does a bidirectional transformation contain varying elements, i.e., elements being specific to one direction), comprehensibility (referring to the ease of understanding and constructing QVT-R transformations), and the semantic soundness of bidirectional transformations written in QVT-R. 相似文献
17.
Beat Michel 《Science of Computer Programming》1988,10(3):247-280
Motivated by the structure clash problem, this study examines certain formal transformations of data and program structures and relates them to the structure clash problem. It defines a division and a decomposition transformation of program and data structures with respect to one of its structure blocks. The latter allows a formal derivation of a new structure where this block appears at the beginning. The transformation is intuitively introduced for program and data structures. At the same time, it is mathematically treated in terms of regular algebra and is shown to be reflexive, symmetric and transitive. Thus, equivalence classes of regular expressions that are decompositions of each other may be defined. A formal realization of these is constructed as a type of circuitless graph. 相似文献
18.
Perdita Stevens 《Software and Systems Modeling》2013,12(1):175-199
The QVT Relations (QVT-R) transformation language allows the definition of bidirectional model transformations, which are required in cases where two (or more) models must be kept consistent in the face of changes to either or both. A QVT-R transformation can be used either in checkonly mode, to determine whether a target model is consistent with a given source model, or in enforce mode, to change the target model. A precise understanding of checkonly mode transformations is prerequisite to a precise understanding of enforce mode transformations, and this is the focus of this paper. In order to give semantics to checkonly QVT-R transformations, we need to consider the overall structure of the transformation as given by when and where clauses, and the role of trace classes. In the standard, the semantics of QVT-R are given both directly, and by means of a translation to QVT Core, a language which is intended to be simpler. In this paper, we argue that there are irreconcilable differences between the intended semantics of QVT-R and those of QVT Core, so that no translation from QVT-R to QVT Core can be semantics-preserving, and hence no such translation can be helpful in defining the semantics of QVT-R. Treating QVT-R directly, we propose a simple game-theoretic semantics. We demonstrate its behaviour on examples and show how it can be used to prove an example result comparing two QVT-R transformations. We demonstrate that consistent models may not possess a single trace model whose objects can be read as traceability links in either direction. We briefly discuss the effect of variations in the rules of the game, to elucidate some design choices available to the designers of the QVT-R language. 相似文献
19.
20.
The object constraint language (OCL) plays an important role in the elaboration of precise models. Although OCL was designed
to be both formal and simple, OCL specifications may be difficult to understand and evolve, particularly those containing
complex or duplicated expressions. In this paper, we discuss how refactoring techniques can be applied in order to improve
the understandability and maintainability of OCL specifications. In particular, we present several potentially bad constructions
often found in OCL specifications and a collection of refactorings that can be applied to replace such constructions by better
ones. We also briefly discuss how refactorings can be automated and how model regression testing can be used to increase our
confidence that the semantics of an OCL specification has been preserved after manually performed refactorings. 相似文献