模型检测在软件测试中的应用研究

以测试为基础的模型或规格是产生测试用例的一种很有潜力技术。在这种方法中,先要建立一个系统的规格或模型,再由规格或模型产生测试用例。文章对结合模型检测来进行测试的方法进行了研究,从整体上对测试进行考虑,不仅包含了对系统所希望具有的功能进行测试,还包括了对系统不应具有的功能进行测试。通过这种方法,我们可以进一步保证系统的正确性和可靠,大大降低人力和资源的开销,为进一步优化测试奠定了基础。     

基于组件的嵌入式软件开发中的几个关键问题

针对嵌入式系统的实际特性,着重从系统的角度提出构造一个嵌入式应用程序的开发架构,也可以称为开发框架.该开发架构是以基于组件的方法来开发嵌入式应用程序的,其主要研究系统结构规约、系统行为规约、组件配置和执行、程序产生和系统配置等几个关键问题.研究的结果将指导一个分布嵌入式应用程序开发框架的构造.     

A method to test concurrent systems using architectural specification

In this paper, we discuss a testing method for integration testing of complex and concurrent systems. Integration testing is considered the least well understood and hence is the most problematic level of testing related to concurrent system development. This is so, because integration testing is not completely unit (or code) neither testing nor it is completely system testing. To achieve this goal of improving integration testing, our proposed method exploits architectural specification of concurrent and distributed systems defined in the high level Petri nets, known as Hierarchical Predicate Transition Nets (HPrTNs). More specifically, our testing method implements the separation of concerns strategy to handle both the essential complexity associated with the front-end software development of inherently concurrent and distributed systems, i.e. architectural specification, and the difficulty and cost associated with the back-end development of these systems, namely, software testing.

Use case maps as architectural entities for complex systems

The paper presents a novel, scenario based notation called Use Case Maps (UCMs) for describing, in a high level way, how the organizational structure of a complex system and the emergent behavior of the system are intertwined. The notation is not a behavior specification technique in the ordinary sense, but a notation for helping a person to visualize, think about, and explain the big picture. UCMs are presented as “architectural entities” that help a person stand back from the details during all phases of system development. The notation has been thoroughly exercised on systems of industrial scale and complexity and the distilled essence of what has been found to work in practice is summarized. Examples are presented that confront difficult complex system issues directly: decentralized control, concurrency, failure, diversity, elusiveness and fluidity of runtime views of software, self modification of system makeup, difficulty of seeing large scale units of emergent behavior cutting across systems as coherent entities (and of seeing how such entities arise from the collective efforts of components), and large scale     

Analysing the effectiveness of rule-coverage as a reduction criterion for test suites of grammar-based software

The term grammar-based software describes software whose input can be specified by a context-free grammar. This grammar may occur explicitly in the software, in the form of an input specification to a parser generator, or implicitly, in the form of a hand-written parser. Grammar-based software includes not only programming language compilers, but also tools for program analysis, reverse engineering, software metrics and documentation generation. Hence, ensuring their completeness and correctness is a vital prerequisite for their use. In this paper we propose a strategy for the construction of test suites for grammar based software, and illustrate this strategy using the ISO C^+ + grammar. We use the concept of grammar-rule coverage as a pivot for the reduction of an implementation-based test suite, and demonstrate a significant decrease in the size of this suite. The effectiveness of this reduced test suite is compared to the original test suite with respect to code coverage and more importantly, fault detection. This work greatly expands upon previous work in this area and utilises large scale mutation testing to compare the effectiveness of grammar-rule coverage to that of statement coverage as a reduction criterion for test suites of grammar-based software. This work finds that when grammar rule coverage is used as the sole criterion for reducing test suites of grammar based software, the fault detection capability of that reduced test suite is greatly diminished when compared to other coverage criteria such as statement coverage.

Prototyping realistic programming languages based on formal specifications

The specification of realistic programming languages is difficult and expensive. One approach to make language specification more attractive is the development of techniques and systems for the generation of language–specific software from specifications. To contribute to this approach, a tool–based framework with the following features is presented: It supports new techniques to specify more language aspects in a static fashion. This improves the efficiency of generated software. It provides powerful interfaces to generated software components. This facilitates the use of these components as parts of language–specific software. It has a rather simple formal semantics. In the framework, static semantics is defined by a very general attribution technique enabling e.g. the specification of flow graphs. The dynamic semantics is defined by evolving algebra rules, a technique that has been successfully applied to realistic programming languages. After providing the formal background of the framework, an object–oriented programming language is specified to illustrate the central specification features. In particular, it is shown how parallelism can be handled. The relationship to attribute grammar extensions is discussed using a non-trivial compiler problem. Finally, the paper describes new techniques for implementing the framework and reports on experiences made so far with the implemented system. Received: 20 November 1995 / 20 January 1997     

Deployment and dynamic reconfiguration planning for distributed software systems

The quality of software systems are determined in part by their optimal configurations. Optimal configurations are desired when the software is being deployed and during its lifetime. However, initial deployment and subsequent dynamic reconfiguration of a software system is difficult because of the interplay of many interdependent factors, including cost, time, application state, and system resources. As the size and complexity of software systems increases, procedures (manual or automated) that assume a static software architecture and environment are becoming untenable. We have developed a novel technique for carrying out the deployment and reconfiguration planning processes that leverages recent advances in the field of temporal planning. We describe a tool called Planit, which manages the deployment and reconfiguration of a software system utilizing a temporal planner. Given a model of the structure of a software system, the network upon which the system should be hosted, and a goal configuration, Planit will use the temporal planner to devise possible deployments of the system. Given information about changes in the state of the system, network and a revised goal, Planit will use the temporal planner to devise possible reconfigurations of the system. We present the results of a case study in which Planit is applied to a system consisting of various components that communicate across an application-level overlay network. An earlier version of this paper was presented at ICTAI’03.

---

软件工程CASE工具——RSL/RSA

软件的发展经历了若干阶段,到今天已进入了软件工程时代,软件工程将系统开发分为几个阶段,其中需求定义与分析阶段的技术和方法已成为软件工程时代所要解决的主要课题之一。需求分析的关键技术是需求定义与分析的质量问题,“需求规格说明语言/需求规格说明分析系统”(RSL/RSA)是一种以规格说明为核心,以需求规格说明数据库为基础的计算机辅助需求分析系统,本文从软件工程的角度,提出了需求分析的关键技术、集 成化的软件工具包的概念和RSL/RSA系统的设计目标,同时介绍了计算机辅助需求工程工具RSI/RSA系统的功能、结     

Automatic maintenance of association invariants

Many approaches to software specification and design make use of invariants: constraints whose truth is preserved under operations on a system or component. Object modelling involves the definition of association invariants: constraints upon the sets of links corresponding to particular associations, most often concerning type, multiplicity, or symmetry. This paper shows how the definitions of operations may be extended to take account of association invariants, so that they may be properly considered when the operations are implemented. It introduces a formal, object-based modelling notation in which the process of extension and implementation, and thus the maintenance of association invariants, can be automated, making it easier to produce correct implementations of an object-oriented design.

Integral: Petri-net approach to distributed software development

As the architecture of modern software systems continues to evolve in a distributed fashion, the development of such systems becomes increasingly complex, which requires the integration of more sophisticated specification techniques, tools, and procedures into the conventional methodology. An essential capability of an integrated software development environment is a formal specification method to capture effectively the system's functional requirements as well as its performance requirements. A validation and verification (V&V) system based on a formal specification method is of paramount importance to the development and maintenance of distributed systems.

There has been recent interest in integrating software techniques and tools at the specification level. It is also noted that an effective way of achieving such integration is by using wide-spectrum specification techniques. In view of these points, an integrated V&V system, called Integral, is presented that provides comprehensive and homogeneous analysis capabilities to both specification and testing phases of the life-cycle of distributed software systems. The underlying software model that supports various V&V activities in Integral is primarily based on Petri nets and is intended to be wide spectrum. The ultimate goal of this research is to demonstrate to the software industry, domestic or foreign, the availability and applicability of a new Petri-net-based software development paradigm. Integral is a prototype V&V system to support such a paradigm.     

Generating online test oracles from temporal logic specifications

This paper is concerned with the problem of checking, by means of testing, that a software component satisfies a specification of temporal safety properties. Checking that an actual observed behavior conforms to the specification is performed by a test oracle, which can be either a human tester or a software module. We present a technique for automatically generating test oracles from specifications of temporal safety properties in a metric temporal logic. The logic can express quantitative timing properties, and can also express properties of data values by means of a quantification construct. The generated oracle works online in the sense that checking is performed simultaneously with observation. The technique has been implemented and used in case studies at Volvo Technical Development Corporation .     

Software specification using the special language

This paper presents a tutorial overview of special, a formal specification and assertion language created by SRI International as part of their hierarchical design methodology. The language is based on a formal model of system behavior and is supported by language processors that assist in the interactive development of specifications. special is a strongly typed language that models data and programs as abstract resources known as objects. Collections of modules known as abstract machines are the major building blocks of a software specification in special. The technical foundations of special and the components of a special specification are described. A sample specification is detailed in an appendix.     

Testing software without requirements: using development artifacts to develop test cases

SourceForge, the world’s largest development and download repository of open-source code and applications, hosts more than 114,500 projects with 1.3 million registered users at this writing. These applications are downloaded and used by millions across the globe. However, there is little evidence that any of these applications have been tested against a set of rigorous requirements and indeed, for most of these applications, it is likely that no requirements specification exists. How then, can one test this software? In this work an approach is presented to create a set of behavioral requirements to be used to develop test cases. These behavioral requirements were developed for a small number of projects derived from SourceForge using artifacts such as help files and software trails such as open and closed bug reports. These artifacts highlight implemented product features as well as expected behavior, which form the basis for what we term behavioral requirements. The behavioral requirements were then used to create test cases, which were exercised against the software. The contribution of this work is to demonstrate a viable technique for testing software when traditional requirements are unavailable or incomplete.     

Systematic incremental validation of reactive systems via sound scenario generalization

Validating the specification of a reactive system, such as a telephone switching system, traffic controller, or automated network service, is difficult, primarily because it is extremely hard even tostate a set of complete and correct requirements, let alone toprove that a specification satisfies them. In the ISAT project[10], end-user requirements are stated as concrete behavior scenarios, and a multi-functional apprentice system aids the human developer in acquiring and maintaining a specification consistent with the scenarios. ISAT's Validation Assistant (isat-va) embodies a novel, systematic, and incremental approach to validation based on the novel technique ofsound scenario generalization, which automatically states and proves validation lemmas. This technique enablesisat-va to organize the validity proof around a novel knowledge structure, thelibrary of generalized fragments, and provides automated progress tracking and semi-automated help in increasing proof coverage. The approach combines the advantages of software testing and automated theorem proving of formal requirements, avoiding most of their shortcomings, while providing unique advantages of its own.