TY - GEN
T1 - Model-Based Testing Directed by Structural Coverage and Functional Requirements
AU - Sun, Yanjun
AU - Memmi, Gerard
AU - Vignes, Sylvie
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2016/9/21
Y1 - 2016/9/21
N2 - Safety-critical systems verification is required to be developed under stringent standard and certification. Formal models are built as an abstraction of the system in upstream design phases. This article presents a new model-based testing process intended for verification of models with respect to functional requirements, as part of the "CONNEXION" French nuclear I and C methodology project. Based on the functional requirements of the system, a functional test suite is generated and executed on the model of the system. Then the structural coverage of the test suite is measured. Regardless of the coverage metrics, the unit of coverage measurement on the model is defined as a structural unit (SU). Assuming the existence of uncovered structural units, a reachability check on every SU is performed by model checking, to verify if this SU can be executed by any test. For reachable SU, the model checker generates test data to cover this SU and possibly others. These test data need to be combined with functional requirements to construct new test representing functionally realistic scenarios. Unreachable SU are recorded for further analysis since they can be suspected to be dead code or even a bug. The possibility that the model checker can stop its execution without providing an answer to the reachability check is also considered. The process is designed in particular for a system composed of sub-systems modeled in different languages, as one case study proposed in "CONNEXION". Application of our process to this case study is enabled by the unique modeling and verification tool box provided by partners of the project.
AB - Safety-critical systems verification is required to be developed under stringent standard and certification. Formal models are built as an abstraction of the system in upstream design phases. This article presents a new model-based testing process intended for verification of models with respect to functional requirements, as part of the "CONNEXION" French nuclear I and C methodology project. Based on the functional requirements of the system, a functional test suite is generated and executed on the model of the system. Then the structural coverage of the test suite is measured. Regardless of the coverage metrics, the unit of coverage measurement on the model is defined as a structural unit (SU). Assuming the existence of uncovered structural units, a reachability check on every SU is performed by model checking, to verify if this SU can be executed by any test. For reachable SU, the model checker generates test data to cover this SU and possibly others. These test data need to be combined with functional requirements to construct new test representing functionally realistic scenarios. Unreachable SU are recorded for further analysis since they can be suspected to be dead code or even a bug. The possibility that the model checker can stop its execution without providing an answer to the reachability check is also considered. The process is designed in particular for a system composed of sub-systems modeled in different languages, as one case study proposed in "CONNEXION". Application of our process to this case study is enabled by the unique modeling and verification tool box provided by partners of the project.
U2 - 10.1109/QRS-C.2016.43
DO - 10.1109/QRS-C.2016.43
M3 - Conference contribution
AN - SCOPUS:84991813357
T3 - Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016
SP - 284
EP - 291
BT - Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2nd IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016
Y2 - 1 August 2016 through 3 August 2016
ER -