Integrated Module Testing and Module Verification

In this dissertation an integrated approach to formal module verification by model checking and module testing is described. The main focus lays on the verification of C functions. Specification-based testing and functional verification require a formalized module specification. For this purpose an annotation language as an extension of a pre-/post-condition syntax is developed and discussed. This annotation language allows the definition of logical conditions relating the program s pre-state to its post-state after executing the module. For requirements tracking a test case specification is developed. The correctness conditions can be refined by the introduction of auxiliary variables. Besides the specification of the module under test, the presented annotation language allows to model the behavior of external functions called by the module under test. By the specification of pre- and post-conditions as well as test cases, test data generation for both structural and functional testing is reduced to a reachability problem (as known from bounded model checking) within the module s control flow graph. These reachability problems are investigated using symbolic execution. The strength of symbolic execution is in its precision and its ability to reason about multiple program inputs simultaneously, but it also has limitations like aliasing or external function calls. These in turn are analyzed and new algorithms are developed which overtake most of the detected limitations. The expansion and selection strategies for test case selection are developed and described. They allow to minimize the size of investigated states and the number of generated test cases, while achieving maximal branch coverage. The developed algorithms and strategies are implemented in the test generator CTGEN, which generates test data for C1 structural coverage and for functional coverage. It also supports automated stub generation where the data returned by a stub during test execution depends on the specification provided by the user. CTGEN is evaluated and compared with competing tools and produces competitive results

Towards model checking Android applications

As feature-rich Android applications (apps for short) are increasingly popularized in security-sensitive scenarios, methods to verify their security properties are highly desirable. Existing approaches on verifying Android apps often have limited effectiveness. For instance, static analysis often suffers from a high false-positive rate, whereas approaches based on dynamic testing are limited in coverage. In this work, we propose an alternative approach, which is to apply the software model checking technique to verify Android apps. We have built a general framework named DroidPF upon Java PathFinder (JPF), towards model checking Android apps. In the framework, we craft an executable mock-up Android OS which enables JPF to dynamically explore the concrete state spaces of the tested apps; we construct programs to generate user interaction and environmental input so as to drive the dynamic execution of the apps; and we introduce Android specific reduction techniques to help alleviate the state space explosion. DroidPF focuses on common security vulnerabilities in Android apps including sensitive data leakage involving a non-trivial flow- and context-sensitive taint-style analysis. DroidPF has been evaluated with 131 apps, which include real-world apps, third-party libraries, malware samples and benchmarks for evaluating app analysis techniques like ours. DroidPF precisely identifies nearly all of the previously known security issues and nine previously unreported vulnerabilities/bugs.NRF (Natl Research Foundation, S’pore

Implementasi Kontrol Model Prediksi Berbasis ANFIS Pada Mesin Penghasil Uap Air

Steam generator has problem such as dependent variable on the output parameters, therefore it is needed a way to get system behavior of steam generator which is represented by model of the plant. Implementation of the model predictive control in this research was represented by using simulation, so the object that was controlled was virtual steam generator. In this research was used MATLAB software as a virtual steam generator and also for computes ANFIS, whereas the LabVIEW software was used as a representation of control room.From the research, it was found the best parameters for each ANFIS that was used as a model unit in the model predictive control, that was by using historical data 4th as much as 800 datas, the percentage ratio of learning for training data and checking data on each ANFIS for each model structures sequentially by 90% and 10%, except the percentage ratio for ANFIS on water flow parameter sequentially by 80% and 20%. The results of validation RMSE (Root Mean Square Error) by testing for 100 datas, it was obtained values as follows: water flow=1.9941, water pressure=48.0236, air flow=604.0621, fuel gas pressure=0.7087, fuel gas temperature=18.6594, O2 content=0.9591, steam pressure=76.1557, steam quality=3.9734 and steam flow=264.9173