Using formal methods to support testing

Formal methods and testing are two important approaches that assist in the development of high quality software. While traditionally these approaches have been seen as rivals, in recent years a new consensus has developed in which they are seen as complementary. This article reviews the state of the art regarding ways in which the presence of a formal specification can be used to assist testing

Slicing approach to specification for testability in LOTOS

Ankara : Department of Computer Engineering and Information Science and Institute of Engineering and Science, Bilkent Univ., 1993.Thesis (Master's) -- Bilkent University, 1993.Includes bibliographical references leaves 119-123With the recent increase in the use of formal methods in specification of communication protocols, there is a need to base the conformance testing of protocol implementations on formal specifications. This brings in the problem of finding out special design issues to be used in the specification of such systems that facilitate test generation. This aspect is called Specification For Testability, and it is investigated in this study for the particular formal description technique LOTOS. Specification for testability is approached from the perspective of designing formal base protocol specifications, and then deriving functional specifications from base specifications in order to use in test generation. The method utilized for the derivation of functional specifications is Ccdled slicing. As inspired from previous work in software engineering, slices of protocol specifications are obtained systematically according to the hierarchically designed test suite structures, where each slice corresponds to a particular tunction of the protocol, and subsequent test generation is based on the obtained slices. The techni(|ues developed are demonstrated on the simple state-oriented specifications of INRES and ACSE protocols along with a real base specification of the OSI Transport Protocol written in the constraintoriented specification style. The results indicate that tests derived from functional specifications have some remarkable properties with respect to test case analysis and representation.Ateş, Ahmet FeyziM.S

A domain specific language for the automatic generation of parsers classes for text protocols

ABNF ist eine Sprache zur Definition einer formalen Syntax für technische Spezifikationen und wird häufig zur Beschreibung textueller Nachrichten von Internetprotokollen eingesetzt. Die Möglichkeiten der automatischen Generierung von Parser-Klassen aus ABNF-Spezifikationen sind derzeit sehr begrenzt, da ABNF lediglich die Transfersyntax und Produktionsregeln von Textnachrichten beschreibt. Die fehlende Definition von Variablennamen innerhalb einer ABNF-Spezifikation ermöglicht es nicht, sinnvollen und ausdrucksstarken Programmcode zu generieren, der von einem Programmierer verwendet werden kann. In diesem Artikel stellen wir X-ABNF vor, eine domänenspezifische Sprache (DSL) zur Definition von Variablennamen für ABNF-Regeln. Dies ermöglicht die Generierung von ausdrucksstarkem und lesbarem Programmcode aus ABNF-Spezifikationen. Des Weiteren zeigen wir, dass dieser Ansatz auch für Spracherweiterungen mithilfe von Makroprogrammierung genutzt werden kann. Dies ermöglicht die dynamische Instanziierung von ABNF-Textnachrichten im Programmcode. Wir verwenden Xtext und Xtend zur Implementierung der Sprachgrammatik von ABNF und XABNF, was eine gute Werkzeugunterstützung gewährleistet und Codegenerierung ermöglicht.ABNF is a language for the definition of the formal syntax of technical specifications and is widely used for the definition of textual protocol messages of many internet protocols. The automatic generation of parser classes for ABNF specifications is currently very limited, because ABNF only defines the transfer syntax of the text messages and does not define names for the set of production rules. The lack of name definitions within ABNF rules does not allow to automatically generate expressiveness and meaningful program code for ABNF specifications. In this paper we present X-ABNF, which is a domain-specific language (DSL) for the definition of name-bindings for ABNF rules. The name-bindings with X-ABNF facilitates to generate a concise and meaningful code for an ABNF specification. Additionally, we show that the name-binding can also be used for language extensions through macro programming to dynamically access ABNF encoded text data within source code. We have used Xtext and Xtend for the implementation of the language grammar of ABNF and X-ABNF, which provide good tool support and code generation capabilities

Modular session types for objects

Session types allow communication protocols to be specified type-theoretically so that protocol implementations can be verified by static type checking. We extend previous work on session types for distributed object-oriented languages in three ways. (1) We attach a session type to a class definition, to specify the possible sequences of method calls. (2) We allow a session type (protocol) implementation to be modularized, i.e. partitioned into separately-callable methods. (3) We treat session-typed communication channels as objects, integrating their session types with the session types of classes. The result is an elegant unification of communication channels and their session types, distributed object-oriented programming, and a form of typestate supporting non-uniform objects, i.e. objects that dynamically change the set of available methods. We define syntax, operational se-mantics, a sound type system, and a sound and complete type checking algorithm for a small distributed class-based object-oriented language with structural subtyping. Static typing guarantees that both sequences of messages on channels, and sequences of method calls on objects, conform to type-theoretic specifications, thus ensuring type-safety. The language includes expected features of session types, such as delegation, and expected features of object-oriented programming, such as encapsulation of local state.Comment: Logical Methods in Computer Science (LMCS), International Federation for Computational Logic, 201

Formal Firewall Conformance Testing: An Application of Test and Proof Techniques

Firewalls are an important means to secure critical ICT infrastructures. As configurable off-the-shelf prod\-ucts, the effectiveness of a firewall crucially depends on both the correctness of the implementation itself as well as the correct configuration. While testing the implementation can be done once by the manufacturer, the configuration needs to be tested for each application individually. This is particularly challenging as the configuration, implementing a firewall policy, is inherently complex, hard to understand, administrated by different stakeholders and thus difficult to validate. This paper presents a formal model of both stateless and stateful firewalls (packet filters), including NAT, to which a specification-based conformance test case gen\-eration approach is applied. Furthermore, a verified optimisation technique for this approach is presented: starting from a formal model for stateless firewalls, a collection of semantics-preserving policy transformation rules and an algorithm that optimizes the specification with respect of the number of test cases required for path coverage of the model are derived. We extend an existing approach that integrates verification and testing, that is, tests and proofs to support conformance testing of network policies. The presented approach is supported by a test framework that allows to test actual firewalls using the test cases generated on the basis of the formal model. Finally, a report on several larger case studies is presented

On conformance testing of systems communicating by Rendezvous

Thèse numérisée par la Direction des bibliothèques de l'Université de Montréal

Estelle-based test generation tool

A test design tool for functional analysis and test derivation of protocols formally specified using an extended finitestate machine model is presented. The formal description language supported is Estelle. The tool's main components include a compiler, a normalizer, a multiple module transition tour generator and several interactive programs. The tool is based on a static analysis of Estelle called normalization, which is explained in detail with various examples. The normalized specification facilitates graphical displays of the control and data flow in the specification by the interactive tools. Next discussed is test generation, which is based on verifying the control and data flow. First the data flow graph must be decomposed into blocks where each block represents the data flow in a protocol function. From the control graph the tool generates transition tours, and then test sequences are derived from the transition tour to test each function. The performance of the tool on various applications is also included. © 1991