8,589 research outputs found
Software Requirements As Executable Code
This project analyzed the effectiveness of using Story Testing frameworks to create an application directly from user specifications. It did this by taking an example business application with traditional specifications and rewriting those specifications in three different Story Testing Frameworks - Cucumber, FitNesse, and JBehave. Analysis of results drew the following conclusions: 1) Story Testing can help prove a project\u27s completeness, 2) Specifications are still too technical, 3) Implementation is not overly complex, and 4) Story Testing is worth it. It proposed future research around evaluating natural languages and seeking more user-friendly ways of writing specifications in a natural language
Uncovering Bugs in Distributed Storage Systems during Testing (not in Production!)
Testing distributed systems is challenging due to multiple sources of nondeterminism. Conventional testing techniques, such as unit, integration and stress testing, are ineffective in preventing serious but subtle bugs from reaching production. Formal techniques, such as TLA+, can only verify high-level specifications of systems at the level of logic-based models, and fall short of checking the actual executable code. In this paper, we present a new methodology for testing distributed systems. Our approach applies advanced systematic testing techniques to thoroughly check that the executable code adheres to its high-level specifications, which significantly improves coverage of important system behaviors. Our methodology has been applied to three distributed storage systems in the Microsoft Azure cloud computing platform. In the process, numerous bugs were identified, reproduced, confirmed and fixed. These bugs required a subtle combination of concurrency and failures, making them extremely difficult to find with conventional testing techniques. An important advantage of our approach is that a bug is uncovered in a small setting and witnessed by a full system trace, which dramatically increases the productivity of debugging
From Formal Methods to Executable Code
Note: the cover page of this report shows an incorrect title. The title given on the first page of the document itself is correct.The objective of this work is the derivation of software that is verifiably correct. Our approach is to abstract system specifications and model these in a formal framework called Timed Input/Output Automata, which provides a notation for expressing distributed systems and mathematical support for reasoning about their properties. Although formal reasoning is easier at an abstract level, it is not clear how to transform these abstractions into executable code. During system implementation, when an abstract system specification is left up to human interpretation, then this opens a possibility of undesirable behaviors being introduced into the final code, thereby nullifying all formal efforts. This manuscript addresses this issue and presents a set of transformation methods for systems described as a network to timed automata into Java code for distributed platforms. We prove that the presented transformation methods preserve guarantees of the source specifications, and therefore, result in code that is correct by construction
Proving soundness of combinatorial Vickrey auctions and generating verified executable code
Using mechanised reasoning we prove that combinatorial Vickrey auctions are
soundly specified in that they associate a unique outcome (allocation and
transfers) to any valid input (bids). Having done so, we auto-generate verified
executable code from the formally defined auction. This removes a source of
error in implementing the auction design. We intend to use formal methods to
verify new auction designs. Here, our contribution is to introduce and
demonstrate the use of formal methods for auction verification in the familiar
setting of a well-known auction
Data optimizations for constraint automata
Constraint automata (CA) constitute a coordination model based on finite
automata on infinite words. Originally introduced for modeling of coordinators,
an interesting new application of CAs is implementing coordinators (i.e.,
compiling CAs into executable code). Such an approach guarantees
correctness-by-construction and can even yield code that outperforms
hand-crafted code. The extent to which these two potential advantages
materialize depends on the smartness of CA-compilers and the existence of
proofs of their correctness.
Every transition in a CA is labeled by a "data constraint" that specifies an
atomic data-flow between coordinated processes as a first-order formula. At
run-time, compiler-generated code must handle data constraints as efficiently
as possible. In this paper, we present, and prove the correctness of two
optimization techniques for CA-compilers related to handling of data
constraints: a reduction to eliminate redundant variables and a translation
from (declarative) data constraints to (imperative) data commands expressed in
a small sequential language. Through experiments, we show that these
optimization techniques can have a positive impact on performance of generated
executable code
Static analysis of SEU effects on software applications
Control flow errors have been widely addressed in literature as a possible threat to the dependability of computer systems, and many clever techniques have been proposed to detect and tolerate them. Nevertheless, it has never been discussed if the overheads introduced by many of these techniques are justified by a reasonable probability of incurring control flow errors. This paper presents a static executable code analysis methodology able to compute, depending on the target microprocessor platform, the upper-bound probability that a given application incurs in a control flow error
Toward Sequentializing Overparallelized Protocol Code
In our ongoing work, we use constraint automata to compile protocol
specifications expressed as Reo connectors into efficient executable code,
e.g., in C. We have by now studied this automata based compilation approach
rather well, and have devised effective solutions to some of its problems.
Because our approach is based on constraint automata, the approach, its
problems, and our solutions are in fact useful and relevant well beyond the
specific case of compiling Reo. In this short paper, we identify and analyze
two such rather unexpected problems.Comment: In Proceedings ICE 2014, arXiv:1410.701
- …