Realizing live sequence charts in SystemVerilog.

The design of an embedded control system starts with an investigation of properties and behaviors of the process evolving within its environment, and an analysis of the requirement for its safety performance. In early stages, system requirements are often specified as scenarios of behavior using sequence charts for different use cases. This specification must be precise, intuitive and expressive enough to capture different aspects of embedded control systems. As a rather rich and useful extension to the classical message sequence charts, live sequence charts (LSC), which provide a rich collection of constructs for specifying both possible and mandatory behaviors, are very suitable for designing an embedded control system. However, it is not a trivial task to realize a high-level design model in executable program codes effectively and correctly. This paper tackles the challenging task by providing a mapping algorithm to automatically synthesize SystemVerilog programs from given LSC specifications

Semantic mutation testing

This is the Pre-print version of the Article. The official published version can be obtained from the link below - Copyright @ 2011 ElsevierMutation testing is a powerful and flexible test technique. Traditional mutation testing makes a small change to the syntax of a description (usually a program) in order to create a mutant. A test suite is considered to be good if it distinguishes between the original description and all of the (functionally non-equivalent) mutants. These mutants can be seen as representing potential small slips and thus mutation testing aims to produce a test suite that is good at finding such slips. It has also been argued that a test suite that finds such small changes is likely to find larger changes. This paper describes a new approach to mutation testing, called semantic mutation testing. Rather than mutate the description, semantic mutation testing mutates the semantics of the language in which the description is written. The mutations of the semantics of the language represent possible misunderstandings of the description language and thus capture a different class of faults. Since the likely misunderstandings are highly context dependent, this context should be used to determine which semantic mutants should be produced. The approach is illustrated through examples with statecharts and C code. The paper also describes a semantic mutation testing tool for C and the results of experiments that investigated the nature of some semantic mutation operators for C

Validation of reactive software from scenario-based models

This thesis proposal suggests a model-based approach to obtain, from a set of behavioural scenarios of a given reactive software system, a graphical animation for reproducing that set of scenarios for validation purposes. The approach assumes that the requirements of the system are described by a use case diagram, being the behaviour of each use case detailed by a collection of scenario descriptions. These use cases and scenarios are transformed into a Coloured Petri Net (CPN) model, which is next complemented with animation-specific elements. By executing the CPN model, it is possible to animate the scenarios in a user-friendly way and thus ensuring an effective involvement of the users in the system’s validation. The CPN model is enforced to be (1) parametric, allowing an easy modification of the initial conditions of the scenarios, (2) environment-descriptive, meaning that it includes the state of the relevant elements of the environment, and (3) animation-separated, implying that the elements related to animation are clearly separated from the other ones. We validate our approach based on its application to two examples of reactive systems

Transformation of UML Behavioral Diagrams to Support Software Model Checking

Unified Modeling Language (UML) is currently accepted as the standard for modeling (object-oriented) software, and its use is increasing in the aerospace industry. Verification and Validation of complex software developed according to UML is not trivial due to complexity of the software itself, and the several different UML models/diagrams that can be used to model behavior and structure of the software. This paper presents an approach to transform up to three different UML behavioral diagrams (sequence, behavioral state machines, and activity) into a single Transition System to support Model Checking of software developed in accordance with UML. In our approach, properties are formalized based on use case descriptions. The transformation is done for the NuSMV model checker, but we see the possibility in using other model checkers, such as SPIN. The main contribution of our work is the transformation of a non-formal language (UML) to a formal language (language of the NuSMV model checker) towards a greater adoption in practice of formal methods in software development.Comment: In Proceedings FESCA 2014, arXiv:1404.043

Translating message sequence charts to other process languages using process mining

Message Sequence Charts (MSCs) are a well known language for specifying scenarios that describe how di??erent actors (e.g., system components, people, or organizations) interact. MSCs are often used as a starting point for software analysts to discuss the behavior of a system with di??erent stakeholders. Often such discussions lead to more complete behavioral models described by e.g. Event-driven Process Chains (EPCs), UML activity diagrams, BPMN models, Petri nets, etc. The contribution of this paper is to present a method that uses process mining to translate a set of MSCs that represent example scenarios into a complete process model, e.g., represented in terms of EPCs or Petri nets. Our approach takes MSCs and translates them into a special kind event logs. Unlike all known process mining techniques, we use a new approach that uses event logs containing explicit causal dependencies. This allows us to discover high-quality process models. The approach has been implemented in the process mining framework ProM

The Oracle Problem When Testing from MSCs

Message Sequence Charts (MSCs) form a popular language in which scenario-based specifications and models can be written. There has been significant interest in automating aspects of testing from MSCs. This paper concerns the Oracle Problem, in which we have an observation made in testing and wish to know whether this is consistent with the specification. We assume that there is an MSC specification and consider the case where we have entirely independent local testers (local observability) and where the observations of the local testers are logged and brought together (tester observability). It transpires that under local observability the Oracle Problem can be solved in low-order polynomial time if we use sequencing, loops and choices but becomes NP-complete if we also allow parallel components; if we place a bound on the number of parallel components then it again can be solved in polynomial time. For tester observability, the problem is NP-complete when we have either loops or choices. However, it can be solved in low-order polynomial time if we have only one loop, no choices, and no parallel components. If we allow parallel components then the Oracle Problem is NP-complete for tester observability even if we restrict to the case where there are at most two processes