Modal Reactors

Complex software systems often feature distinct modes of operation, each designed to handle a particular scenario that may require the system to respond in a certain way. Breaking down system behavior into mutually exclusive modes and discrete transitions between modes is a commonly used strategy to reduce implementation complexity and promote code readability. However, such capabilities often come in the form of self-contained domain specific languages or language-specific frameworks. The work in this paper aims to bring the advantages of modal models to mainstream programming languages, by following the polyglot coordination approach of Lingua Franca (LF), in which verbatim target code (e.g., C, C++, Python, Typescript, or Rust) is encapsulated in composable reactive components called reactors. Reactors can form a dataflow network, are triggered by timed as well as sporadic events, execute concurrently, and can be distributed across nodes on a network. With modal models in LF, we introduce a lean extension to the concept of reactors that enables the coordination of reactive tasks based on modes of operation. The implementation of modal reactors outlined in this paper generalizes to any LF-supported language with only modest modifications to the generic runtime system

Deep Reinforcement Learning for Black-box Testing of Android Apps

The state space of Android apps is huge, and its thorough exploration during testing remains a significant challenge. The best exploration strategy is highly dependent on the features of the app under test. Reinforcement Learning (RL) is a machine learning technique that learns the optimal strategy to solve a task by trial and error, guided by positive or negative reward, rather than explicit supervision. Deep RL is a recent extension of RL that takes advantage of the learning capabilities of neural networks. Such capabilities make Deep RL suitable for complex exploration spaces such as one of Android apps. However, state-of-the-art, publicly available tools only support basic, Tabular RL. We have developed ARES, a Deep RL approach for black-box testing of Android apps. Experimental results show that it achieves higher coverage and fault revelation than the baselines, including state-of-the-art tools, such as TimeMachine and Q-Testing. We also investigated the reasons behind such performance qualitatively, and we have identified the key features of Android apps that make Deep RL particularly effective on them to be the presence of chained and blocking activities. Moreover, we have developed FATE to fine-tune the hyperparameters of Deep RL algorithms on simulated apps, since it is computationally expensive to carry it out on real apps

Deep Reinforcement Learning for Black-Box Testing of Android Apps

The state space of Android apps is huge and its thorough exploration during testing remains a major challenge. In fact, the best exploration strategy is highly dependent on the features of the app under test. Reinforcement Learning (RL) is a machine learning technique that learns the optimal strategy to solve a task by trial and error, guided by positive or negative reward, rather than by explicit supervision. Deep RL is a recent extension of RL that takes advantage of the learning capabilities of neural networks. Such capabilities make Deep RL suitable for complex exploration spaces such as the one of Android apps. However, state of the art, publicly available tools only support basic, tabular RL. We have developed ARES, a Deep RL approach for black-box testing of Android apps. Experimental results show that it achieves higher coverage and fault revelation than the baselines, which include state of the art RL based tools, such as TimeMachine and Q-Testing. We also investigated qualitatively the reasons behind such performance and we have identified the key features of Android apps that make Deep RL particularly effective on them to be the presence of chained and blocking activities

A model of systems with modes and mode transitions

We propose a method of classifying the operation of a system into finitely many modes. Each mode has its own objectives for the system's behaviour and its own algorithms designed to accomplish its objectives. A central problem is deciding when to transition from one mode to some other mode, a decision that may be contested and involve partial or inconsistent information. We propose some general principles and model mathematically their conception of modes for a system. We derive a family of data types for analysing mode transitions; these are simplicial complexes, both abstract and concretely realised as geometric spaces in euclidean space . In the simplicial complex, a mode is represented by a simplex and each state of a system can be evaluated by mapping it into one or more simplices. This evaluation measures the extent to which different modes are appropriate for the state and can decide on a transition. To illustrate the general model in some detail, we work though a case study of an autonomous racing car

An Integrated Approach Enabling Cross-Domain Simulation of Model-Based E/E-Architectures

The increasing complexity of electric/electronic architectures (EEA) in the automotive domain raised the necessity of model-based development processes for the design of such heterogeneous systems, which combine different engineering principles with different viewpoints. High-level simulation is a great means to evaluate the EEA in the concept phase of the design, since it reduces costly real-world experiments. However, model-based EEA design and analysis as well as its simulation are often separate processes in the development lifecycle. In this paper, we present a novel approach that extends state-of-the-art model-based systems engineering principles of EEA by a behavior specification reusing library components. The specification is seamlessly integrated in the development process of a single source EEA model. Therewith, the starting point is the abstract logical function architecture of the EEA. Based on this single source EEA model we synthesize a unified high-level simulation model, which is capable of linking the behavioral model with lower level implementation details of other domains, e.g. the network communication of the underlying hardware topology. This cross-layer simulation enables an early but holistic system’s behavior analysis of the dynamic changes which typically depend on the scenarios applied. Moreover, the integrated approach enables the potential to feedback the simulation results into suitable EEA metrics and benchmarks for further analysis and optimization as well as the seamless traceability of the behavioral specification to requirements and other abstraction layers. A driver assistance system use case demonstrates the proof-of-concept and the benefits of our methodology

Deep Reinforcement Learning Driven Applications Testing

Applications have become indispensable in our lives, and ensuring their correctness is now a critical issue. Automatic system test case generation can significantly improve the testing process for these applications, which has recently motivated researchers to work on this problem, defining various approaches. However, most state-of-the-art approaches automatically generate test cases leveraging symbolic execution or random exploration techniques. This led to techniques that lose efficiency when dealing with an increasing number of program constraints and become inapplicable when conditions are too challenging to solve or even to formulate. This Ph.D. thesis proposes addressing current techniques' limitations by exploiting Deep Reinforcement Learning. Deep Reinforcement Learning (Deep RL) is a machine learning technique that does not require a labeled training set as input since the learning process is guided by the positive or negative reward experienced during the tentative execution of a task. Hence, it can be used to dynamically learn how to build a test suite based on the feedback obtained during past successful or unsuccessful attempts. This dissertation presents three novel techniques that exploit this intuition: ARES, RONIN, and IFRIT. Since functional testing and security testing are complementary, this Ph.D. thesis explores both testing techniques using the same approach for test cases generation. ARES is a Deep RL approach for functional testing of Android apps. RONIN addresses the issue of generating exploits for a subset of Android ICC vulnerabilities. Subsequently, to better expose the bugs discovered by previous techniques, this thesis presents IFRIT, a focused testing approach capable of increasing the number of test cases that can reach a specific target (i.e., a precise section or statement of an application) and their diversity. IFRIT has the ultimate goal of exposing faults affecting the given program point

Estratégias de automação para desenvolvimento de projetos de sistemas embarcados baseados em modelos formais de computação

Orientador: Denis SIlva LoubachDissertação (mestrado) - Universidade Estadual de Campinas, Faculdade de Engenharia MecânicaResumo: Sistemas embarcados de alta performance estão presentes em cada vez mais áreas de aplicação. Com o aumento da complexidade, se torna mais difícil atender ao requisito de se projetar o sistema mais otimizado utilizando menos recursos. Nesse contexto, os métodos de projeto de sistemas embarcados baseados em modelos formais têm sido estudados para tornar esse processo mais robusto e escalável. O uso de modelos de computação (MoC), que consistem na modelagem de uma aplicação utilizando um alto nível de abstração com base formal, possibilita uma análise sistemática do sistema antes de sua implementação. Ferramentas e frameworks têm sido desenvolvidos para a modelagem baseada em MoCs. Algumas dessas ferramentas suportam a simulação dos modelos, possibilitando a verificação das funcionalidades do sistema antes das próximas fases do projeto. O aumento do nível de abstração, proporcionado pelo uso dos MoCs, dificulta a fase de implementação pela falta de detalhes nos modelos de alto nível de abstração. Nesse sentido, esta pesquisa tem como objetivo identificar possíveis estratégias de automação para o desenvolvimento de sistemas embarcados baseado em modelos formais de computaçãoAbstract: Sophisticated and high performance embedded systems are present in an increasing number of application domains. As the complexity grows, it gets harder to satisfy the requirement of getting the most optimized system using less development resources. In this context, formal-based design methods have been studied to make the development process robust and scalable, using the correct-by-construction approach. Models of computation (MoC), which consists on modeling an application at a high abstraction level by using a formal base, enables a systematic application analysis before its implementation. Different tools and frameworks have been developed supporting MoCs. Some of them can simulate the models and also verify its functionality and feasibility before the next design steps. As MoC elevates the abstraction level, the implementation steps get more complex, creating an abstraction gap. In view of this, the present research aims to identify possible automation approaches for embedded systems design flowsMestradoMecatrônicaMestre em Engenharia Mecânic

A Problem-Oriented Approach for Dynamic Verification of Heterogeneous Embedded Systems

This work presents a virtual prototyping methodology for the design and verification of industrial devices in the field level of industrial automation systems. This work demonstrates that virtual prototypes can help increase the confidence in the correctness of a design thanks to a deeper understanding of the complex interactions between hardware, software, analog and mixed-signal components of embedded systems and the physical processes they interact with