140,559 research outputs found
Refinement type contracts for verification of scientific investigative software
Our scientific knowledge is increasingly built on software output. User code
which defines data analysis pipelines and computational models is essential for
research in the natural and social sciences, but little is known about how to
ensure its correctness. The structure of this code and the development process
used to build it limit the utility of traditional testing methodology. Formal
methods for software verification have seen great success in ensuring code
correctness but generally require more specialized training, development time,
and funding than is available in the natural and social sciences. Here, we
present a Python library which uses lightweight formal methods to provide
correctness guarantees without the need for specialized knowledge or
substantial time investment. Our package provides runtime verification of
function entry and exit condition contracts using refinement types. It allows
checking hyperproperties within contracts and offers automated test case
generation to supplement online checking. We co-developed our tool with a
medium-sized (3000 LOC) software package which simulates
decision-making in cognitive neuroscience. In addition to helping us locate
trivial bugs earlier on in the development cycle, our tool was able to locate
four bugs which may have been difficult to find using traditional testing
methods. It was also able to find bugs in user code which did not contain
contracts or refinement type annotations. This demonstrates how formal methods
can be used to verify the correctness of scientific software which is difficult
to test with mainstream approaches
Recommended from our members
Comparing test sets and criteria in the presence of test hypotheses and fault domains
A number of authors have considered the problem of comparing test sets and criteria. Ideally
test sets are compared using a preorder with the property that test set T1 is at least as strong
as T2 if whenever T2 determines that an implementation p is faulty, T1 will also determine that
p is faulty. This notion can be extended to test criteria. However, it has been noted that very
few test sets and criteria are comparable under such an ordering; instead orderings are based
on weaker properties such as subsumes. This paper explores an alternative approach, in which
comparisons are made in the presence of a test hypothesis or fault domain. This approach allows
strong statements about fault detecting ability to be made and yet for a number of test sets and
criteria to be comparable. It may also drive incremental test generation
The Grid Dependence of Well Inflow Performance in Reservoir Simulation
Imperial Users onl
Towards Symbolic Model-Based Mutation Testing: Combining Reachability and Refinement Checking
Model-based mutation testing uses altered test models to derive test cases
that are able to reveal whether a modelled fault has been implemented. This
requires conformance checking between the original and the mutated model. This
paper presents an approach for symbolic conformance checking of action systems,
which are well-suited to specify reactive systems. We also consider
nondeterminism in our models. Hence, we do not check for equivalence, but for
refinement. We encode the transition relation as well as the conformance
relation as a constraint satisfaction problem and use a constraint solver in
our reachability and refinement checking algorithms. Explicit conformance
checking techniques often face state space explosion. First experimental
evaluations show that our approach has potential to outperform explicit
conformance checkers.Comment: In Proceedings MBT 2012, arXiv:1202.582
- …