26,138 research outputs found
Verifying Web Applications: From Business Level Specifications to Automated Model-Based Testing
One of reasons preventing a wider uptake of model-based testing in the
industry is the difficulty which is encountered by developers when trying to
think in terms of properties rather than linear specifications. A disparity has
traditionally been perceived between the language spoken by customers who
specify the system and the language required to construct models of that
system. The dynamic nature of the specifications for commercial systems further
aggravates this problem in that models would need to be rechecked after every
specification change. In this paper, we propose an approach for converting
specifications written in the commonly-used quasi-natural language Gherkin into
models for use with a model-based testing tool. We have instantiated this
approach using QuickCheck and demonstrate its applicability via a case study on
the eHealth system, the national health portal for Maltese residents.Comment: In Proceedings MBT 2014, arXiv:1403.704
Feature-Aware Verification
A software product line is a set of software products that are distinguished
in terms of features (i.e., end-user--visible units of behavior). Feature
interactions ---situations in which the combination of features leads to
emergent and possibly critical behavior--- are a major source of failures in
software product lines. We explore how feature-aware verification can improve
the automatic detection of feature interactions in software product lines.
Feature-aware verification uses product-line verification techniques and
supports the specification of feature properties along with the features in
separate and composable units. It integrates the technique of variability
encoding to verify a product line without generating and checking a possibly
exponential number of feature combinations. We developed the tool suite
SPLverifier for feature-aware verification, which is based on standard
model-checking technology. We applied it to an e-mail system that incorporates
domain knowledge of AT&T. We found that feature interactions can be detected
automatically based on specifications that have only feature-local knowledge,
and that variability encoding significantly improves the verification
performance when proving the absence of interactions.Comment: 12 pages, 9 figures, 1 tabl
A graph-based aspect interference detection approach for UML-based aspect-oriented models
Aspect Oriented Modeling (AOM) techniques facilitate separate modeling of concerns and allow for a more flexible composition of these than traditional modeling technique. While this improves the understandability of each submodel, in order to reason about the behavior of the composed system and to detect conflicts among submodels, automated tool support is required. Current techniques for conflict detection among aspects generally have at least one of the following weaknesses. They require to manually model the abstract semantics for each system; or they derive the system semantics from code assuming one specific aspect-oriented language. Defining an extra semantics model for verification bears the risk of inconsistencies between the actual and the verified design; verifying only at implementation level hinders fixng errors in earlier phases. We propose a technique for fully automatic detection of conflicts between aspects at the model level; more specifically, our approach works on UML models with an extension for modeling pointcuts and advice. As back-end we use a graph-based model checker, for which we have defined an operational semantics of UML diagrams, pointcuts and advice. In order to simulate the system, we automatically derive a graph model from the diagrams. The result is another graph, which represents all possible program executions, and which can be verified against a declarative specification of invariants.\ud
To demonstrate our approach, we discuss a UML-based AOM model of the "Crisis Management System" and a possible design and evolution scenario. The complexity of the system makes con°icts among composed aspects hard to detect: already in the case of two simulated aspects, the state space contains 623 di®erent states and 9 different execution paths. Nevertheless, in case the right pruning methods are used, the state-space only grows linearly with the number of aspects; therefore, the automatic analysis scales
Specifying and Analysing SOC Applications with COWS
COWS is a recently defined process calculus for specifying and combining service-oriented applications, while modelling their dynamic behaviour. Since its introduction, a number of methods and tools have been devised to analyse COWS specifications, like e.g. a type system to check confidentiality properties, a logic and a model checker to express and check functional properties of services. In this paper, by means of a case study in the area of automotive systems, we demonstrate that COWS, with some mild linguistic additions, can model all the phases of the life cycle of service-oriented applications, such as publication, discovery, negotiation, orchestration, deployment, reconfiguration and execution. We also provide a flavour of the properties that can be analysed by using the tools mentioned above
Recommended from our members
A Static Verification Framework for Secure Peer-to-Peer Applications
In this paper we present a static verification framework to support the design and verification of secure peer-to-peer applications. The framework supports the specification, modeling, and analysis of security aspects together with the general characteristics of the system, during early stages of the development life-cycle. The approach avoids security issues to be taken into consideration as a separate layer that is added to the system as an afterthought by the use of security protocols. The main functionality supported by the framework are concerned with the modeling of the system together with its security aspects by using an extension of UML, modeling of abuse cases to represent scenarios of attackers and assist with the identification of properties to be verified, specification of properties to be verified in a graphical template language, verification of the models against the properties, and visualization of the results of the verification process
The AutoProof Verifier: Usability by Non-Experts and on Standard Code
Formal verification tools are often developed by experts for experts; as a
result, their usability by programmers with little formal methods experience
may be severely limited. In this paper, we discuss this general phenomenon with
reference to AutoProof: a tool that can verify the full functional correctness
of object-oriented software. In particular, we present our experiences of using
AutoProof in two contrasting contexts representative of non-expert usage.
First, we discuss its usability by students in a graduate course on software
verification, who were tasked with verifying implementations of various sorting
algorithms. Second, we evaluate its usability in verifying code developed for
programming assignments of an undergraduate course. The first scenario
represents usability by serious non-experts; the second represents usability on
"standard code", developed without full functional verification in mind. We
report our experiences and lessons learnt, from which we derive some general
suggestions for furthering the development of verification tools with respect
to improving their usability.Comment: In Proceedings F-IDE 2015, arXiv:1508.0338
Distributed Enforcement of Service Choreographies
Modern service-oriented systems are often built by reusing, and composing
together, existing services distributed over the Internet. Service choreography
is a possible form of service composition whose goal is to specify the
interactions among participant services from a global perspective. In this
paper, we formalize a method for the distributed and automated enforcement of
service choreographies, and prove its correctness with respect to the
realization of the specified choreography. The formalized method is implemented
as part of a model-based tool chain released to support the development of
choreography-based systems within the EU CHOReOS project. We illustrate our
method at work on a distributed social proximity network scenario.Comment: In Proceedings FOCLASA 2014, arXiv:1502.0315
- …