Preface

oai:journal.ub.tu-berlin.de:article/120

Towards a Secure DevOps Approach for Cyber-Physical Systems: An Industrial Perspective

Peer reviewe

Reactive model-based testing design for embedded automotive software

Reactive model-based testing design for embedded automotive softwar

Standard-compliant testing for safety-related automotive software

This thesis proposes a new testing method called CTMCONTROL, which enhances the popular Classification Tree Method (CTM) by incorporating Modified Condition/Decision Coverage (MC/DC) capabilities. This brings the CTM closer to the quality assurance requirements of the latest standards that regulate automotive software. CTMCONTROL has a particular focus on the specification-based control-logic of the system under test (SUT). It incorporates MC/DC coverage of the logical expressions guarding the transitions of a system represented via Statecharts and it allows testing of the dependencies among the input values and the control logic of the SUT. The experimental results reported in this thesis point to the fact that CTMCONTROL can capture a group of errors in the control-logic of the SUT, which would not be captured via the classic CTM approach. The additional group of errors captured by CTMCONTROL, includes errors which can cause unwanted activations or unwanted feature interactions in a system. CTMCONTROL has been prototypically implemented in the MATLAB/Simulink/Stateflow environment. This thesis also proposes the Formalization of a Reactive Testing Process (FRTP) which builds a pathway between reactive testing and the field of formal testing. The FRTP defines a number of ordered steps to be followed in a reactive testing process and a flow of logic on how to move between them. The steps serve as methodological pointers to help with the integration of formality in the automotive software testing process. The FRTP includes a new Taxonomy of Reactive Testing (TRT). The TRT helps the test designer to elucidate the reactivity dimensions which are of interest for a specific testing process. To facilitate the use of formalization in industry, examples specified in Z notation are given for each of the dimensions of the TRT. The examples are meant as informational models, which can guide the “typical automotive software tester” in the formalization of test reactivity. Also, changes are proposed to the latest model-based testing taxonomy, via incorporating test reactivity as one of the test-selection criteria. This accounts for those reactive test processes where test generation is performed on the fly. All of the contributions of this research are tailored to the field of safety-related automotive software

Scalable software testing and verification for industrial-scale systems: the challenges

In this position paper, we argue that more collaborative research is needed to increase the use of research-led verification and testing techniques in industrialscale projects. We focus on the a) practical applicability and scalability of verification and testing techniques in industrial projects, and b) to autonomous systems. We identify the challenges involved and bring forward some initial suggestion

Uncertainty entangled; modelling safety assurance cases for autonomous systems

When designing and analysing autonomous systems and their environment it is necessary to consider uncertainty and multiple potential states (of the system and its environment). In this position paper, we explore the idea of notations and modelling tools that are based on ‘superpositions’ of states. More concretely, we present a treatment of uncertainty in autonomous systems inspired by quantum physics and propose an extension of the Goal Structuring Notation (GSN), a common approach for the modelling of safety arguments, to model ’superposition’ and ’entangled’ nodes; and, incorporate guidelines of the emerging UL 4600 standard for autonomous systems

CTMCONTROL: Addressing the MC/DC Objective for Safety-Critical Automotive Software

We propose a method tailored to the requirements of safety-critical embedded automotive software, named CTMCONTROL. CTMCONTROL has a particular focus on the specification-based control logic of the system under test and offers improvements in testing coverage metrics over a classic method which is routinely used in industry. The proposed method targets the Modified Condition/ Decision Coverage (MC/DC) objective for automotive safety-critical software. CTMCONTROL is validated via a controlled experiment which highlights the higher structural coverage delivered by the new approach. The method is implemented in the popular Matlab/Simulink/Stateflow (M/S/S) environment