177 research outputs found
Constraint-Based Heuristic On-line Test Generation from Non-deterministic I/O EFSMs
We are investigating on-line model-based test generation from
non-deterministic output-observable Input/Output Extended Finite State Machine
(I/O EFSM) models of Systems Under Test (SUTs). We propose a novel
constraint-based heuristic approach (Heuristic Reactive Planning Tester (xRPT))
for on-line conformance testing non-deterministic SUTs. An indicative feature
of xRPT is the capability of making reasonable decisions for achieving the test
goals in the on-line testing process by using the results of off-line bounded
static reachability analysis based on the SUT model and test goal
specification. We present xRPT in detail and make performance comparison with
other existing search strategies and approaches on examples with varying
complexity.Comment: In Proceedings MBT 2012, arXiv:1202.582
Incremental Dead State Detection in Logarithmic Time
Identifying live and dead states in an abstract transition system is a
recurring problem in formal verification; for example, it arises in our recent
work on efficiently deciding regex constraints in SMT. However,
state-of-the-art graph algorithms for maintaining reachability information
incrementally (that is, as states are visited and before the entire state space
is explored) assume that new edges can be added from any state at any time,
whereas in many applications, outgoing edges are added from each state as it is
explored. To formalize the latter situation, we propose guided incremental
digraphs (GIDs), incremental graphs which support labeling closed states
(states which will not receive further outgoing edges). Our main result is that
dead state detection in GIDs is solvable in amortized time per edge
for edges, improving upon per edge due to Bender, Fineman,
Gilbert, and Tarjan (BFGT) for general incremental directed graphs.
We introduce two algorithms for GIDs: one establishing the logarithmic time
bound, and a second algorithm to explore a lazy heuristics-based approach. To
enable an apples-to-apples experimental comparison, we implemented both
algorithms, two simpler baselines, and the state-of-the-art BFGT baseline using
a common directed graph interface in Rust. Our evaluation shows -x
speedups over BFGT for the largest input graphs over a range of graph classes,
random graphs, and graphs arising from regex benchmarks.Comment: 22 pages + reference
The undecidability of simultaneous rigid E-unification with two variables
Abstract. Recently it was proved that the problem of simultaneous rigid E-unification, or SREU, is undecidable. Here we show that 4 rigid equations with ground left-hand sides and 2 variables already imply undecidability. As a corollary we improve the undecidability result of the 3*-fragment of intuitionistic logic with equality. Our proof shows undecidability of a very restricted subset of the 33-fragment. Together with other results, it contributes to a complete characterization of decidability of the prenex fragment of intuitionistic logic with equality, in terms of the quantifier prefix. 1 I n t r o d u c t i o n Recently it was proved that the problem of simultaneous rigid E-unification (SREU) is undecidable Background of S R E U Simultaneous rigid E-unification was proposed by Ga~er, Raatz and Snyder 1 It has been noted by Gurevich and Veanes that 3 rigid equations suffice
Derivative Based Extended Regular Expression Matching Supporting Intersection, Complement and Lookarounds
Regular expressions are widely used in software. Various regular expression
engines support different combinations of extensions to classical regular
constructs such as Kleene star, concatenation, nondeterministic choice (union
in terms of match semantics). The extensions include e.g. anchors, lookarounds,
counters, backreferences. The properties of combinations of such extensions
have been subject of active recent research.
In the current paper we present a symbolic derivatives based approach to
finding matches to regular expressions that, in addition to the classical
regular constructs, also support complement, intersection and lookarounds (both
negative and positive lookaheads and lookbacks). The theory of computing
symbolic derivatives and determining nullability given an input string is
presented that shows that such a combination of extensions yields a match
semantics that corresponds to an effective Boolean algebra, which in turn opens
up possibilities of applying various Boolean logic rewrite rules to optimize
the search for matches.
In addition to the theoretical framework we present an implementation of the
combination of extensions to demonstrate the efficacy of the approach
accompanied with practical examples
Prepose: privacy, security, and reliability for gesture-based programming
With the rise of sensors such as Microsoft Kinect, gesture-based interfaces have become practical. However, to recognize such gestures, applications need access to users' depth and video, exposing sensitive data about individuals and their environment. Prepose, a domain-specific language for building gesture recognizers, combined with a system architecture that protects privacy, security, and reliability with untrusted applications, addresses these threats
Program boosting: program synthesis via crowd-sourcing
In this paper, we investigate an approach to program synthesis that is based on crowd-sourcing. With the help of crowd-sourcing, we aim to capture the "wisdom of the crowds" to find good if not perfect solutions to inherently tricky programming tasks, which elude even expert developers and lack an easy-to-formalize specification. We propose an approach we call program boosting, which involves crowd-sourcing imperfect solutions to a difficult programming problem from developers and then blending these programs together in a way that improves their correctness. We implement this approach in a system called CROWDBOOST and show in our experiments that interesting and highly non-trivial tasks such as writing regular expressions for URLs or email addresses can be effectively crowd-sourced. We demonstrate that carefully blending the crowd-sourced results together consistently produces a boost, yielding results that are better than any of the starting programs. Our experiments on 465 program pairs show consistent boosts in accuracy and demonstrate that program boosting can be performed at a relatively modest monetary cost
Type Targeted Testing
We present a new technique called type targeted testing, which translates
precise refinement types into comprehensive test-suites. The key insight behind
our approach is that through the lens of SMT solvers, refinement types can also
be viewed as a high-level, declarative, test generation technique, wherein
types are converted to SMT queries whose models can be decoded into concrete
program inputs. Our approach enables the systematic and exhaustive testing of
implementations from high-level declarative specifications, and furthermore,
provides a gradual path from testing to full verification. We have implemented
our approach as a Haskell testing tool called TARGET, and present an evaluation
that shows how TARGET can be used to test a wide variety of properties and how
it compares against state-of-the-art testing approaches
Symbolic Tree Automata
Abstract We introduce symbolic tree automata as a generalization of finite tree automata with a parametric alphabet over any given background theory. We show that symbolic tree automata are closed under Boolean operations, and that the operations are effectively uniform in the given alphabet theory. This generalizes the corresponding classical properties known for finite tree automata
Play to Test
Testing tasks can be viewed (and organized!) as games against nature. We study reachability games in the context of testing. Such games are ubiquitous. A single industrial test suite may involve many instances of a reachability game. Hence the importance of optimal or near optimal strategies for reachability games. One can use linear programming or the value iteration method of Markov decision process theory to find optimal strategies. Both methods have been implemented in an industrial model-based testing tool, Spec Explorer, developed at Microsoft Research
- …