{"title":"A Method for Testing Software Systems Based on State Design Pattern Using Symbolic Execution","authors":"C. Tudose, Radu Opria","doi":"10.1109/SEFM.2010.20","DOIUrl":"https://doi.org/10.1109/SEFM.2010.20","url":null,"abstract":"The paper reports a new testing method working with state pattern designed software systems. The tests are performed in terms of symbolic execution aiming to identify conditions and values of some input parameters that violate assertions at runtime. The state based architecture of such systems allows a direct mapping of the methods to the transitions of the underlying finite state machine (FSM). In order to identify the methods that contain failing assertions, the Java Path Finder Symbolic Execution framework extension (JPF-SE) is used for an out of context execution of each method. We propose a new algorithm to compute a transition path from the initial state of the system to each faulty transition. The computation is carried out using a backward traversal scheme of the FSM support graph where the JPF-SE symbolically executes each transition of the path. The transition execution performed by JPF-SE yields to the backward propagation of the conditions imposed on the input parameters. The overall capabilities of the proposed algorithm are illustrated with an example.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130301090","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"User Queries for Specification Refinement Treating Shared Aspect Join Points","authors":"E. Katz, Shmuel Katz","doi":"10.1109/SEFM.2010.16","DOIUrl":"https://doi.org/10.1109/SEFM.2010.16","url":null,"abstract":"We present an interactive semi-automatic procedure to help users refine their requirements formally and precisely, using knowledge the user possesses but does not notice as relevant and has difficulty formalizing. Questions in natural language are presented to the user, and augmentations to specifications, written in Linear Temporal Logic, are automatically created according to the answers. We apply our approach to a case study on specifying the desired aspect behavior in a delicate case when multiple aspects can share a join-point, i.e., be applied at the same state of base program computation. The questions used in the case study are derived from an in-depth analysis of semantics and mutual influence of aspects at a shared join-point. Aspects sharing a join-point might, but do not have to, semantically interfere. Our analysis and specification refinement enables programmers to distinguish between potential and actual interference among aspects at shared join-points, when aspects are modeled as state transition diagrams, and specifications are given as LTL assumptions and guarantees. The refined aspect specification, obtained from the procedure we describe, enables modular verification and interference detection among aspects even in the presence of shared join-points.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128488749","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Model Checking Ad Hoc Network Routing Protocols: ARAN vs. endairA","authors":"Davide Benetti, Massimo Merro, L. Viganò","doi":"10.1109/SEFM.2010.24","DOIUrl":"https://doi.org/10.1109/SEFM.2010.24","url":null,"abstract":"Several different secure routing protocols have been proposed for determining the appropriate paths on which data should be transmitted in ad hoc networks. In this paper, we focus on two of the most relevant such protocols, ARAN and end air A, and present the results of a formal analysis that we have carried out using the AVISPA Tool, an automated model checker for the analysis of security protocols. By model checking ARAN with the AVISPA Tool, we have discovered three attacks (a route disruption, a route diversion, and a creation of incorrect routing state), while our analysis of end air A revealed no attacks.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123840499","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Behavior Trees: From Systems Engineering to Software Engineering","authors":"P. Lindsay","doi":"10.1109/SEFM.2010.11","DOIUrl":"https://doi.org/10.1109/SEFM.2010.11","url":null,"abstract":"Geoff Dromey’s Behavior Engineering method provides a vital link between systems engineering processes and software engineering processes. It has proven particularly effective in industry when applied to large complex systems, to help understand the problem space and clarify system and software requirements. In this paper we compare the method with some of the most widely used system design methods, including State Transition Diagrams, Functional Flow Block Diagrams, Object Oriented Design, IDEF0, UML and SysML. The comparison draws on the Design-Methods Comparison Project undertaken by Bahill et al in 1998, and uses their Traffic Lights case study. We show that the methods are roughly equivalent in terms of what they can express, but that Behavior Trees come closest to natural language specification, which we contend makes them easier for non-formal methods experts to understand.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122233007","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Assessing the Quality of B Models","authors":"Adrien De Kermadec, Frédéric Dadeau, F. Bouquet","doi":"10.1109/SEFM.2010.17","DOIUrl":"https://doi.org/10.1109/SEFM.2010.17","url":null,"abstract":"This paper proposes to define and assess the notion of quality of B models aiming at providing an automated feedback on a model by performing systematic checks on its content. We define and classify classes of automatic verification steps that help the modeller in knowing whether his model is well-written or not. This technique is defined in the context of ``behavioral models'' that describe the behavior of a system using the generalized substitutions mechanism. From these models, verification conditions are automatically computed and discharged using a dedicated tool. This technique has been adapted to the B notation, especially on B abstract machines, and implemented within a tool interfaced with a constraint solver that is able to find counter-examples to unvalid verification conditions.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129958576","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Cristiá, Pablo Albertengo, Pablo Rodríguez Monetti
{"title":"Pruning Testing Trees in the Test Template Framework by Detecting Mathematical Contradictions","authors":"M. Cristiá, Pablo Albertengo, Pablo Rodríguez Monetti","doi":"10.1109/SEFM.2010.31","DOIUrl":"https://doi.org/10.1109/SEFM.2010.31","url":null,"abstract":"Fastest is an automatic implementation of Phil Stocks and David Carrington's Test Template Framework (TTF), a model-based testing (MBT) framework for the Z formal notation. In this paper we present a new feature of Fastest that helps TTF users to eliminate inconsistent test classes automatically. The method is very simple and practical, and makes use of the peculiarities of the TTF. Perhaps its most interesting features are extensibility and ease of use, since it does not assume previous knowledge on theorem proving. Also we compare the solution with a first attempt using the Z/EVES proof assistant and with the HOL-Z environment. At the end, we show the results of an empirical assessment based on applying Fastest to four real-world, industrial-strength case studies and to six toy examples.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132096174","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Non-local Choice and Implied Scenarios","authors":"Haitao Dan, R. Hierons, S. Counsell","doi":"10.1109/SEFM.2010.14","DOIUrl":"https://doi.org/10.1109/SEFM.2010.14","url":null,"abstract":"A number of issues, such as non-local choice and implied scenarios, that arise in Message Sequence Charts (MSCs) have been investigated in the past. However, existing research on these two issues show disagreements regarding how they are related. In this paper, we analyse the relations among existing conditions for non-local choice free and Closure Conditions (CCs) for implied scenarios. On the basis of this, we propose a new definition for non-local choice and a non-local choice free condition derived from CCs of implied scenarios. Compared to existing conditions, we argue that the new condition covers more non-local choices that satisfy the informal idea of non-local choice. We formally show that the existence of non-local choices in an MSC specification results in implied scenarios and the appearance of implied scenarios according to corresponding CCs means there are non-local choices in the specification.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134193567","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"TART: Timed-Automata to Real-Time Java Tool","authors":"N. Hakimipour, P. Strooper, A. Wellings","doi":"10.1109/SEFM.2010.39","DOIUrl":"https://doi.org/10.1109/SEFM.2010.39","url":null,"abstract":"In previous work, we have proposed a model based approach to developing real-time Java programs from timed automata. This approach allows us to verify the timed automata model mechanically by using current real-time model checking tools. Programs are then derived from the model by following a systematic approach. TART (timed automata to RTSJ Tool) is a prototype tool to support this approach. This paper presents TART, including its limitations, and discusses its application on four examples.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124506713","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ábel Hegedüs, Gábor Bergmann, I. Ráth, Dániel Varró
{"title":"Back-annotation of Simulation Traces with Change-Driven Model Transformations","authors":"Ábel Hegedüs, Gábor Bergmann, I. Ráth, Dániel Varró","doi":"10.1109/SEFM.2010.28","DOIUrl":"https://doi.org/10.1109/SEFM.2010.28","url":null,"abstract":"Model-driven analysis aims at detecting design flaws early in high-level design models by automatically deriving mathematical models. These analysis models are subsequently investigated by formal verification and validation (V&V) tools, which may retrieve traces violating a certain requirement. Back-annotation aims at mapping back the results of V&V tools to the design model in order to highlight the real source of the fault, to ease making necessary amendments. Here we propose a technique for the back-annotation of simulation traces based on change-driven model transformations. Simulation traces of analysis models will be persisted as a change model with high-level change commands representing macro steps of a trace. This trace is back-annotated to the design model using change-driven transformation rules, which bridge the conceptual differences between macro steps in the analysis and design traces. Our concepts will be demonstrated on the back-annotation problem for analyzing BPEL processes using a Petri net simulator.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"103 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132462709","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"temporaljmlc: A JML Runtime Assertion Checker Extension for Specification and Checking of Temporal Properties","authors":"Faraz Hussain, Gary T. Leavens","doi":"10.1109/SEFM.2010.15","DOIUrl":"https://doi.org/10.1109/SEFM.2010.15","url":null,"abstract":"Most mainstream specification languages primarily deal with a program’s functional behavior. However, for many common problems, besides the system’s functionality, it is necessary to be able to express its temporal properties, such as the necessity of calling methods in a certain order. We have developed temporaljmlc, a tool that performs runtime assertion checking of temporal properties specified in an extension of the Java Modeling Language (JML). The benefit of temporaljmlc is that it allows succinct specification of temporal properties that would otherwise be tedious and difficult to specify.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130392271","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}