Abstract
We propose a framework for requirement-driven test generation that combines contract-based interface theories with model-based testing. We design a specification language, requirement interfaces, for formalizing different views (aspects) of synchronous data-flow systems from informal requirements. Various views of a system, modeled as requirement interfaces, are naturally combined by conjunction. We develop an incremental test generation procedure with several advantages. The test generation is driven by a single requirement interface at a time. It follows that each test assesses a specific aspect or feature of the system, specified by its associated requirement interface. Since we do not explicitly compute the conjunction of all requirement interfaces of the system, we avoid state space explosion while generating tests. However, we incrementally complete a test for a specific feature with the constraints defined by other requirement interfaces. This allows catching violations of any other requirement during test execution, and not only of the one used to generate the test. This framework defines a natural association between informal requirements, their formal specifications, and the generated tests, thus facilitating traceability. Finally, we introduce a fault-based test-case generation technique, called model-based mutation testing, to requirement interfaces. It generates a test suite that covers a set of fault models, guaranteeing the detection of any corresponding faults in deterministic systems under test. We implemented a prototype test generation tool and demonstrate its applicability in two industrial use cases.
Highlights
Modern software and hardware systems are becoming increasingly complex, resulting in new design challenges
As a first industrial application, we present an automotive use case supplied by the European ARTEMIS project MBAT,10 that partially motivated our work on requirement interfaces
The second run of our test-case generation produced 525 mutants and 293 were detected as non-equivalent. This led to 61 unique test cases, which were able to detect 53 of the faulty mutants, resulting in a mutation score of 88%. This shows that the quality of model-based mutation testing for requirement interfaces is severely depending on the modeling style
Summary
Modern software and hardware systems are becoming increasingly complex, resulting in new design challenges. We first introduce requirement interfaces as the formalism for modeling system views as subsets of requirements It is a state-transition formalism that supports compositional specification of synchronous data-flow systems by means of assume/guarantee rules that we call contracts. We assume that the overall specification of the SUT is given as a conjunction of requirement interfaces modeling its different views. We present a procedure for TCG from a specific SUT view, modeled as a requirement interface, and a test purpose. The test purpose is a formal specification of the target state(s) that a test case should cover Such a test case can be used directly to detect if the implementation by the SUT violates a given requirement, but cannot detect violation of other requirements in the conjunction. We discuss related work (Sect. 6) and conclude our work (Sect. 7)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
