Smart contract denial-of-service analysis using non-blocking verification

Modeling and Security Verification of State-Based Smart Contracts

In the EFSM (extended finite state machine) model, the behavior of each protocol entity is described as a finite state machine (FSM), and a set of context variables declared for the entity can be accessed during state transitions. One of the most severe difficulties in using reachability analysis for protocol validation in the EFSM model is the global state explosion problem. The problem is caused in part by a wide range of possible values that could be taken on by a context variable. To alleviate the effect of context variables on the global state explosion problem, two global state graph reduction techniques are proposed. In the first reduction technique, the authors define a global state equivalence based on dead variable sets. The global state graph is then generated taking the global state equivalence into consideration. An upper bound for the effect of the first reduction technique on the reduction of the global state graph is shown. A second reduction technique based on a similar reasoning is derived to complement the first reduction technique. >

Automatic Conversion of Smart Contracts for Non-Blocking Verification

Extended finite state machine (EFSM) is among the most popular models for model-based testing. However, automated test case generation on EFSM models is still a challenging task since an EFSM model may contains infeasible paths. This paper proposed a novel approach (ATGEM) to generate test case and construct oracle information from EFSM automatically. To address the infeasible problem, a metric based on data flow analysis is presented to predict the infeasible probability so as to bypass the infeasible paths as far as possible and improve the test case generation efficiency. Afterwards, an executable EFSM model is developed to obtain runtime feedback information as a fitness function in order to generate test data and construct oracle information automatically. This approach, which can generate various types data and has a wide range of applications, combines static analysis and dynamic analysis aims to find a preferable feasible path subset to generate test cases and meet adequacy coverage criteria. The experimental results on several EFSM models show that test case generation method and path feasibility metric have good effectiveness. Utilizing path feasibility metric can speed up the process of test case generation greatly, and ATGEM is more efficient than existing method.

Model-based testing is one of the most effective methods for testing web applications, where the integrity of models determines the effectiveness and efficiency of testing. Static/dynamic analysis techniques are widely used to construct models for web applications. However, it is almost impossible to build a complete model for web applications by static analysis techniques since web applications are driven by events, and web pages are generated dynamically. Dynamic analysis techniques construct models through monitoring the execution of web applications and capturing the pivotal behavior information. But it is challenging to explore all possible behaviors, resulting in incomplete models. So, the combination of dynamic and static analysis techniques is a viable way to construct a more complete model for web applications. Extended Finite State Machine (EFSM) is considered more suitable to represent modern web applications. So this paper defines an integrity criterion for EFSM models of web applications and proposes a model completion method by combining dynamic analysis and static analysis techniques. Static analysis is used to collect all behaviors from the source code of web application, identify the uncovered ones from the EFSM model built according to the integrity criterion, and find feasible transition sequences for the uncovered behaviors on the EFSM model. Furthermore, we design multiple priority rules for transition sequence generation to improve its efficiency. The dynamic analysis is employed to simulate the execution of feasible transition sequences on the EFSM model such that the uncovered behaviors can be added into the model to improve its integrity. We implement our method in a prototype tool called AutoMC and conduct a series of experiments on five open-source web applications. The experiment results show that our method can complete the model of web applications, and the priority rules provide effective guidance in transition sequence generation. The model’s integrity improved by 22.68% on average.

Web Services are the W3C-endorsed realization of the Service-Oriented Architecture (SOA). How to automatically generate effective test suites is a key problem in Web services testing. At present, the existing testing methods may cause the redundancy of test suite and the decrease of fault detecting ability. So this paper proposes an automated test suite generation approach based on EFSM (Extended Finite State Machine) model and operation interface contract. The operation tree model is firstly constructed according to the standard WSDL (Web Services Description Language) document. By appending semantic annotation to standard WSDL, the EFSM model is then built to generate operation sequences automatically. Finally, the optimal test suite can be obtained according to the operation interface contract. Moreover, the experiment shows that the proposed approach can generate reasonable test suites for stateful Web services effectively, while enhancing the fault detection ability and optimality on the size of existing approach.

The research of software design, based on the supervisory control theory, is an important content in software cybernetics. The existing software model used in the software design with the supervisory control theory is Polynomial Dynamic System (PDS), which is transformed from SIGNAL files. This obstructs its widespread application. Extended Finite State Machine (EFSM) model is widely applied in software engineering field and it may alleviate the state explosion problem of Finite State Machine (FSM) to some extent. In this paper, the EFSM model is suggested to study software design problem. This paper proposed two kinds of software design problems based on EFSM model. For the first problem, a necessary and sufficient condition for software existence is obtained. For the second problem, a necessary and sufficient condition for software existence and an optimal algorithm to such software design are presented.

An Extended Finite State Machine (EFSM) is one of the most popular models used in protocol testing field. A specific graphical EFSM model consists of two parts: state elements and transition elements. This paper presents a method for building a visual EFSM modeling system (VEMS), which is used to construct visual protocol EFSM models for protocol testing. VEMS consists of two main modules. One is the modeling module and the other is the model information analysis module. The function of our system can satisfy the requirements to build a visual EFSM model in protocol testing. Specially, users can modify the properties of states and transitions, change the size of states and transitions, build connection between states and transitions, etc. VEMS provides a good modeling support for protocol testing. Its advantages include friendly user interface, simple modeling operation, model persistence and recovery.

Run-time fault detection in communication protocols is essential because of faults that occur in the form of coding defects, memory problems, and external disturbances. Finite State Machine models have been used in the past to detect and diagnose protocol faults. However, the fault coverage of these models is limited to vocabulary faults and sequencing faults. We present an Extended Finite State Machine Model (EFSM) to augment the fault coverage of the FSM model. We extend the parallel decomposition method to EFSMs in order to reduce the size of the observer used to detect faults. The decomposition of the EFSM into several independent EFSMs results in multiple observers. The distributed fault detection mechanism increases the reliability of the fault detection and the EFSM model improves the fault coverage.

Extended finite state machines (EFSM) models are currently widely utilized to model embedded and control systems. Thus, there are recent upsurge studies to generate test data from EFSM models (EFSM-based testing). Applying metaheuristic search-based techniques (MHSBT) for automating the process of test case generation from EFSM models has become a proliferated field of interest during the last decade.lt has been defined that MHSBT find the optimal set of test cases among all possible test cases at reasonable cost. However, successful futuristic MHSBT for EFSM-based testing demand deep insight into the existing solutions that underlines stringent issues and challenges, which are lacking. The objective of this study is to analyze the current state-of-the-art of the application of MHSBT for EFSM-based testing. The study investigates the main issues in EFSM-based testing, including cost, continuous data, infeasible path, complex data structure, and concurrency. The current applications of MHSBT to solve these issues were elucidated. This study advocates that the majority of problems stem from the intrinsic features of EFSM models. Several open issues on EFSM-based testing adoption are presented as future research directions.

Software maintenance is becoming more challenging with the increased complexity of the software and the frequently applied changes. Performing impact analysis before the actual implementation of a change is a crucial task during system maintenance. While many tools and techniques are available to measure the impact of a change at the code level, only a few research work is done to measure the impact of a change at an earlier stage in the development process. Measuring the impact of a change at the model level speeds up the maintenance process allowing early discovery of critical components of the system before applying the actual change at the code level. In this paper, we present model-based impact analysis approach for state-based systems such as telecommunication or embedded systems. The proposed approach uses model dependencies to automatically measure the expected impact for a requested change instead of relying on the expertise of system maintainers, and it generates two impact sets representing the lower bound and the upper bound of the impact. Although it can be extended to other behavioral models, the presented approach mainly addresses extended finite-state machine (EFSM) models. An empirical study is conducted on six EFSM models to investigate the usefulness of the proposed approach. The results show that on average the size of the impact after a single modification (a change in a one EFSM transition) ranges between 14 and 38 % of the total size of the model. For a modification involving multiple transitions, the average size of the impact ranges between 30 and 64 % of the total size of the model. Additionally, we investigated the relationships (correlation) between the structure of the EFSM model, and the size of the impact sets. Upon preliminary analysis of the correlation, the concepts of model density and data density were defined, and it was found that they could be the major factors influencing the sizes of impact sets for models. As a result, these factors can be used to determine the types of models for which the proposed approach is the most appropriate.

Software maintenance is becoming more challenging with the increased complexity of the software and the frequently applied changes. Performing impact analysis before the actual implementation of a change is a crucial task during system maintenance. While many tools and techniques are available to measure the impact of a change at the code level, only a few research work is done to measure the impact of a change at an earlier stage in the development process. Measuring the impact of a change at the model level speeds up the maintenance process allowing early discovery of critical components of the system before applying the actual change at the code level. In this paper, we present model-based impact analysis approach for state-based systems such as telecommunication or embedded systems. The proposed approach uses model dependencies to automatically measure the expected impact for a requested change instead of relying on the expertise of system maintainers, and it generates two impact sets representing the lower bound and the upper bound of the impact. Although it can be extended to other behavioral models, the presented approach mainly addresses extended finite-state machine (EFSM) models. An empirical study is conducted on six EFSM models to investigate the usefulness of the proposed approach. The results show that on average the size of the impact after a single modification (a change in a one EFSM transition) ranges between 14 and 38 % of the total size of the model. For a modification involving multiple transitions, the average size of the impact ranges between 30 and 64 % of the total size of the model. Additionally, we investigated the relationships (correlation) between the structure of the EFSM model, and the size of the impact sets. Upon preliminary analysis of the correlation, the concepts of model density and data density were defined, and it was found that they could be the major factors influencing the sizes of impact sets for models. As a result, these factors can be used to determine the types of models for which the proposed approach is the most appropriate.

This chapter is a tutorial that teaches you how to design extended finite state machine (EFSM) test models for a system that you want to test. EFSM models are more powerful and expressive than simple finite state machine (FSM) models, and are one of the most commonly used styles of models for model-based testing, especially for embedded systems. There are many languages and notations in use for writing EFSM models, but in this tutorial we write our EFSM models in the familiar Java programming language. To generate tests from these EFSM models we use ModelJUnit, which is an open-source tool that supports several stochastic test generation algorithms, and we also show how to write your own model-based testing tool. We show how EFSM models can be used for unit testing and system testing of embedded systems, and for offline testing as well as online testing.

A typical approach utilized for automated test case generation is to create a model of the implementation under test. Extended Finite State Machine (EFSM) is among the most popular models for model-based testing. However, automated test case generation on EFSM models is still a challenge task as a result of the fact that an EFSM model may contain infeasible paths. In this article we present a novel approach that combines static analysis and dynamic analysis techniques to address the problems of path infeasibility in the process of test case generation on EFSM models. A metric is presented for the purpose of finding a path subset that has few paths, long path length and goodness feasibility to meet adequacy coverage criteria. In addition, we develop an executable model to obtain run-time information feedback and introduce the Scatter Search into test case generation. Based on the executable model, the expected outputs associated with test data are also collected for construction of test oracles automatically. The experimental results show that our approach has good effectiveness for test case generation on EFSM models, and the method that combines static analysis and dynamic analysis can speed up the process of test case generation greatly.

Summary form only given, as follows. This paper introduces a methodology for automated test pattern generation (ATPG) for VHDL codes of VLSI chips. A VHDL specification of a VLSI chip can be modeled as a data flow graph based EFSM (Extended Finite State Machine). The EFSM model is then checked for any of the three types of defined consistencies. Techniques available for finite state machines (FSM) testing can then be used to generate test patterns for the consistent EFSM model (with all inconsistencies detected and removed). Algorithms are being developed and coded for detection and removal of inconsistencies and for optimized test pattern generation for the consistent EFSM. Examples are used to introduce and explain the processes, algorithms and tools used in this project.