Adilson Luiz Bonifacio

Test Suite Completeness and Partial Models

Test suite generation and coverage analysis have been widely studied for FSM-based models. Several studies focused on specific conditions for verifying completeness of test suites. Some have found necessary conditions for test suite completeness, whereas other approaches obtained sufficient, but not necessary, conditions for this problem. Most of these works restricted the specification or the implementation FSM models in several ways. Some works show how to generate specific complete test suites, but they do not deal with the general problem of checking completeness for any given test suite. In this work we describe necessary and sufficient conditions that guarantee test suite completeness even in the presence of partial FSM models, and when test cases are blocking.

On the completeness of test suites

Test suite generation for Finite State Machines (FSMs) has been largely investigated. Here, we describe necessary and sufficient conditions for m-completeness of test suites when the specification and implementation are modeled as FSMs. Many earlier works imposed several conditions upon the specification or on the implementation models. We impose weak a priori restrictions on the models. In particular, we do not require reduced models nor complete specifications.

MODEL PARTITIONS AND COMPACT TEST CASE SUITES

We present a generalized test case generation method, called the G method. Although inspired by the W method, the G method, in contrast, allows for test case suite generation even in the absence of characterization sets for the specification models. Instead, the G method relies on knowledge about the index of certain equivalences induced at the implementation models. We show that the W method can be derived from the G method as a particular case. Moreover, we discuss some naturally occurring infinite classes of FSM models over which the G method generates test suites that are exponentially more compact than those produced by the W method.

Towards Deriving Test Sequences by Model Checking

Model-based testing automatically generates test cases from a model describing the behavior of the system under test. Although there exist several model-based formal testing methods, they usually do not address time constraints, mainly due to the fact that some supporting formalisms do not allow a suitable representation of time. In this paper, we consider such constraints in a framework of Timed Extended Finite State Machines (TEFSMs), which augment the Extended Finite State Machine (EFSM) model by including a notion of explicit and implicit time advancement. We use this extension to address conformance testing by reducing the confirming configuration problem to the problem of finding a path in a TEFSM product.

Partial Models and Weak Equivalence

One of the important tasks in model-based testing is checking completeness of test suites. In this paper we first extend some known sufficient conditions for test suite completeness by also allowing partial implementations. We also study a new notion of equivalence, and show that the same conditions are still sufficient when treating complete implementations. But when we also allow for partial implementations under this new notion of equivalence such conditions are not sufficient anymore for the completeness of test suites.

A new method for testing timed systems

Devising formal techniques and methods that can automatically generate test suites for timed systems has remained a challenge. In this paper Timed Input/Output Automata (TIOA) are used as a formal specification model for timed systems. This work proposes and proves the correctness of a new and more general discretization method that can be used to obtain grid automata corresponding to specification TIOA, using almost any granularity of interest. Such flexibility to find a suitable granularity opens the possibility for a more compact construction of grid automata. It is also shown how test purposes can be used together with the specification TIOA in order to generate grid automata that capture the behavior of both the specification and the test purpose. From such grid automata one can algorithmically extract test suites that can be used to verify whether given implementations adhere to the specification and reflect the properties modeled using the test purposes. Copyright

Test suite completeness and black box testing: Test suite completeness and black box testing

Model‐based testing has been widely studied and successfully applied to generate and verify completeness of test suites. Roughly, test suite completeness guarantees that, in a deterministic setting, any nonequivalent implementation under test will always be identified. Several approaches discuss sufficient, and sometimes also necessary, conditions on specification models and test suites to be able to guarantee test suite completeness. In these studies, usually, test cases are required to be nonblocking—that is, they are required to run to completion—on both the specification and the implementation models. However, often, it is desirable to have blocking test cases, and in some situations the presence of blocking test cases cannot be circumvented. In the present work test cases are allowed to block, both in the specification and in the implementation models, and a natural variant of completeness is then studied, here called perfectness. Perfectness guarantees that noncompliance between a specification and an implementation will always be detected, even in the presence of blocking test cases. This work characterizes perfectness in isomorphisms and establishes a relationship between the classical notions of completeness and perfectness. Also, a sharp upper bound is given on the number of states in implementations, beyond which no test suite can be completed.

Experimental comparison of approaches for checking completeness of test suites from finite state machines

Abstract Context Many approaches have been proposed for checking test suite completeness for Finite State Machines (FSMs). Some approaches provide sufficient conditions whereas others give necessary and sufficient conditions for test suite completeness. One method, called the CONF method, is based on sufficient conditions, and relies on a search for confirmed sets when checking completeness. If a confirmed set cannot be found, then the outcome is inconclusive. Another method, the SIM method, is based on the notion of simulation relations, and relies on necessary and sufficient conditions when checking test suite completeness. The SIM method always returns conclusive verdicts about suite completeness. Objective In this work, we describe experimental results comparing these two methods. We also investigate when both methods can be combined for checking completeness of test suites. Method We evaluate both strategies according to different parameters of the FSMs, such as the number of states and the number of transitions in the FSM models, the size of input and output alphabets of the FSM models, as well as the size of the test suites. We also report on the relative rates of conclusive and inconclusive verdicts when using both methods. Results We see that these methods are complementary, which allows for a combined strategy: the CONF method is the fastest in terms of processing time, while the SIM method is not as scalable in terms of the size of the specifications. Conclusion The experimental results indicated a substantial difference for the rate of positive verdicts obtained by the SIM method when compared with the number of positive answers returned by the CONF method.

Modeling and Parameters Synthesis for an Air Traffic Management System

The aim of this work is to apply formal specification techniques to model real-time distributed systems arising from real-world applications. The target system is an Air Traffic Management System (ATM), which uses the Traffic alert and Collision Avoidance System (TCAS) protocol. The formal models developed here are based on the notion of hybrid automata. Semi-automatic tools are used in the verification of the models, and some important system parameters are synthesizedusing parametric analysis. All results were obtained on a 350MHz desktop PC, with 320MB of main memory.