Li Xuandong

Generating test cases from UML activity diagram based on Gray-box method

Test case generation is the most important part of the testing efforts, the automation of specification based test case generation needs formal or semi-formal specifications. As a semi-formal modelling language, UML is widely used to describe analysis and design specifications by both academia and industry, thus UML models become the sources of test generation naturally. Test cases are usually generated from the requirement or the code while the design is seldom concerned, this paper proposes an approach to generate test cases directly from UML activity diagram using Gray-box method, where the design is reused to avoid the cost of test model creation. In this approach, test scenarios are directly derived from the activity diagram modelling an operation. Then all the information for test case generation, i.e. input/output sequence and parameters, the constraint conditions and expected object method sequence, is extracted from each test scenario. At last, the possible values of all the input/output parameters could be generated by applying category-partition method, and test suite could be systematically generated to find the inconsistency between the implementation and the design. A prototype tool named UMLTGF has been developed to support the above process.Test case generation is the most important part of the testing efforts, the automation of specification based test case generation needs formal or semi-formal specifications. As a semi-formal modelling language, UML is widely used to describe analysis and design specifications by both academia and industry, thus UML models become the sources of test generation naturally. Test cases are usually generated from the requirement or the code while the design is seldom concerned, this paper proposes an approach to generate test cases directly from UML activity diagram using Gray-box method, where the design is reused to avoid the cost of test model creation. In this approach, test scenarios are directly derived from the activity diagram modelling an operation. Then all the information for test case generation, i.e. input/output sequence and parameters, the constraint conditions and expected object method sequence, is extracted from each test scenario. At last, the possible values of all the input/output parameters could be generated by applying category-partition method, and test suite could be systematically generated to find the inconsistency between the implementation and the design. A prototype tool named UMLTGF has been developed to support the above process.

Automatic test case generation for UML activity diagrams

The test case generation from design specifications is an important work in testing phase. In this paper, we use UML activity diagrams as design specifications, and present an automatic test case generation approach. The approach first randomly generates abundant test cases for a JAVA program under testing. Then, by running the program with the generated test cases, we can get the corresponding program execution traces. Last, by comparing these traces with the given activity diagram according to the specific coverage criteria, we can get a reduced test case set which meets the test adequacy criteria. The approachcan also be used to check the consistency between the program execution traces and the behavior of UML activity diagrams.The test case generation from design specifications is an important work in testing phase. In this paper, we use UML activity diagrams as design specifications, and present an automatic test case generation approach. The approach first randomly generates abundant test cases for a JAVA program under testing. Then, by running the program with the generated test cases, we can get the corresponding program execution traces. Last, by comparing these traces with the given activity diagram according to the specific coverage criteria, we can get a reduced test case set which meets the test adequacy criteria. The approachcan also be used to check the consistency between the program execution traces and the behavior of UML activity diagrams.

Timing Analysis of UML Activity Diagrams

UML activity diagrams can be used for modeling the dynamic aspects of systems and for constructing executable systems through forward and reverse engineering. They are very suitable for describing the model of program behaviour. In this paper, we extend UML activity diagrams by introducing timing constraints so that they can be used to model real-time software systems, and give the solution for timing analysis of UML activity diagrams. We give the solution for timing analysis of simple UML activity diagrams (containing no loop) by linear programming, and present an algorithm for checking UML activity diagrams using integer time verification techniques. This work forms a base for verification of real-time software systems.

Modelling and analysis of power consumption for component-based embedded software

With the increasing complexity of the real-time embedded software, the power consumption is becoming a real challenge in the system designs. In this paper, for modelling the component-based embedded software, the interface automata is extended by adding time intervals on the actions and assigning energy consumption rates on the states. The extensional formalism is called energy interface automata. Then the system designs are modelled by energy interface automaton networks which consist of a set of energy interface automata synchronized by shared actions. Based on analyzing the integer state space of the energy interface automaton networks and its compatible reachiability graph, we develop two algorithms for the problem of the minimal energy consumption calculation and the maximal energy consumption verification respectively.With the increasing complexity of the real-time embedded software, the power consumption is becoming a real challenge in the system designs. In this paper, for modelling the component-based embedded software, the interface automata is extended by adding time intervals on the actions and assigning energy consumption rates on the states. The extensional formalism is called energy interface automata. Then the system designs are modelled by energy interface automaton networks which consist of a set of energy interface automata synchronized by shared actions. Based on analyzing the integer state space of the energy interface automaton networks and its compatible reachiability graph, we develop two algorithms for the problem of the minimal energy consumption calculation and the maximal energy consumption verification respectively.

Hybrid Regular Expressions

In this paper, we consider the problem verifying hybrid systems modelled by linear hybrid automata. We extend the traditional regular expressions with time constraints and use them as a language to describe the behaviour of a class of linear hybrid automata. The extended notation is called Hybrid Regular Expression (HRE). Based on linear programming, we show that for the class of linear hybrid automata whose behaviour can be represented by HREs, two class of teachability problems and the satisfaction problem for linear duration invariants are decidable. 1 I n t r o d u c t i o n The formalism of hybrid au toma ta [1] have become a s tandard model for realt ime and hybrid systems. A class of hybrid systems can be modelled by linear hybrid au tomata . Informally, a linear hybrid au tomaton is a conventional automaton extended with a set of variables, which are used to model the s tate of the continuous component of hybrid systems and are assumed to be piecewise linear functions of time. The states of the au tomaton called locations are assigned with a change rate for each variable, such as ~ = w (x is a variable, w is a real number) , an d the transitions of the au tomaton are labelled with constraints on the variables such as a < x < b and /or with reset actions such as x :-c (x is a variable, a, b, and c are real numbers). Each location is also assigned with an invariant condition tha t must hold when the system resides at the location. The au tomaton starts at one of the initial locations with all variables initialised to their initial values. As t ime progresses, the values of all variables change continuously according to the rate associated with the current location. At any time, the system can change its current location from s to s ~ provided tha t there is a transit ion p from s to s ~ whose labelling conditions are satisfied by the current value of the variables. With a location change by a transit ion p, all the variables are reset to the new value accordingly by the reset actions labelled on p. Transitions are assumed to be instantaneous. This work is supported by the National Natural Science Foundation of China and International Institute for Software Technology, The United Nations University (UNU/IIST).In this paper, we consider the problem verifying hybrid systems modelled by linear hybrid automata. We extend the traditional regular expressions with time constraints and use them as a language to describe the behaviour of a class of linear hybrid automata. The extended notation is called Hybrid Regular Expression (HRE). Based on linear programming, we show that for the class of linear hybrid automata whose behaviour can be represented by HREs, two class of reachability problems and the satisfaction problem for linear duration invariants are decidable.

A Model Driven Development Framework for Enterprise Web Services

The growing scale and complexity of the enterprise computing systems under distributed and heterogeneous environments present new challenges to system development, integration, and maintenance. In this paper, we present a model driven web service development framework to combat these challenges. The framework capitalizes on the UML profile for Enterprise Distributed Object Computing (EDOC), MDA and Web Services. Within the framework, first, the platform independent models (PIMs) are created using the EDOC profile. Second, the PIMs are broken down into sub PIMs according to functional decomposition, each of which can provide service independently and will be implemented in a web service. Then, these sub PIMs are transformed into the corresponding web service interface models for service publication and invoking. Finally, supported by model transform techniques, the sub PIMs are implemented into web services on specific platforms. Automatic model transformation is the key to this framework, therefore, the transformation from EDOC models to Web Service interface models within this framework is deeply discussed, and the detailed transformation rules are proposed. A case study is also provided to demonstrate the effectiveness of these rules and the merits of this framework.

Scenario-based verification for component-based embedded software designs

In this paper, for embedded software systems we consider the problem of checking component-based designs for scenario-based specifications. The component-based designs are modelled by interface automaton networks which consist of a set of interface automata synchronized by shared actions, and the scenario-based specifications are specified by UML sequence diagrams. Based on investigating the reachability graph of the state space of the interface automaton networks, we develop the algorithms to check the existential consistency and the mandatory existential consistency including the forward, backward, and bidirectional mandatory existential consistency.

Scope Logic: An Extension to Hoare Logic for Pointers and Recursive Data Structures

This paper presents an extension to Hoare Logic for pointer program verification. The main observation leading to this logic is that the value of an expression e depends only on the contents stored in a finite set of memory units. This set can be specified using another expression (called the memory scope of e) constructed syntactically from e. A set of construction rules are given in this paper for expressions which may contain recursive functions (predicates). It is also observed that the memory scope of e is a super set of the memory scope of the memory scope of e. Based on this, local reasoning can be supported using assertion variables which represent arbitrary assertions. Program-pointspecific expressions are used to specify the relations between different program points. Another feature of this logic is that for formulas with no user-defined functions, the weakest-preconditions can be calculated w.r.t. assignments.This paper presents an extension to Hoare Logic for pointer program verification. The main observation leading to this logic is that the value of an expression e depends only on the contents stored in a finite set of memory units. This set can be specified using another expression (called the memory scope of e) constructed syntactically from e. A set of construction rules are given in this paper for expressions which may contain recursive functions (predicates). It is also observed that the memory scope of e is a super set of the memory scope of the memory scope of e. Based on this, local reasoning can be supported using assertion variables which represent arbitrary assertions. Program-point-specific expressions are used to specify the relations between different program points. Another feature of this logic is that for formulas with no user-defined functions, the weakest-preconditions can be calculated w.r.t. assignments.

Runtime verification of java programs for scenario-based specifications

In this paper, we use UML sequence diagrams as scenariobased specifications, and give the solution to runtime verification of Java programs for the safety consistency and the mandatory consistency. The safety consistency requires that any forbidden scenario described by a given sequence diagram never happens during the execution of a program, and the mandatory consistency requires that if a reference scenario described by the given sequence diagrams occurs during the execution of a program, it must immediately adhere to a scenario described by the other given sequence diagram. In the solution, we first instrument the program under verification so as to gather the program execution traces related to a given scenario-based specification; then we drive the instrumented program by random test cases so as to generate the program execution traces; last we check if the collected program execution traces satisfy the given specification. Our work leads to a testing tool which may proceed in a fully automatic and push-button fashion.In this paper, we use UML sequence diagrams as scenario-based specifications, and give the solution to runtime verification of Java programs for the safety consistency and the mandatory consistency. The safety consistency requires that any forbidden scenario described by a given sequence diagram never happens during the execution of a program, and the mandatory consistency requires that if a reference scenario described by the given sequence diagrams occurs during the execution of a program, it must immediately adhere to a scenario described by the other given sequence diagram. In the solution, we first instrument the program under verification so as to gather the program execution traces related to a given scenario-based specification; then we drive the instrumented program by random test cases so as to generate the program execution traces; last we check if the collected program execution traces satisfy the given specification. Our work leads to a testing tool which may proceed in a fully automatic and push-button fashion.

An Instrumentation Tool for Program Dynamic Analysis in Java

Dynamic analysis has been widely used in program analysis. Instrumentation is a general technology used to trace dynamic behavior of software. This paper presents a java source code instrumentation tool, which supports making instrumentation manually and automatically according to rules based on AST analysis. On one hand, users can instrument source code manually. It supports to manage those instrumentation points. On the other hand, code snippets can be instrumented automatically in compliance with criteria defined by users. This tool defines some inside criteria and makes instrumentation automatically for them. Whats more, these inside criteria can be expanded. By instrumentation, a dynamic execution report about the java source code can be obtained.