Stacy J. Prowell

Foundations of sequence-based software specification

Rigorous specification early in the software development process can greatly reduce the cost of later development and maintenance, as well as provide an explicit means to manage risk and identify and meet safety requirements. Sequence-based software specification is a collection of techniques for implementing rigorous, practical software specification. The primary result of this research is the sequence enumeration method of specification writing. Straightforward, systematic enumeration of all sequences to produce an arguably complete, consistent, and traceably correct specification is made practical by controlling the growth of the process.

JUMBL: a tool for model-based statistical testing

Statistical testing of software based on a usage model is a cost-effective and efficient means to make inferences about software quality. In order to apply this method, a usage model is developed and analyzed to validate its fitness for use in testing. The model may then be used to generate test cases representing expected usage, and to reason about system reliability given the performance on the set of tests. The J Usage Model Builder Library (JUMBL) is a Java class library and set of command-line tools for working with usage models. The JUMBL supports construction and analysis of models, generation of test cases, automated-execution of tests, and analysis of testing results.

Using Markov Chain Usage Models to Test Complex Systems

Model-based testing using Markov chain usage models provides a powerful way to address testing concerns. Unfortunately, the use of Markov chain usage models on systems which have multiple streams of control, or which have many modeless dialogs, has required approaches which limit automated testing (strong abstractions) or make models difficult to analyze (notations hiding a state explosion). This paper presents a new approach which relies on applying concurrency operators to the test cases generated from simple Markov chain usage models to create sophisticated test cases. This approach leverages existing tools and notations.

Computing system reliability using Markov chain usage models

Markov chains have been used successfully to model system use, generate tests, and compute statistics about anticipated system use in the field. Several reliability models are in use for Markov chain-based testing, but each has certain limitations. A Bayesian reliability model that is gaining support in field use is presented here.

TML: a description language for Markov chain usage models

Abstract Finite-state Markov chains have proven useful as a model to characterize a population of uses of a software system. This paper presents a language (TML) for describing these models in a manner that supports development, reuse, and automated testing. TML provides a simple representation of usage models, while formalizing modeling techniques already in use informally.

Sequence-based software specification of deterministic systems

Specification of software under the box structure method requires a complete, consistent, and traceably‐correct description of behavior solely in terms of external stimuli and responses. Such a specification, also called a black box, can be derived from the requirements through straightforward, systematic enumeration of all stimulus sequences. Enumeration is made manageable by the application of techniques for controlling the growth of this inherently combinatorial process, and specifications at different levels of abstraction may be combined to refine a black box specification. This work presents a unifying framework for development of specifications and testing models, and the focus on requirements traceability provides an explicit means to manage requirements change.

A cost-benefit stopping criterion for statistical testing

Determining when to stop a statistical test is an important management decision. Several stopping criteria have been proposed, including criteria based on statistical similarity, the probability that the system has a desired reliability, and the expected cost of remaining faults. This paper proposes a new stopping criterion based on a cost-benefit analysis using the expected reliability of the system (as opposed to an estimate of the remaining faults). The expected reliability is used, along with other factors such as units deployed and expected use, to anticipate the number of failures in the field and the resulting anticipated cost of failures. Reductions in this number generated by increasing the reliability are balanced against the cost of further testing to determine when testing should be stopped.

Position Statement: Methodology to Support Dependable Survivable Cyber-Secure Infrastructures

Information systems now form the backbone of nearly every government and private system. Increasingly these systems are networked together allowing for distributed operations, sharing of databases, and redundant capability. Ensuring these networks are secure, robust, and reliable is critical for the strategic and economic well being of the Nation. This paper argues in favor of a biologically inspired approach to creating survivable cyber-secure infrastructures (SCI). Our discussion employs the power transmission grid.

Automated vulnerability detection for compiled smart grid software

While testing performed with proper experimental controls can provide scientifically quantifiable evidence that software does not contain unintentional vulnerabilities (bugs), it is insufficient to show that intentional vulnerabilities exist, and impractical to certify devices for the expected long lifetimes of use. For both of these needs, rigorous analysis of the software itself is essential. Automated software behavior computation applies rigorous static software analysis methods based on function extraction (FX) to compiled software to detect vulnerabilities, intentional or unintentional, and to verify critical functionality. This analysis is based on the compiled firmware, takes into account machine precision, and does not rely on heuristics or approximations early in the analysis.

Automated Behavior Computation for Software Analysis and Validation

Software systems can exhibit massive numbers of execution paths, and even comprehensive testing can exercise only a small fraction of these. It is no surprise that systems experience errors and vulnerabilities in use when many executions are untested. Computations over the functional semantics of programs may offer a potential solution. Structured programs are expressed in a finite hierarchy of control structures, each of which corresponds to a mathematical function or relation. A correctness theorem defines transformation of these structures from procedural logic into non-procedural, as-built specifications of behavior. These computed specifications enumerate behavior for all circumstances of use and cover the behavior space. Automation of these computations affords a new means for validating software functionality and security properties. This paper describes theory and implementation for loop behavior computation in particular, and illustrates use of an automated behavior computation system to validate a miniature looping program with and without embedded malware.