Wang Linzhang

Generating test cases from UML activity diagram based on Gray-box method

Test case generation is the most important part of the testing efforts, the automation of specification based test case generation needs formal or semi-formal specifications. As a semi-formal modelling language, UML is widely used to describe analysis and design specifications by both academia and industry, thus UML models become the sources of test generation naturally. Test cases are usually generated from the requirement or the code while the design is seldom concerned, this paper proposes an approach to generate test cases directly from UML activity diagram using Gray-box method, where the design is reused to avoid the cost of test model creation. In this approach, test scenarios are directly derived from the activity diagram modelling an operation. Then all the information for test case generation, i.e. input/output sequence and parameters, the constraint conditions and expected object method sequence, is extracted from each test scenario. At last, the possible values of all the input/output parameters could be generated by applying category-partition method, and test suite could be systematically generated to find the inconsistency between the implementation and the design. A prototype tool named UMLTGF has been developed to support the above process.Test case generation is the most important part of the testing efforts, the automation of specification based test case generation needs formal or semi-formal specifications. As a semi-formal modelling language, UML is widely used to describe analysis and design specifications by both academia and industry, thus UML models become the sources of test generation naturally. Test cases are usually generated from the requirement or the code while the design is seldom concerned, this paper proposes an approach to generate test cases directly from UML activity diagram using Gray-box method, where the design is reused to avoid the cost of test model creation. In this approach, test scenarios are directly derived from the activity diagram modelling an operation. Then all the information for test case generation, i.e. input/output sequence and parameters, the constraint conditions and expected object method sequence, is extracted from each test scenario. At last, the possible values of all the input/output parameters could be generated by applying category-partition method, and test suite could be systematically generated to find the inconsistency between the implementation and the design. A prototype tool named UMLTGF has been developed to support the above process.

A Model Driven Development Framework for Enterprise Web Services

The growing scale and complexity of the enterprise computing systems under distributed and heterogeneous environments present new challenges to system development, integration, and maintenance. In this paper, we present a model driven web service development framework to combat these challenges. The framework capitalizes on the UML profile for Enterprise Distributed Object Computing (EDOC), MDA and Web Services. Within the framework, first, the platform independent models (PIMs) are created using the EDOC profile. Second, the PIMs are broken down into sub PIMs according to functional decomposition, each of which can provide service independently and will be implemented in a web service. Then, these sub PIMs are transformed into the corresponding web service interface models for service publication and invoking. Finally, supported by model transform techniques, the sub PIMs are implemented into web services on specific platforms. Automatic model transformation is the key to this framework, therefore, the transformation from EDOC models to Web Service interface models within this framework is deeply discussed, and the detailed transformation rules are proposed. A case study is also provided to demonstrate the effectiveness of these rules and the merits of this framework.

Scenario-based verification for component-based embedded software designs

In this paper, for embedded software systems we consider the problem of checking component-based designs for scenario-based specifications. The component-based designs are modelled by interface automaton networks which consist of a set of interface automata synchronized by shared actions, and the scenario-based specifications are specified by UML sequence diagrams. Based on investigating the reachability graph of the state space of the interface automaton networks, we develop the algorithms to check the existential consistency and the mandatory existential consistency including the forward, backward, and bidirectional mandatory existential consistency.

Runtime verification of java programs for scenario-based specifications

In this paper, we use UML sequence diagrams as scenariobased specifications, and give the solution to runtime verification of Java programs for the safety consistency and the mandatory consistency. The safety consistency requires that any forbidden scenario described by a given sequence diagram never happens during the execution of a program, and the mandatory consistency requires that if a reference scenario described by the given sequence diagrams occurs during the execution of a program, it must immediately adhere to a scenario described by the other given sequence diagram. In the solution, we first instrument the program under verification so as to gather the program execution traces related to a given scenario-based specification; then we drive the instrumented program by random test cases so as to generate the program execution traces; last we check if the collected program execution traces satisfy the given specification. Our work leads to a testing tool which may proceed in a fully automatic and push-button fashion.In this paper, we use UML sequence diagrams as scenario-based specifications, and give the solution to runtime verification of Java programs for the safety consistency and the mandatory consistency. The safety consistency requires that any forbidden scenario described by a given sequence diagram never happens during the execution of a program, and the mandatory consistency requires that if a reference scenario described by the given sequence diagrams occurs during the execution of a program, it must immediately adhere to a scenario described by the other given sequence diagram. In the solution, we first instrument the program under verification so as to gather the program execution traces related to a given scenario-based specification; then we drive the instrumented program by random test cases so as to generate the program execution traces; last we check if the collected program execution traces satisfy the given specification. Our work leads to a testing tool which may proceed in a fully automatic and push-button fashion.

Composed IIS path locating based optimization for bounded \\reachability analysis of compositional linear hybrid systems}{Composed IIS path locating based optimization for bounded reachability analysis of compositional linear hybrid systems

Hybrid systems include both discrete and continuous behavior and are widely used to model control systems. The reachability analysis of its unsafe state is an important method for guaranteeing the safety of a system. However, the current techniques do not scale well to the problems of practical interest. Due to the synchronization of components and the combinatorial explosion of state space, the reachability analysis of compositional linear hybrid system is extremely complex. In order to reduce the complexity, a path-oriented approach was proposed in a previous work, which conducted bounded reachability analysis of a compositional linear hybrid system. By enumerating and verifying each potential path one by one, the size of the problem that can be solved will be increased substantially. This path-oriented approach will become quite inefficient due to a sharp increase in the number of candidate paths when analyzing complex systems. The path explosion problem in model checking is also famous. To solve this problem, we propose a state-space reduction technique, which accelerates the verification process. We propose a method to locate the cause of infeasibility, when a composed infeasible path segment after a path set is proved to be infeasible. As we can simply falsify a path set that contains a composed infeasible path segment, the number of candidate paths can be reduced significantly. Furthermore, to avoid such composed path segments efficiently, we propose an approach based on satisfiability modulo theories (SMT), to traverse the bounded graph structure of the composed linear hybrid system. The results of the experiment show that the performance of the path-oriented bounded reachability analysis can be optimized significantly and that the overall performance of the proposed approach is better than that of the state-of-the-art competitor.

Modeling and analysis of wireless sensor network protocols by stochastic timed automata and statistical model checking

Recently, sensor technology has seen significant achievement. Meanwhile, Wireless Sensor Network (WSN) technique has attracted lots of attention because of its open and dynamic behaviors, and has become a very important component of the Internet-based computing. The behavior of WSN system is very complex and may encounter lots of stochastic uncertainties and disturbances like message loss and node dynamics. Furthermore, WSN system is difficult to change and maintain once it is deployed. Thus, it is critical to ensure the quality of the low level protocols of WSN system in design phase. Designers should ensure the logical correctness of a protocol, as well as evaluate the performance of the protocol under certain target environments. To handle these issues, in this paper, we propose a framework to analyze and evaluate WSN protocols based on stochastic timed automata and statistical model checking. We propose to address the modeling of the uncertainties in the realistic behaviors by weighted stochastic transitions in the timed automata model of the protocol. Furthermore, we propose that the performance of the protocol under realistic environments should be evaluated by statistical model checking which is much cheaper and more scalable. To illustrate the feasibility and detail of the modeling and verification approach presented in this paper, two well-known WSN protocols, Timing-sync Protocol for Sensor Networks (TPSN) and Flooding Time Synchronization Protocol (FTSP), are studied thoroughly throughout the paper.

A Partial Order Reduction Technique for Parallel Timed Automaton Model Checking

We propose a partial order reduction technique for timed automaton model checking in this paper. We first show that the symbolic successors w.r.t. partial order paths can be computed using DBMs. An algorithm is presented to compute such successors incrementally. This algorithm can avoid splitting the symbolic states because of the enumeration order of independent transitions. A reachability analysis algorithm based on this successor computation algorithm is presented. Our technique can be combined with some static analysis techniques in the literate. Further more, we present a rule to avoid exploring all enabled transitions, thus the space requirements of model checking are further reduced.We propose a partial order reduction technique for timed automaton model checking in this paper. We first show that the symbolic successors w.r.t. partial order paths can be computed using DBMs. An algorithm is presented to compute such successors incrementally. This algorithm can avoid splitting the symbolic states because of the enumeration order of independent transitions. A reachability analysis algorithm based on this successor computation algorithm is presented. Our technique can be combined with some static analysis techniques in the literate. Further more, we present a rule to avoid exploring all enabled transitions, thus the space requirements of model checking are further reduced.