Using model checking to generate tests from requirements specifications

Recently, many formal methods, such as the SCR (Software Cost Reduction) requirements method, have been proposed for improving the quality of software specifications. Although improved specifications are valuable, the ultimate objective of software development is to produce software that satisfies its requirements. To evaluate the correctness of a software implementation, one can apply black-box testing to determine whether the implementation, given a sequence of system inputs, produces the correct system outputs. This paper describes a specification-based method for constructing a suite of test sequences, where a test sequence is a sequence of inputs and outputs for testing a software implementation. The test sequences are derived from a tabular SCR requirements specification containing diverse data types, i.e., integer, boolean, and enumerated types. From the functions defined in the SCR specification, the method forms a collection of predicates called branches, which “cover” all possible software behaviors described by the specification. Based on these predicates, the method then derives a suite of test sequences by using a model checker's ability to construct counterexamples. The paper presents the results of applying our method to four specifications, including a sizable component of a contractor specification of a real system.

[1]  Constance L. Heitmeyer,et al.  Automatic generation of state invariants from requirements specifications , 1998, SIGSOFT '98/FSE-6.

[2]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[3]  David Lorge Parnas,et al.  Documentation for safety critical software , 1993, Proceedings of 1993 15th International Conference on Software Engineering.

[4]  Ferhat Khendek,et al.  Test Selection Based on Finite State Models , 1991, IEEE Trans. Software Eng..

[5]  L. Finneran,et al.  Experience applying the CoRE method to the Lockheed C-130J software requirements , 1994, Proceedings of COMPASS'94 - 1994 IEEE 9th Annual Conference on Computer Assurance.

[6]  Boris Beizer,et al.  Software Testing Techniques , 1983 .

[7]  William E. Howden,et al.  A functional approach to program testing and analysis , 1986, IEEE Transactions on Software Engineering.

[8]  Paul Ammann,et al.  Using model checking to generate tests from specifications , 1998, Proceedings Second International Conference on Formal Engineering Methods (Cat.No.98EX241).

[9]  Steve Easterbrook,et al.  Formal methods for verification and validation of partial specifications: A case study , 1998, J. Syst. Softw..

[10]  Debra J. Richardson,et al.  Specification-based test oracles for reactive systems , 1992, International Conference on Software Engineering.

[11]  Sandro Morasca,et al.  Generating test cases for real-time systems from logic specifications , 1995, TOCS.

[12]  Constance L. Heitmeyer,et al.  Automated consistency checking of requirements specifications , 1996, TSEM.

[13]  Constance L. Heitmeyer,et al.  Tools for formal specification, verification, and validation of requirements , 1997, Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance.

[14]  Mark Blackburn,et al.  Automatic generation of test vectors for SCR-style specifications , 1997, Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance.

[15]  Steven P. Miller Specifying the mode logic of a flight guidance system in CoRE and SCR , 1998, FMSP '98.

[16]  Myla Archer,et al.  Using Abstraction and Model Checking to Detect Safety Violations in Requirements Specifications , 1998, IEEE Trans. Software Eng..

[17]  Kenneth L. McMillan,et al.  Symbolic model checking , 1992 .

[18]  Loe M. G. Feijs,et al.  Test Generation for Intelligent Networks Using Model Checking , 1997, TACAS.

[19]  Natarajan Shankar,et al.  Experiments in Theorem Proving and Model Checking for Protocol Verification , 1996, FME.

[20]  Boris Beizer,et al.  Software testing techniques (2. ed.) , 1990 .

[21]  David A. Carrington,et al.  A Framework for Specification-Based Testing , 1996, IEEE Trans. Software Eng..

[22]  David Lorge Parnas,et al.  Software Requirements for the A-7E Aircraft. , 1992 .

[23]  Elaine J. Weyuker,et al.  Automatically Generating Test Data from a Boolean Specification , 1994, IEEE Trans. Software Eng..