Constructing operational profiles for synchronous critical software

We describe a uniform approach to specify operational profiles for synchronous reactive software and to automatically generate random software inputs according to these profiles. The approach is general enough to allow realistic description of the operating environment: as the environment behavior is often characterized by properties expressing causal temporal dependencies, the operational profile specification technique gives a means to assign to the next event issued by the environment with a probability depending on any sequence of previous events. Two examples of reactive software controlling respectively a temperature control system and an elevator are used to illustrate the technique.

[1]  Nicolas Halbwachs,et al.  Minimal Model Generation , 1990, CAV.

[2]  John Gannon,et al.  State-based model checking of event-driven system requirements , 1991, SIGSOFT '91.

[3]  Ioannis Parissis,et al.  Testing synchronous critical software , 1994, Proceedings of 1994 IEEE International Symposium on Software Reliability Engineering.

[4]  Sheldon B. Akers,et al.  Binary Decision Diagrams , 1978, IEEE Transactions on Computers.

[5]  David Lorge Parnas,et al.  Evaluation of safety-critical software , 1990, CACM.

[6]  John D. Musa,et al.  Operational profiles in software-reliability engineering , 1993, IEEE Software.

[7]  Nicolas Halbwachs,et al.  Programming and Verifying Real-Time Systems by Means of the Synchronous Data-Flow Language LUSTRE , 1992, IEEE Trans. Software Eng..

[8]  Randal E. Bryant,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 1986, IEEE Transactions on Computers.

[9]  Denise M. Woit Specifying operational profiles for modules , 1993, ISSTA '93.