On Model-based Testing of GALS Systems

This dissertation focuses on the model-based testing of GALS (GloballyAsynchronous and Locally Synchronous) systems, which are inherentlycomplex because of the combination of synchronous and asynchronous aspects.To cope with this complexity, we explore three directions:(1) techniques for synchronous components;(2) techniques for communication protocols between components; and(3) techniques for complete GALS systems, combining theresults of the two previous directions.In the first direction, we explore formal techniques for the functionaltesting of synchronous components.As a case-study, we reconsider the Message Authenticator Algorithm(MAA), a pioneering cryptographic function designed in the mid-80s, andformalize it as a synchronous dataflow.The modeling and validation of the MAA enabled us to discover variousmistakes in prior (informal and formal) specifications of the MAA, thetest vectors and code of the ISO 1987 and ISO 1990 standards, and incompilers and verification tools used by us.In the second direction, we explore the formalization and the functionaltesting of a communication protocol. As a case-study, we reconsider the formalization of the Transport Layer Security (TLS) handshake, a protocol responsible for the authentication and exchange of keys necessary to establish or resume a secure communication.Our model of the TLS version 1.3 has been validated by an approach using our new on-the-fly conformance test case generation tool, named TESTOR, developed on top of the CADP toolbox.TESTOR explores the model and generates automatically a set of controllable testcases or a complete test graph (CTG) to be executed on a physical implementation ofthe system.In the third direction, we propose a testing methodology for GALSsystems combining the two previous directions.We leverage the conformance test generation for asynchronous systems toautomatically derive realistic scenarios (inputs constraints andoracles), which are necessary ingredients for the unit testing of individual synchronouscomponents, and are difficult and error-prone to design manually.Thus our methodology integrates(1) synchronous and asynchronous concurrent models;(2) functional unit testing and behavioral conformance testing;and (3) various formal methods and their tool equipments.We illustrate our methodology on a simple, but relevant example inspiredby autonomous cars.