论文信息 - Metamorphic Testing Integer Overflow Faults of Mission Critical Program: A Case Study

Metamorphic Testing Integer Overflow Faults of Mission Critical Program: A Case Study

For mission critical programs, integer overflow is one of the most dangerous faults. Different testing methods provide several effective ways to detect the defect. However, it is hard to validate the testing outputs, because the oracle of testing is not always available or too expensive to get, unless the program throws an exception obviously. In the present study, the authors conduct a case study, where the authors apply a metamorphic testing (MT) method to detect the integer overflow defect and alleviate the oracle problem in testing critical program of Traffic Collision Avoidance System (TCAS). Experimental results show that, in revealing typical integer mutations, compared with traditional safety property testing method, MT with a novel symbolic metamorphic relation is more effective than the traditional method in some cases.

Song Huang | Zhanwei Hui | Zhengping Ren | Yi Yao

[1] Manuel Blum,et al. Self-testing/correcting with applications to numerical problems , 1990, STOC '90.

[2] Harlan D. Mills,et al. Structured programming - theory and practice , 1979, The systems programming series.

[3] Ying Liu,et al. Metamorphic Testing and Testing with Special Values , 2004, SNPD.

[4] Tsong Yueh Chen,et al. Case studies on the selection of useful relations in metamorphic testing , 2004 .

[5] M. Young. Test Oracles , 2001 .

[6] Lionel C. Briand,et al. Is mutation an appropriate tool for testing experiments? , 2005, ICSE.

[7] Arnaud Gotlieb. TCAS software verification using constraint programming , 2012, Knowl. Eng. Rev..

[8] Paul Ammann,et al. Data Diversity: An Approach to Software Fault Tolerance , 1988, IEEE Trans. Computers.

[9] Elaine J. Weyuker,et al. On Testing Non-Testable Programs , 1982, Comput. J..

[10] Gregg Rothermel,et al. Supporting Controlled Experimentation with Testing Techniques: An Infrastructure and its Potential Impact , 2005, Empirical Software Engineering.

[11] Manuel Blum,et al. Designing programs that check their work , 1989, STOC '89.

[12] Robert C. Seacord,et al. Secure coding in C and C , 2005 .

[13] David Brumley,et al. RICH: Automatically Protecting Against Integer-Based Vulnerabilities , 2007, NDSS.

[14] Felix T.S. Chan,et al. Application of metamorphic testing in numerical analysis , 1998, ICSE 1998.