Mutation Analysis for Reactive System Environment Properties

Reactive systems used in safety-critical domains demand high level of confidence. The development of these systems, which are submitted to several normative recommendations, is complex and expensive. Reactive systems can be developed by using the data-flow approach: many languages support this approach such as MATLAB/SlMULINK, LUSTRE/SCADE. This paper concentrates on the LUSTRE/SCADE language, especially the description of reactive system environment properties in this language. The description of environment properties, which is important for the validation (the proof and the test) of reactive systems, is not easy. Hence, we would like to use the mutation technique to consolidate this difficult task: we use the LESAR model-checking tool to detect equivalent mutants and some test case generators such as GATEL or LUTESS tools to kill non-equivalent mutants.

[1]  Pascal Raymond,et al.  The synchronous data flow programming language LUSTRE , 1991, Proc. IEEE.

[2]  A. Jefferson Offutt,et al.  Mutation 2000: uniting the orthogonal , 2001 .

[3]  Marco Pistore,et al.  NuSMV 2: An OpenSource Tool for Symbolic Model Checking , 2002, CAV.

[4]  Hoyt Lougee,et al.  SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICATION , 2001 .

[5]  Ghassan Al-Hayek Vers une approche unifiée pour la validation et le test de circuits intégrés spécifiés en VHDL , 1999 .

[6]  N. Halbwachs,et al.  Programming and verifying critical systems by means of the synchronous data-flow language LUSTRE , 1991, SIGSOFT '91.

[7]  Nicolas Halbwachs,et al.  Validation of Synchronous Reactive Systems: From Formal Verification to Automatic Testing , 1999, ASIAN.

[8]  Weichen Eric Wong On mutation and data flow , 1993 .

[9]  Joanne M. Atlee,et al.  State-Based Model Checking of Event-Driven System Requirements , 1993, IEEE Trans. Software Eng..

[10]  D. Richard Kuhn Fault classes and error detection capability of specification-based testing , 1999, TSEM.

[11]  Ioannis Parissis,et al.  Specification-based testing of synchronous software , 1996, SIGSOFT '96.

[12]  Nicolas Halbwachs,et al.  Counter-example generation in symbolic abstract model-checking , 2004, International Journal on Software Tools for Technology Transfer.

[13]  Ioannis Parissis Test de logiciels synchrones spécifiés en Lustre , 1996 .

[14]  Lydie du Bousquet,et al.  Lutess: a specification-driven testing environment for synchronous software , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[15]  John D. Musa,et al.  Operational profiles in software-reliability engineering , 1993, IEEE Software.

[16]  K. N. King,et al.  A fortran language system for mutation‐based software testing , 1991, Softw. Pract. Exp..

[17]  Paul Ammann,et al.  A specification-based coverage metric to evaluate test sets , 1999, Proceedings 4th IEEE International Symposium on High-Assurance Systems Engineering.

[18]  Vadim Okun,et al.  Mutation operators for specifications , 2000, Proceedings ASE 2000. Fifteenth IEEE International Conference on Automated Software Engineering.

[19]  Christophe Ratel Définition et réalisation d'un outil de vérification formelle de programmes LUSTRE : le système LESAR , 1992 .

[20]  David R. Kuhn Fault Classes and Error Detection in Specification Based Testing | NIST , 1998 .