Safety Property Driven Test Generation from

This paper describes the automated generation of test sequences derived from a JML specification and a safety property written in an ad hoc language, named JTPL. The functional JML model is animated to build the test sequences w.r.t. the safety properties, which represent the test targets. From these properties, we derive strategies that are used to guide the symbolic animation. Moreover, additional JML annotations reinforce the oracle in order to guarantee that the safety properties are not violated during the execution of the test suite. Finally, we illustrate this approach on an industrial JavaCard case study.

[1]  Marieke Huisman,et al.  Extending JML Specifications with Temporal Logic , 2002, AMAST.

[2]  Lydie du Bousquet,et al.  Filtering TOBIAS Combinatorial Test Suites , 2004, FASE.

[3]  Bart Jacobs,et al.  Formal methods for smart cards: an experience report , 2005, Sci. Comput. Program..

[4]  Bernhard Rumpe,et al.  Behavioral Specifications of Businesses and Systems , 1999, Behavioral Specifications of Businesses and Systems.

[5]  Ralf Reussner,et al.  Quality of Software Architectures and Software Quality, First International Conference on the Quality of Software Architectures, QoSA 2005 and Second International Workshop on Software Quality, SOQUA 2005, Erfurt, Germany, September 20-22, 2005, Proceedings , 2005, QoSA/SOQUA.

[6]  Jean-Louis Lanet,et al.  Java Applet Correctness: A Developer-Oriented Approach , 2003, FME.

[7]  George S. Avrunin,et al.  Patterns in property specifications for finite-state verification , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[8]  Fabrice Bouquet,et al.  Symbolic Animation of JML Specifications , 2005, FM.

[9]  Paul Ammann,et al.  Using model checking to generate tests from specifications , 1998, Proceedings Second International Conference on Formal Engineering Methods (Cat.No.98EX241).

[10]  Perdita Stevens,et al.  Modelling Recursive Calls with UML State Diagrams , 2003, FASE.

[11]  K. Rustan M. Leino,et al.  The Spec# Programming System: An Overview , 2004, CASSIS.

[12]  Ian J. Hayes,et al.  FM 2005: Formal Methods, International Symposium of Formal Methods Europe, Newcastle, UK, July 18-22, 2005, Proceedings , 2005, FM.

[13]  Alain Giorgetti,et al.  JAG: JML Annotation Generation for Verifying Temporal Properties , 2006, FASE.

[14]  Catherine Oriat,et al.  Jartege: A Tool for Random Generation of Unit Tests for Java Classes , 2004, QoSA/SOQUA.

[15]  Insup Lee,et al.  Specification-based testing with linear temporal logic , 2004, Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration, 2004. IRI 2004..

[16]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[17]  Stefania Gnesi,et al.  FME 2003: Formal Methods: International Symposium of Formal Methods Europe, Pisa, Italy, September 8-14, 2003. Proceedings , 2003, Lecture Notes in Computer Science.

[18]  Graeme Smith,et al.  Compositional class refinement in object-Z , 2006 .

[19]  Fabrice Bouquet,et al.  Automated Boundary Test Generation from JML Specifications , 2006, FM.

[20]  Gary T. Leavens,et al.  How the design of JML accommodates both runtime assertion checking and formal verification , 2003, Sci. Comput. Program..

[21]  Sarfraz Khurshid,et al.  Korat: automated testing based on Java predicates , 2002, ISSTA '02.

[22]  Albert L. Baker,et al.  JML: A Notation for Detailed Design , 1999, Behavioral Specifications of Businesses and Systems.

[23]  Stephen Gilmore,et al.  Mobile Resource Guarantees for Smart Devices , 2004, CASSIS.

[24]  Frank Waters,et al.  The B Book , 1971 .