Observer-based Testing of Distributed Protocols Designed for Harsh Environments

Testing a distributed protocol P employed in a high assurance system involves the modeling of two distinct aspects: i) the intended goals G(P) to be satisfied by P, and ii) the external environment E(P) under which P operates. In complex distributed systems, a wide range of environment behaviors need to be captured by E(P) and/or diverse application requirements need to be stipulated in G(P). This model-based behavior generation is then used as a reference to compare with the actual behavior of a target system protocol. Our approach embodies two functional elements: first, an 'observer' at the service interface of P to the application that monitors the compliance to the conditions stipulated in G(P), and second, an 'injector' that subjects P to a variety of external disturbances as stipulated in E(P). The latter are either actual occurrences of system-level anomalies during an execution of P or computer-generated error conditions as aided by production rules that depict E(P). The modular decomposition that underlies our 3-tier approach (i.e., the observer and perturber modules interweaving with the target system module) enables a flexible testing of distributed protocols in various operating environments and under various application-level goals. The paper describes a language-based tool for generating events that drive the execution of P, and compare the observed behavior of P with a reference desired behavior.