State Coverage Metrics for Specification-Based Testing with Büchi Automata

Buchi automata have been widely used for specifying linear temporal properties of reactive systems and they are also instrumental for designing efficient model-checking algorithms. In this paper we extend specification-based testing to Buchi automata. A key question in specification-based testing is how to measure the quality (relevancy) of test cases with respect to system specification. We propose two state coverage metrics for measuring how well a test suite covers a Buchi-automaton-based requirement. We also develop test generation algorithms that use counter-example generation capability of an off-the-shelf model checker to generate test cases for the coverage criteria inferred by these metrics. In our experiment we demonstrate the feasibility and performance of the coverage criteria and test generation algorithms for these criteria. In [13] we proposed testing coverage metrics and criteria for properties in Linear Temporal Logic (LTL) and referred to the new approach as property-coverage testing. This research shares the same motivation as in [13] and it extends property-coverage testing to specifications in Buchi automata. Since automaton minimization techniques can be used to reduce the structural diversity of semantically equivalent Buchi automata, we argue that a coverage metric based on Buchi automata is less susceptible to syntactic changes of a property than a LTLbased coverage metric, and hence the proposed coverage metrics measure the relevancy of a test suite to the semantics of a linear temporal property. We also discuss an algorithm for refining a Buchi-automaton-based requirement based on its strong state coverage metric. Our experiment demonstrates the feasibility and performance of our coverage criteria and test generation algorithms.

[1]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[2]  Kousha Etessami,et al.  Analysis of Recursive Game Graphs Using Data Flow Equations , 2004, VMCAI.

[3]  Dimitra Giannakopoulou,et al.  From States to Transitions: Improving Translation of LTL Formulae to Büchi Automata , 2002, FORTE.

[4]  Moshe Y. Vardi Automata-Theoretic Model Checking Revisited , 2007, VMCAI.

[5]  Allan Clark,et al.  Semantic-Based Development of Service-Oriented Systems , 2006, FORTE.

[6]  Stefan Leue,et al.  Formalization and validation of the General Inter-ORB Protocol (GIOP) using PROMELA and SPIN , 2000, International Journal on Software Tools for Technology Transfer.

[7]  Angelo Gargantini,et al.  An Evaluation of Specification Based Test Generation Techniques Using Model Checkers , 2009, 2009 Testing: Academic and Industrial Conference - Practice and Research Techniques.

[8]  Yih-Kuen Tsay,et al.  GOAL: A Graphical Tool for Manipulating Büchi Automata and Temporal Formulae , 2007, TACAS.

[9]  Angelo Gargantini,et al.  A Logic-Based Approach to Combinatorial Testing with Constraints , 2008, TAP.

[10]  Pierre Wolper,et al.  Simple on-the-fly automatic verification of linear temporal logic , 1995, PSTV.

[11]  Insup Lee,et al.  Specification-based testing with linear temporal logic , 2004, Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration, 2004. IRI 2004..

[12]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[13]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[14]  Andreas Podelski,et al.  ACSAR: Software Model Checking with Transfinite Refinement , 2007, SPIN.

[15]  Orna Kupferman,et al.  Vacuity detection in temporal model checking , 2003, International Journal on Software Tools for Technology Transfer.

[16]  Insup Lee,et al.  A Temporal Logic Based Theory of Test Coverage and Generation , 2002, TACAS.

[17]  Riccardo Sisto,et al.  Using SPIN to Verify Security Properties of Cryptographic Protocols , 2002, SPIN.