Formal Methods and Testing
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Verification and Formal Methods
Verification and Formal Methods: Practice and Experience J. C. P. Woodcock University of York, UK and P. G. Larsen Engineering College of Aarhus, Denmark and J. C. Bicarregui STFC Rutherford Appleton Laboratory, UK and J. S. Fitzgerald Newcastle University, UK We describe the state of the art in the industrial use of formal verification technology. We report on a new survey of the use of formal methods in industry, and compare it with the most significant surveys carried out over the last 20 years. We review the literature on formal methods, and present a series of industrial projects undetaken over the last two decades. We draw some observations from these surveys and records of experience. Based on this, we discuss the issues surrounding the industrial adoption of formal methods. Finally, we look to the future and describe the development of a Verified Software Repository, part of the worldwide Verified Software Initiative. We introduce the initial projects being used to populate the repository, and describe the challenges they address. Categories and Subject Descriptors: D.2.4 [Software/Program Verification]: Assertion check- ers, Class invariants, Correctness proofs, Formal methods, Model checking, Programming by contract; F.3.1 [Specifying and Verifying and Reasoning about Programs]: Assertions, Invariants, Logics of programs, Mechanical verification, Pre- and post-conditions, Specification techniques; F.4.1 [Mathematical Logic]: Mechanical theorem proving; I.2.2 [Automatic Pro- gramming]: Program verification. Additional Key Words and Phrases: Experimental software engineering, formal methods surveys, Grand Challenges, Verified Software Initiative, Verified Software Repository. 1. INTRODUCTION Formal verification, for both hardware and software, has been a topic of great sig- nificance for at least forty years. -
Formal Methods
SE 5302: Formal Methods Course Instructor: Parasara Sridhar Duggirala, Ph.D. Catalog Description. 3 credits. This course is designed to provide students with an introduction to formal methods as a framework for the specification, design, and verification of software-intensive embedded systems. Topics include automata theory, model checking, theorem proving, and system specification. Examples are driven by cyber-physical systems. The course is addressed to students in engineering who have had at least a year of software or embedded systems design experience. Pre- Requisites: SE 5100 or SE 5101 or SE 5102 and at least one year of software or embedded systems design experience. Course Delivery Method. The course will be offered online, asynchronously, in small recorded modules according to the course schedule and syllabus. Direct and live communication with the instructor will be available each week, according to the class schedule, for discussion, questions, examples, and quizzes. Attendance at live sessions is required, and you must notify the instructor in advance if you cannot attend. A social networking tool called Slack will be used to communicate with students and the instructor between live sessions. Course Objective. This course is designed to provide students with an introduction to formal methods as a framework for the specification, design, and verification of software- intensive embedded systems. Topics include automata theory, model checking, theorem proving, and system specification. Examples are driven by control systems and software systems. Anticipated Student Outcomes. By the end of the course, a student will be able to (1) Gain familiarity with current system design flows in industry used for embedded system design, implementation and verification. -
Leading Practice: Test Strategy and Approach in Agile Projects
CA SERVICES | LEADING PRACTICE Leading Practice: Test Strategy and Approach in Agile Projects Abstract This document provides best practices on how to strategize testing CA Project and Portfolio Management (CA PPM) in an agile project. The document does not include specific test cases; the list of test cases and steps for each test case are provided in a separate document. This document should be used by the agile project team that is planning the testing activities, and by end users who perform user acceptance testing (UAT). Concepts Concept Description Test Approach Defines testing strategy, roles and responsibilities of various team members, and test types. Testing Environments Outlines which testing is carried out in which environment. Testing Automation and Tools Addresses test management and automation tools required for test execution. Risk Analysis Defines the approach for risk identification and plans to mitigate risks as well as a contingency plan. Test Planning and Execution Defines the approach to plan the test cases, test scripts, and execution. Review and Approval Lists individuals who should review, approve and sign off on test results. Test Approach The test approach defines testing strategy, roles and responsibilities of various team members, and the test types. The first step is to define the testing strategy. It should describe how and when the testing will be conducted, who will do the testing, the type of testing being conducted, features being tested, environment(s) where the testing takes place, what testing tools are used, and how are defects tracked and managed. The testing strategy should be prepared by the agile core team. -
Formal Methods for Biological Systems: Languages, Algorithms, and Applications Qinsi Wang CMU-CS-16-129 September 2016
Formal Methods for Biological Systems: Languages, Algorithms, and Applications Qinsi Wang CMU-CS-16-129 September 2016 School of Computer Science Computer Science Department Carnegie Mellon University Pittsburgh, PA Thesis Committee Edmund M. Clarke, Chair Stephen Brookes Marta Zofia Kwiatkowska, University of Oxford Frank Pfenning Natasa Miskov-Zivanov, University of Pittsburgh Submitted in partial fulfillment of the requirements for the Degree of Doctor of Philosophy Copyright c 2016 Qinsi Wang This research was sponsored by the National Science Foundation under grant numbers CNS-0926181 and CNS- 1035813, the Army Research Laboratory under grant numbers FA95501210146 and FA955015C0030, the Defense Advanced Research Projects Agency under grant number FA875012C0204, the Office of Naval Research under grant number N000141310090, the Semiconductor Research Corporation under grant number 2008-TJ-1860, and the Mi- croelectronics Advanced Research Corporation (DARPA) under grant number 2009-DT-2049. The views and conclusions contained in this document are those of the author and should not be interpreted as rep- resenting the official policies, either expressed or implied, of any sponsoring institution, the U.S. government or any other entity. Keywords: Model checking, Formal specification, Formal Analysis, Boolean networks, Qual- itative networks, Rule-based modeling, Multiscale hybrid rule-based modeling, Hybrid systems, Stochastic hybrid systems, Symbolic model checking, Bounded model checking, Statistical model checking, Bounded reachability, Probabilistic bounded reachability, Parameter estimation, Sensi- tivity analysis, Statistical tests, Pancreatic cancer, Phage-based bacteria killing, Prostate cancer treatment, C. elegans For My Beloved Mom & Dad iv Abstract As biomedical research advances into more complicated systems, there is an in- creasing need to model and analyze these systems to better understand them. -
Efficient Black-Box JTAG Discovery
Ca’ Foscari University of Venice Department of Environmental Sciences, Informatics and Statistics Master’s Degree programme Computer Science, Software Dependability and Cyber Security Second Cycle (D.M. 270/2004) Master Thesis Efficient Black-box JTAG Discovery Supervisor: Graduand: Prof. Riccardo Focardi Riccardo Francescato Matriculation Number 857609 Assistant supervisor: Dott. Francesco Palmarini Academic Year 2016 - 2017 Riccardo Francescato Matriculation Number 857609 Efficient Black-box JTAG Discovery, Master Thesis c February 2018. Abstract Embedded devices represent the most widespread form of computing device in the world. Almost every consumer product manufactured in the last decades contains an embedded system, e.g., refrigerators, smart bulbs, activity trackers, smart watches and washing machines. These computing devices are also used in safety and security- critical systems, e.g., autonomous driving cars, cryptographic tokens, avionics, alarm systems. Often, manufacturers do not take much into consideration the attack surface offered by low-level interfaces such as JTAG. In the last decade, JTAG port has been used by the research community as an entry point for a number of attacks and reverse engineering techniques. Therefore, finding and identifying the JTAG port of a device or a de-soldered integrated circuit (IC) can be the first step required for performing a successful attack. In this work, we analyse the design of JTAG port and develop methods and algorithms aimed at searching the JTAG port. More specifically we will provide an introduction to the problem and the related attacks already documented in the literature. Moreover, we will provide to the reader the basics necessary to understand this work (background on JTAG and basic electronic terminology). -
A Confused Tester in Agile World … Qa a Liability Or an Asset
A CONFUSED TESTER IN AGILE WORLD … QA A LIABILITY OR AN ASSET THIS IS A WORK OF FACTS & FINDINGS BASED ON TRUE STORIES OF ONE & MANY TESTERS !! J Presented By Ashish Kumar, WHAT’S AHEAD • A STORY OF TESTING. • FROM THE MIND OF A CONFUSED TESTER. • FEW CASE STUDIES. • CHALLENGES IDENTIFIED. • SURVEY STUDIES. • GLOBAL RESPONSES. • SOLUTION APPROACH. • PRINCIPLES AND PRACTICES. • CONCLUSION & RECAP. • Q & A. A STORY OF TESTING IN AGILE… HAVE YOU HEARD ANY OF THESE ?? • YOU DON’T NEED A DEDICATED SOFTWARE TESTING TEAM ON YOUR AGILE TEAMS • IF WE HAVE BDD,ATDD,TDD,UI AUTOMATION , UNIT TEST >> WHAT IS THE NEED OF MANUAL TESTING ?? • WE WANT 100% AUTOMATION IN THIS PROJECT • TESTING IS BECOMING BOTTLENECK AND REASON OF SPRINT FAILURE • REPEATING REGRESSION IS A BIG TASK AND AN OVERHEAD • MICROSOFT HAS NO TESTERS NOT EVEN GOOGLE, FACEBOOK AND CISCO • 15K+ DEVELOPERS /4K+ PROJECTS UNDER ACTIVE • IN A “MOBILE-FIRST AND CLOUD-FIRST WORLD.” DEVELOPMENT/50% CODE CHANGES PER MONTH. • THE EFFORT, KNOWN AS AGILE SOFTWARE DEVELOPMENT, • 5500+ SUBMISSION PER DAY ON AVERAGE IS DESIGNED TO LOWER COSTS AND HONE OPERATIONS AS THE COMPANY FOCUSES ON BUILDING CLOUD AND • 20+ SUSTAINED CODE CHANGES/MIN WITH 60+PEAKS MOBILE SOFTWARE, SAY ANALYSTS • 75+ MILLION TEST CASES RUN PER DAY. • MR. NADELLA TOLD BLOOMBERG THAT IT MAKES MORE • DEVELOPERS OWN TESTING AND DEVELOPERS OWN SENSE TO HAVE DEVELOPERS TEST & FIX BUGS INSTEAD OF QUALITY. SEPARATE TEAM OF TESTERS TO BUILD CLOUD SOFTWARE. • GOOGLE HAVE PEOPLE WHO COULD CODE AND WANTED • SUCH AN APPROACH, A DEPARTURE FROM THE TO APPLY THAT SKILL TO THE DEVELOPMENT OF TOOLS, COMPANY’S TRADITIONAL PRACTICE OF DIVIDING INFRASTRUCTURE, AND TEST AUTOMATION. -
A Systematic Literature Review of the Use of Formal Methods in Medical Software Systems∗
JOURNAL OF SOFTWARE: EVOLUTION AND PROCESS J. Softw. Evol. and Proc. 2017; 00:1–23 Published online in Wiley InterScience (www.interscience.wiley.com). DOI: 10.1002/smr A Systematic Literature Review of the use of Formal Methods in Medical Software Systems∗ Silvia Bonfanti∗, Angelo Gargantini1, Atif Mashkoor2 ∗University of Bergamo, [email protected] 1University of Bergamo, [email protected] 2Software Competence Center Hagenberg GmbH, [email protected] SUMMARY The use of formal methods is often recommended to guarantee the provision of necessary services and to assess the correctness of critical properties, such as functional safety, cybersecurity and reliability, in medical and health-care devices. In the past, several formal and rigorous methods have been proposed and consequently applied for trustworthy development of medical software and systems. In this paper, we perform a systematic literature review on the available state of the art in this domain. We collect the relevant literature on the use of formal methods for modeling, design, development, verification and validation of software-intensive medical systems. We apply standard systematic literature review techniques and run several queries in well-known repositories in order to obtain information that can be useful for people who are either already working in this field or planning to start. Our study covers both quantitative and qualitative aspects of the subject. Copyright c 2017 John Wiley & Sons, Ltd. Received . KEY WORDS: Formal Methods, Systematic Literature Review, Medical Device Software 1. INTRODUCTION In modern medical devices, human safety depends upon the correct operation of software controlling the device: software malfunctioning can cause injuries to, or even the death of, patients. -
FORMAL METHODS: BENEFITS, CHALLENGES and FUTURE DIRECTION Mona Batra1, Amit Malik2, Dr
Volume 4, No. 5, May 2013 Journal of Global Research in Computer Science REVIEW ARTICLE Available Online at www.jgrcs.info FORMAL METHODS: BENEFITS, CHALLENGES AND FUTURE DIRECTION Mona Batra1, Amit Malik2, Dr. Meenu Dave3 1 M. Tech. Scholar Department of Computer Science, Jagan Nath University, Jaipur, India [email protected] 2Sr. Analyst, HCL Technologies Ltd. , Noida-201304, India [email protected] 3Assistant Professor Department of Computer Science, Jagan Nath University, Jaipur, India [email protected] Abstract: There is an increasing demand of current information systems to incorporate the use of a higher degree of formalism in the development process. Formal Methods consist of a set of tools and techniques based on mathematical model and formal logic that are used to specify and verify requirements and designs for hardware and software systems. This paper presents a detailed analysis of formal methods along with their goals and benefits followed by limitations. This research work is aimed to help the software engineers to identify the use of formal methods at different stages of software development, with special reference to the requirements phase. Keywords- Formal Methods, Requirements Engineering, Formal Specification, Feasibility Analysis etc. of mathematics in design and construction to ensure product INTRODUCTION quality is common practice in established engineering disciplines, such as bridge or aircraft building, and even In today’s commercial environment, the primary measure of computer (hardware) construction, where one applies success of software projects is the extent to which a mathematically expressed physical and other natural laws to software system fulfills the purpose, which it is intended for. -
Do Formal Methods Improve Code Quality?
Do Formal Methods Improve Code Quality? Shari Lawrence Pfleeger Les Hatton Centre for Software Reliability Programming Research Ltd. Northampton Square Glenbrook House, 1/11 Molesey Road London EC1V 0HB Hersham, Surrey KT12 4RH England England phone: +44 171 477-8426 +44 932 888080 fax: +44 171 477-8585 +44 932 888081 email: [email protected] [email protected] Abstract Formal methods are advocated on many projects, in the hope that their use will improve the quality of the resulting software. However, to date there has been little quantitative evidence of their effectiveness, especially for safety-critical applications. We examined the code and development records for a large air traffic control support system to see if the use of formal methods made a measurable difference. In this paper, we show that formal specification, in concert with thorough unit testing and careful reviews, can lead to high-quality code. But we also show that improved measurement and record-keeping could have made analysis easier and the results more clear-cut. As practitioners and researchers, we continue to look for methods and tools that help us to improve our software development processes and products. Articles in IEEE Software and elsewhere focus on candidate technologies that promise increased productivity, better quality, lower cost or enhanced customer satisfaction. But we are reminded that these methods and tools should be tested empirically and rigorously to determine if they make a quantifiable difference to software we produce.1,2 Often, such evaluation is not considered until after the technology has been used, making careful, quantitative analysis difficult if not impossible. -
Acceptance Testing Based on Relationships Among Use Cases Susumu Kariyuki, Atsuto Kubo Mikio Suzuki Hironori Washizaki, Aoyama Media Laboratory TIS Inc
5th World Congress for Software Quality – Shanghai, China – November 2011 Acceptance Testing based on Relationships among Use Cases Susumu Kariyuki, Atsuto Kubo Mikio Suzuki Hironori Washizaki, Aoyama Media Laboratory TIS Inc. Yoshiaki Fukazawa Tokyo, Japan Tokyo, Japan Waseda University [email protected]. [email protected] Tokyo, Japan jp [email protected] [email protected] Abstract In software development using use cases, such as use-case-driven object-oriented development, test scenarios for the acceptance test can be built from use cases. However, the manual listing of execution flows of complex use cases sometimes results in incomplete coverage of the possible execution flows, particularly if the relationships between use cases are complicated. Moreover, the lack of a widely accepted coverage definition for the acceptance test results in the ambiguous judgment of acceptance test completion. We propose a definition of acceptance test coverage using use cases and an automated generation procedure for test scenarios and skeleton codes under a specified condition for coverage while automatically identifying the execution flows of use cases. Our technique can reduce the incomplete coverage of execution flows of use cases and create objective standards for judging acceptance test completion. Moreover, we expect an improvement of the efficiency of acceptance tests because of the automated generation procedure for test scenarios and skeleton codes. 1. Introduction An acceptance test is carried out by users who take the initiative in confirming whether the developed system precisely performs the requirements of the users.2) As a method of representing functional requirements, use cases have been used.3) Use cases are descriptions of external functions of a system from the viewpoint of the users and external systems (both are called actors). -
A Debate on Teaching Computing Science
Teaching Computing Science t the ACM Computer Science Conference last Strategic Defense Initiative. William Scherlis is February, Edsger Dijkstra gave an invited talk known for his articulate advocacy of formal methods called “On the Cruelty of Really Teaching in computer science. M. H. van Emden is known for Computing Science.” He challenged some of his contributions in programming languages and the basic assumptions on which our curricula philosophical insights into science. Jacques Cohen Aare based and provoked a lot of discussion. The edi- is known for his work with programming languages tors of Comwunications received several recommenda- and logic programming and is a member of the Edi- tions to publish his talk in these pages. His comments torial Panel of this magazine. Richard Hamming brought into the foreground some of the background received the Turing Award in 1968 and is well known of controversy that surrounds the issue of what be- for his work in communications and coding theory. longs in the core of a computer science curriculum. Richard M. Karp received the Turing Award in 1985 To give full airing to the controversy, we invited and is known for his contributions in the design of Dijkstra to engage in a debate with selected col- algorithms. Terry Winograd is well known for his leagues, each of whom would contribute a short early work in artificial intelligence and recent work critique of his position, with Dijkstra himself making in the principles of design. a closing statement. He graciously accepted this offer. I am grateful to these people for participating in We invited people from a variety of specialties, this debate and to Professor Dijkstra for creating the backgrounds, and interpretations to provide their opening. -
Beginners Guide to Software Testing
Beginners Guide To Software Testing Beginners Guide To Software Testing - Padmini C Page 1 Beginners Guide To Software Testing Table of Contents: 1. Overview ........................................................................................................ 5 The Big Picture ............................................................................................... 5 What is software? Why should it be tested? ................................................. 6 What is Quality? How important is it? ........................................................... 6 What exactly does a software tester do? ...................................................... 7 What makes a good tester? ........................................................................... 8 Guidelines for new testers ............................................................................. 9 2. Introduction .................................................................................................. 11 Software Life Cycle ....................................................................................... 11 Various Life Cycle Models ............................................................................ 12 Software Testing Life Cycle .......................................................................... 13 What is a bug? Why do bugs occur? ............................................................ 15 Bug Life Cycle ............................................................................................... 16 Cost of fixing bugs .......................................................................................