Catálogo de publicaciones - libros

Black-box testing is a popular technique for assessing the quality of a system. However, in case of a test failure, only little information is available to identify the root-cause of the test failure. In such cases, additional diagnostic tests may help. We present techniques and a methodology for efficiently conducting diagnostic tests based on explicit fault models. For this, we rely on techniques for . Our techniques rely on, and exploit differences in outputs (or inputs) in fault models, respectively. We characterise the underlying concepts for our techniques both in terms of mathematics and in terms of the modal -calculus, which is a powerful . The latter characterisations permit the use of efficient, off-the-shelf model checking techniques, leading to provably correct algorithms and pseudo decision procedures for diagnostic testing.

We present a methodology for testing service infrastructure components described in a high-level (UML-like) language. The technique of graph transformation is used to precisely capture the dynamic aspect of the protocols which is the basis of state space generation.

Then we use model checking techniques to find adequate test sequences for a given requirement. To illustrate our approach, we present the case study of a fault tolerant service broker which implements a well-known dependability pattern at the level of services. Finally, a compact Petri Net representation is derived by workflow mining techniques to generate faithful test cases in a non-deterministic, distributed environment.

Note that our methodology is applicable at the architectural level rather than for testing individual service instances only.

We propose an extension of the Finite State Machine framework in distributed systems, using . In this model, transitions can be executed non-atomically, reacting to asynchronous inputs on several ports, and producing asynchronous output on those ports. We develop the formal framework for distributed testing in this architecture and compare with the synchronous I/O automaton setting. The advantage of the compact modelling by IOPOA combines with low complexity : the number of tests required for concurrent input in our model is polynomial in the number of inputs.

Service availability has become one of the most crucial parameter of telecommunications infrastructure and other IT applications. Service Availability Forum (SAF) is a leading organization in publishing open specifications for Highly Available (HA) systems. Its Application Interface Specification (AIS) is a widely accepted standard for application developers. Conformance to the standard is one of the most important quality metrics of AIS implementations. However, implementers of the standard usually perform testing on proprietary test suites, which makes difficult to compare the quality of various AIS middleware. This paper presents a testing environment which can be used to perform both conformance and functional tests on AIS implementations. The results and experiences of testing a particular AIS middleware are also summarized. Finally we show how to integrate our testing environment to be part of a comprehensive TTCN-3 based AIS implementation testing framework.

To be cost effective, the decision to automate tests that are usually hand-executed has to rely on a tradeoff between the time consumed to build the automation infrastructure and the time actually saved by the automated tests. Techniques which improve software reuse not only reduce the cost of automation, but the resulting productivity gain speeds up development. Such issues are specially relevant to the software development for mobile phones, where the time-to-market pressure asks for faster design and requires quicker deployment of new products. This paper presents a novel object-oriented framework tailored to support the automation of user-level test cases so as to improve the rate of deployment of mobile phones. Despite inherent test automation limitations, experimental results show that, with automation, the overall testing effort is about three times less than the manual effort, when measured within a one-year interval.

We describe an experience in applying model based testing in verifying especially the parallel behavior of a device level service and discovery protocol. Our approach is two phased: we first define a high level domain model in B and use cases in CSP that can be verified and then create a more detailed reference model that we use for testing the implementation on-the-fly. The use cases are used to drive both the B model and the reference model.

Today, test suites of several ten thousand lines of code are specified using the (TTCN-3). Experience shows that the resulting test suites suffer from quality problems with respect to internal quality aspects like usability, maintainability, or reusability. Therefore, a quality assessment of TTCN-3 test suites is desirable. A powerful approach to detect quality problems in source code is the identification of . Code smells are patterns of inappropriate language usage that is error-prone or may lead to quality problems. This paper presents a quality assessment approach for TTCN-3 test suites which is based on TTCN-3 code smells: To this aim, various TTCN-3 code smells have been identified and collected in a catalogue; the detection of instances of TTCN-3 code smells in test suites has been automated by a tool. The applicability of this approach is demonstrated by providing results from the quality assessment of several standardised TTCN-3 test suites.

We propose a bounded incremental algorithm to generate test cases for deterministic finite state machine models. Our approach, in contrast to the traditional view, is based on the observation that system specifications are in most cases modified incrementally in practice as requirements evolve. We utilize an existing test set available for a previous version of the system to efficiently generate tests for the current – modified – system.

We use a widely accepted framework to evaluate the complexity of the proposed incremental algorithm, and show that it is a function of the size of the change in the specification rather than the size of the specification itself. Thus, the method is very efficient in the case of small changes, and never performs worse than the relevant traditional algorithm – the HIS-method. We also demonstrate our algorithm through an example.

The TCP/IP/Ethernet protocol is considered not suitable for use in real-time control systems. It deals with a lack of time determinism, which characterizes fieldbuses. Nevertheless several corporations propose networking based on the TCP/IP/Ethernet even for control purposes with some modifications of the standard however. This paper examines possibility of application of the TCP/IP/Ethernet communication without modifications (introducing also Internet as one of tested cases) for feedback control purposes. Experimental investigations have been performed in four stages. In the beginning tests of network properties, including tests of transmission time and packet loss measurements have been performed. Three following stages show experimental testing of feedback control, when TCP/IP transmission occurs between PI controller and control plant. Three representative platforms have been chosen for testing: LabVIEW, RSLogix and Simatic. The main and original contribution presented in this paper is design and construction of three test stands as well as methodology of testing experiments. Standard control over analog channel has been also presented as comparison. The results of testing show acceptable performance of control via TCP/IP/Ethernet networking.

The success and the acceptance of intrusion detection systems essentially depend on the accuracy of their analysis. Inaccurate signatures strongly trigger false alarms. In practice several thousand false alarms per month are reported which limit the successful deployment of intrusion detection systems. Most today deployed intrusion detection systems apply misuse detec tion as detection procedure. Misuse detection compares the recorded audit data with predefined patterns, the signatures. These are mostly empirically de ve loped based on experience and knowledge of experts. Methods for a systematic de velopment have been scarcely repor ted yet. A testing and correcting phase is required to improve the quality of the signatures. Signature testing is still a rather empirical process like signature development itself. There exists no test methodology so far. In this paper we present first approaches for a systematic test of signatures. We characterize the test objectives and present different test methods.