Model-based testing of asynchronously communicating distributed controllers using validated mappings to formal representations

Abstract

Programmable controllers are gaining prevalence even in distributed safety-critical applications, e.g., in the railway and aerospace industries. In general, such systems are integrated using various loosely-coupled reactive components and must satisfy critical requirements. Thus, the verification of the design models and systematic testing of the implementation are essential tasks, which can be encumbered by the systems' distributed characteristics. In addition, the correctness of these verification methods is also vital. This paper, on the one hand, presents a model-based integration test generation (MBT) approach leveraging hidden formal methods based on the collaborating statechart models of the components. Statecharts can be integrated using various composition modes (e.g., synchronous and asynchronous) and then automatically mapped (via a symbolic transition systems formalism – XSTS) into the input formalisms of model checker back-ends, namely UPPAAL, Theta, Spin and nuXmv. The model checkers are utilized to generate tests based on formalized properties adhering to multiple coverage criteria. Furthermore, the paper presents a complementing validation approach for the proposed MBT approach based on demonstrating the semantic equivalence of high-level design models and the derived formal models used by the integrated model checkers for verification and test generation. The approaches are implemented in our open source Gamma Statechart Composition Framework and evaluated on industrial-scale distributed controller subsystems from the railway industry.