Writing declarative models has numerous benefits, ranging from automated reasoning and correction of design-level properties before systems are built, to automated testing and debugging of their implementations after they are built. Alloy is a declarative modeling language that is well suited for verifying system designs. While Alloy comes deployed in the Analyzer, an automated scenario-finding tool set, writing correct models remains a difficult and error-prone task. ASketch is a synthesis framework that helps users build their Alloy models. ASketch takes as an input a partial Alloy models with holes and an A Unit test suite. As output, ASketch returns a completed model that passes all tests. ASketch’s initial evaluation reveals ASketch to be a promising approach to synthesize Alloy models. In this paper, we present and explore SketchGen2, an approach that looks to broaden the adoption of ASketch by increasing the automation of the inputs needed for the sketching process. Experimental results show SketchGen2 is effective at producing both expressions and test suites for synthesis.
{"title":"Towards Automated Input Generation for Sketching Alloy Models","authors":"Ana Jovanovic, Allison Sullivan","doi":"10.1145/3524482.3527651","DOIUrl":"https://doi.org/10.1145/3524482.3527651","url":null,"abstract":"Writing declarative models has numerous benefits, ranging from automated reasoning and correction of design-level properties before systems are built, to automated testing and debugging of their implementations after they are built. Alloy is a declarative modeling language that is well suited for verifying system designs. While Alloy comes deployed in the Analyzer, an automated scenario-finding tool set, writing correct models remains a difficult and error-prone task. ASketch is a synthesis framework that helps users build their Alloy models. ASketch takes as an input a partial Alloy models with holes and an A Unit test suite. As output, ASketch returns a completed model that passes all tests. ASketch’s initial evaluation reveals ASketch to be a promising approach to synthesize Alloy models. In this paper, we present and explore SketchGen2, an approach that looks to broaden the adoption of ASketch by increasing the automation of the inputs needed for the sketching process. Experimental results show SketchGen2 is effective at producing both expressions and test suites for synthesis.","PeriodicalId":119264,"journal":{"name":"2022 IEEE/ACM 10th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116327402","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the improvement of hardware and algorithms, the main challenge of software model checking has shifted from pure algorithmic performance toward supporting a wider set of input programs. Successful toolchains tackle the problem of parsing a wide range of inputs in an efficient way by reusing solutions from existing compiler technologies such as Eclipse CDT or LLVM. Our experience suggests that well-established techniques in compiler technology are not necessarily beneficial to model checkers and sometimes can even hurt their performance. In this paper, we review the tools mature enough to participate in the Software Verification Competition in terms of the employed analysis and frontend techniques. We find that successful tools do exhibit a bias toward certain combinations. We explore the theoretical reasons and suggest an adaptable approach for model checking frameworks. We validate our recommendations by implementing a new frontend for a model checking framework and show that it indeed benefits some of the algorithms.
{"title":"C for Yourself: Comparison of Front-End Techniques for Formal Verification","authors":"Levente Bajczi, Zsófia Ádám, V. Molnár","doi":"10.1145/3524482.3527646","DOIUrl":"https://doi.org/10.1145/3524482.3527646","url":null,"abstract":"With the improvement of hardware and algorithms, the main challenge of software model checking has shifted from pure algorithmic performance toward supporting a wider set of input programs. Successful toolchains tackle the problem of parsing a wide range of inputs in an efficient way by reusing solutions from existing compiler technologies such as Eclipse CDT or LLVM. Our experience suggests that well-established techniques in compiler technology are not necessarily beneficial to model checkers and sometimes can even hurt their performance. In this paper, we review the tools mature enough to participate in the Software Verification Competition in terms of the employed analysis and frontend techniques. We find that successful tools do exhibit a bias toward certain combinations. We explore the theoretical reasons and suggest an adaptable approach for model checking frameworks. We validate our recommendations by implementing a new frontend for a model checking framework and show that it indeed benefits some of the algorithms.","PeriodicalId":119264,"journal":{"name":"2022 IEEE/ACM 10th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121908703","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Amirfarhad Nilizadeh, Marlon Calvo, Gary T. Leavens, D. Cok
Unit tests that demonstrate why a program is incorrect have many potential uses, including localizing bugs (i.e., showing where code is wrong), improving test suites, and better code synthesis. However, counterexamples produced by failed attempts at Hoare-style verification (e.g., by SMT solvers) are difficult to translate into unit tests. We explain how to generate unit tests from counterexamples generated by an SMT solver and how this process could be embodied in a prototype tool. This process combines static verification techniques and runtime assertion checking.
{"title":"Generating Counterexamples in the form of Unit Tests from Hoare-style Verification Attempts","authors":"Amirfarhad Nilizadeh, Marlon Calvo, Gary T. Leavens, D. Cok","doi":"10.1145/3524482.3527656","DOIUrl":"https://doi.org/10.1145/3524482.3527656","url":null,"abstract":"Unit tests that demonstrate why a program is incorrect have many potential uses, including localizing bugs (i.e., showing where code is wrong), improving test suites, and better code synthesis. However, counterexamples produced by failed attempts at Hoare-style verification (e.g., by SMT solvers) are difficult to translate into unit tests. We explain how to generate unit tests from counterexamples generated by an SMT solver and how this process could be embodied in a prototype tool. This process combines static verification techniques and runtime assertion checking.","PeriodicalId":119264,"journal":{"name":"2022 IEEE/ACM 10th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"75 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124748837","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Deductive verification can be used to ensure properties about all possible behaviours of a program, even when the program is parameterised and has an unbounded state space. But to achieve this, the user needs to specify what the desired properties are, and often needs to guide the prover with auxiliary annotations. This paper investigates what annotations are actually needed, and it provides a taxonomy to categorise these annotations. In particular, we identify several top-level categories, which are further divided into subcategories of annotations. This taxonomy is then used as a basis to investigate how often particular annotation categories occur, by inspecting over 10k lines of annotated programs. To determine whether the results are in line with expectations, we have interviewed several experts on deductive verification. Moreover, we show how the results can be used to evaluate the effectiveness of annotation generators. The knowledge from this analysis provides a gateway to guide further research in improving the efficiency of deductive verification, e.g.: it can serve as a guideline on what categories of annotations should be generated automatically, to evaluate the power of existing annotation generation techniques, and to improve the teaching of deductive verification.
{"title":"Formal Specifications Investigated: A Classification and Analysis of Annotations for Deductive Verifiers","authors":"Sophie Lathouwers, M. Huisman","doi":"10.1145/3524482.3527652","DOIUrl":"https://doi.org/10.1145/3524482.3527652","url":null,"abstract":"Deductive verification can be used to ensure properties about all possible behaviours of a program, even when the program is parameterised and has an unbounded state space. But to achieve this, the user needs to specify what the desired properties are, and often needs to guide the prover with auxiliary annotations. This paper investigates what annotations are actually needed, and it provides a taxonomy to categorise these annotations. In particular, we identify several top-level categories, which are further divided into subcategories of annotations. This taxonomy is then used as a basis to investigate how often particular annotation categories occur, by inspecting over 10k lines of annotated programs. To determine whether the results are in line with expectations, we have interviewed several experts on deductive verification. Moreover, we show how the results can be used to evaluate the effectiveness of annotation generators. The knowledge from this analysis provides a gateway to guide further research in improving the efficiency of deductive verification, e.g.: it can serve as a guideline on what categories of annotations should be generated automatically, to evaluate the power of existing annotation generation techniques, and to improve the teaching of deductive verification.","PeriodicalId":119264,"journal":{"name":"2022 IEEE/ACM 10th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124029406","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Designing and developing distributed software has always been a tedious and error-prone task, and the ever increasing software complexity is making matters even worse. Model checking automatically verifies that a model, e.g., a Labelled Transition System (LTS), obtained from higher-level specification languages satisfies a given temporal property. When the model violates the property, the model checker returns a counterexample, but this counterexample does not precisely identify the source of the bug. In this work, we propose some techniques for simplifying the debugging of these models. These techniques first extract from the whole behavioural model the part which does not satisfy the given property. In that model, we then detect specific states (called faulty states) where a choice is possible between executing a correct behaviour or falling into an erroneous part of the model. By using this model, we propose in this paper some techniques to count the number of bugs in the original specification. The core idea of the approach is to change the specification for some specific actions that may cause the property violation, and compare the model before and after modification to detect whether this potential bug is one real bug or not. Beyond introducing in details the solution, this paper also presents tool support and experiments.
{"title":"Counting Bugs in Behavioural Models using Counterexample Analysis","authors":"Irman Faqrizal, Gwen Salaün","doi":"10.1145/3524482.3527647","DOIUrl":"https://doi.org/10.1145/3524482.3527647","url":null,"abstract":"Designing and developing distributed software has always been a tedious and error-prone task, and the ever increasing software complexity is making matters even worse. Model checking automatically verifies that a model, e.g., a Labelled Transition System (LTS), obtained from higher-level specification languages satisfies a given temporal property. When the model violates the property, the model checker returns a counterexample, but this counterexample does not precisely identify the source of the bug. In this work, we propose some techniques for simplifying the debugging of these models. These techniques first extract from the whole behavioural model the part which does not satisfy the given property. In that model, we then detect specific states (called faulty states) where a choice is possible between executing a correct behaviour or falling into an erroneous part of the model. By using this model, we propose in this paper some techniques to count the number of bugs in the original specification. The core idea of the approach is to change the specification for some specific actions that may cause the property violation, and compare the model before and after modification to detect whether this potential bug is one real bug or not. Beyond introducing in details the solution, this paper also presents tool support and experiments.","PeriodicalId":119264,"journal":{"name":"2022 IEEE/ACM 10th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"482 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134375208","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Soha Hussein, Sanjai Rayadurgam, Stephen McCamant, Vaibhav Sharma, M. Heimdahl
Executable implementations are ultimately the only dependable representations of a software component’s behavior. Incorporating such a component in a rigorous model-based development of reactive systems poses challenges since a formal contract over its behaviors will have to be crafted for system verification. Simply hypothesizing a contract based on informal descriptions of the component is problematic: if it is too weak, we may fail in verifying valid system-level contracts; if it is too strong or simply erroneous, the system may fail in operation. Thus, establishing a valid and strong enough contract is crucially important.In this paper, we propose to repair the invalid hypothesized contract by replacing one or more of its sub-expressions with newly composed expressions, such that the new contract holds over the implementation. To this effect, we present a novel, sound, semantically minimal, and under reasonable assumptions terminating, and complete counterexample-guided general-purpose algorithm for repairing contracts. We implemented and evaluated our technique on more than 4,000 mutants with various complexities generated from 29 valid contracts for 4 non-trivial Java reactive components. Results show a successful repair rate of 81.51%, with 20.72% of the repairs matching the manually written contracts and 60.79% of the repairs describing non-trivial valid contracts.
{"title":"Counterexample-Guided Inductive Repair of Reactive Contracts","authors":"Soha Hussein, Sanjai Rayadurgam, Stephen McCamant, Vaibhav Sharma, M. Heimdahl","doi":"10.1145/3524482.3527650","DOIUrl":"https://doi.org/10.1145/3524482.3527650","url":null,"abstract":"Executable implementations are ultimately the only dependable representations of a software component’s behavior. Incorporating such a component in a rigorous model-based development of reactive systems poses challenges since a formal contract over its behaviors will have to be crafted for system verification. Simply hypothesizing a contract based on informal descriptions of the component is problematic: if it is too weak, we may fail in verifying valid system-level contracts; if it is too strong or simply erroneous, the system may fail in operation. Thus, establishing a valid and strong enough contract is crucially important.In this paper, we propose to repair the invalid hypothesized contract by replacing one or more of its sub-expressions with newly composed expressions, such that the new contract holds over the implementation. To this effect, we present a novel, sound, semantically minimal, and under reasonable assumptions terminating, and complete counterexample-guided general-purpose algorithm for repairing contracts. We implemented and evaluated our technique on more than 4,000 mutants with various complexities generated from 29 valid contracts for 4 non-trivial Java reactive components. Results show a successful repair rate of 81.51%, with 20.72% of the repairs matching the manually written contracts and 60.79% of the repairs describing non-trivial valid contracts.","PeriodicalId":119264,"journal":{"name":"2022 IEEE/ACM 10th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115539244","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Hessamaldin Mohammadi, Wided Ghardallou, R. Linger, A. Mili
Extracting the function of a program from a static analysis of its source code is a valuable capability in software engineering, but it has proved to be an elusive goal, due primarily to the difficulty of deriving the function of iterative statements. Several automated tools obviate this difficulty by unrolling the loops; but this is clearly an imperfect solution, especially in light of the fact that loops capture most of the computing power of a program, are the locus of most of its complexity, and the source of most of its faults. In this paper we discuss the design and ongoing implementation of an automated tool for deriving the function of a program in three steps: first, the source code is mapped onto an abstract syntax tree (AST), using standard parsing technology; then each node of the AST is mapped onto an equation between pre and post states; finally, these equations are submitted to a symbolic computation engine that extracts the final program state as a function of its initial state. Loop functions are derived by pattern matching against semantic recognizers, which capture the requisite programming knowledge and domain knowledge.
{"title":"Computing Program Functions","authors":"Hessamaldin Mohammadi, Wided Ghardallou, R. Linger, A. Mili","doi":"10.1145/3524482.3527655","DOIUrl":"https://doi.org/10.1145/3524482.3527655","url":null,"abstract":"Extracting the function of a program from a static analysis of its source code is a valuable capability in software engineering, but it has proved to be an elusive goal, due primarily to the difficulty of deriving the function of iterative statements. Several automated tools obviate this difficulty by unrolling the loops; but this is clearly an imperfect solution, especially in light of the fact that loops capture most of the computing power of a program, are the locus of most of its complexity, and the source of most of its faults. In this paper we discuss the design and ongoing implementation of an automated tool for deriving the function of a program in three steps: first, the source code is mapped onto an abstract syntax tree (AST), using standard parsing technology; then each node of the AST is mapped onto an equation between pre and post states; finally, these equations are submitted to a symbolic computation engine that extracts the final program state as a function of its initial state. Loop functions are derived by pattern matching against semantic recognizers, which capture the requisite programming knowledge and domain knowledge.","PeriodicalId":119264,"journal":{"name":"2022 IEEE/ACM 10th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121767269","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Livia Lestingi, Cristian Sbrolli, P. Scarmozzino, Giorgio Romeo, M. Bersani, Matteo G. Rossi
Service robots are increasingly widespread in healthcare and domestic assistance settings. Nevertheless, the literature still lacks robotic application development approaches that can deal with the complexity of multi-agent systems and the unpredictability of human behavior. We target this issue by building upon a model-driven development framework for human-robot interactive scenarios that relies on formal analysis (Statistical Model Checking) to estimate the probability of success of the robotic mission. We extend the framework’s scope to scenarios featuring multi-robot fleets, a broader range of human-robot interaction contingencies, and task handover between robots. We also present an extended model of human behavior to capture interaction patterns implying close contact or competition with the robot. In the latter case, the user can specify alternative mission plans for the robot, depending on the competition outcome. We illustrate the approach’s effectiveness and scalability through a case study from the healthcare setting, featuring multiple mobile robots and humans with diverse physiological characteristics and requesting a broad spectrum of services.
{"title":"Formal Modeling and Verification of Multi-Robot Interactive Scenarios in Service Settings","authors":"Livia Lestingi, Cristian Sbrolli, P. Scarmozzino, Giorgio Romeo, M. Bersani, Matteo G. Rossi","doi":"10.1145/3524482.3527653","DOIUrl":"https://doi.org/10.1145/3524482.3527653","url":null,"abstract":"Service robots are increasingly widespread in healthcare and domestic assistance settings. Nevertheless, the literature still lacks robotic application development approaches that can deal with the complexity of multi-agent systems and the unpredictability of human behavior. We target this issue by building upon a model-driven development framework for human-robot interactive scenarios that relies on formal analysis (Statistical Model Checking) to estimate the probability of success of the robotic mission. We extend the framework’s scope to scenarios featuring multi-robot fleets, a broader range of human-robot interaction contingencies, and task handover between robots. We also present an extended model of human behavior to capture interaction patterns implying close contact or competition with the robot. In the latter case, the user can specify alternative mission plans for the robot, depending on the competition outcome. We illustrate the approach’s effectiveness and scalability through a case study from the healthcare setting, featuring multiple mobile robots and humans with diverse physiological characteristics and requesting a broad spectrum of services.","PeriodicalId":119264,"journal":{"name":"2022 IEEE/ACM 10th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130569451","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Parallelization of programs relies on sound and precise analysis of data dependences in the code, specifically, when dealing with loops. State-of-art tools are based on dynamic profiling and static analysis. They tend to over- and, occasionally, to under-approximate dependences. The former misses parallelization opportunities, the latter can change the behavior of the parallelized program. In this paper we present a sound and highly precise approach to generate data dependences based on deductive verification. The central technique is to infer a specific form of loop invariant tailored to express dependences. To achieve full automation, we adapt predicate abstraction in a suitable manner. To retain as much precision as possible, we generalized logic-based symbolic execution to compute abstract dependence predicates. We implemented our approach for Java on top of a deductive verification tool. The evaluation shows that our approach can generate highly precise data dependences for representative code taken from HPC applications.
{"title":"Automatic Loop Invariant Generation for Data Dependence Analysis","authors":"Asmae Heydari Tabar, Richard Bubel, Reiner Hähnle","doi":"10.1145/3524482.3527649","DOIUrl":"https://doi.org/10.1145/3524482.3527649","url":null,"abstract":"Parallelization of programs relies on sound and precise analysis of data dependences in the code, specifically, when dealing with loops. State-of-art tools are based on dynamic profiling and static analysis. They tend to over- and, occasionally, to under-approximate dependences. The former misses parallelization opportunities, the latter can change the behavior of the parallelized program. In this paper we present a sound and highly precise approach to generate data dependences based on deductive verification. The central technique is to infer a specific form of loop invariant tailored to express dependences. To achieve full automation, we adapt predicate abstraction in a suitable manner. To retain as much precision as possible, we generalized logic-based symbolic execution to compute abstract dependence predicates. We implemented our approach for Java on top of a deductive verification tool. The evaluation shows that our approach can generate highly precise data dependences for representative code taken from HPC applications.","PeriodicalId":119264,"journal":{"name":"2022 IEEE/ACM 10th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122988026","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Boolean test input generation is the process of finding sets of values for variables of a logical expression such that a given coverage criterion is achieved. This paper presents a formal framework in which evaluating an expression produces a tree structure, and where a coverage criterion is expressed as equivalence classes induced by a particular transformation over these trees. It then defines many well-known coverage criteria as particular cases of this framework. The paper describes an algorithm to generate test suites by a reduction through a graph problem; this algorithm works in the same way regardless of the criterion considered. An experimental evaluation of this technique shows that it produces test suites that are in many cases smaller than existing tools.
{"title":"Test Suite Generation for Boolean Conditions with Equivalence Class Partitioning","authors":"Sylvain Hallé","doi":"10.1145/3524482.3527659","DOIUrl":"https://doi.org/10.1145/3524482.3527659","url":null,"abstract":"Boolean test input generation is the process of finding sets of values for variables of a logical expression such that a given coverage criterion is achieved. This paper presents a formal framework in which evaluating an expression produces a tree structure, and where a coverage criterion is expressed as equivalence classes induced by a particular transformation over these trees. It then defines many well-known coverage criteria as particular cases of this framework. The paper describes an algorithm to generate test suites by a reduction through a graph problem; this algorithm works in the same way regardless of the criterion considered. An experimental evaluation of this technique shows that it produces test suites that are in many cases smaller than existing tools.","PeriodicalId":119264,"journal":{"name":"2022 IEEE/ACM 10th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127436102","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: