Title :
Using a model checker to test safety properties
Author :
Ammann, Paul ; Ding, Wei ; Xu, Daling
Author_Institution :
ISE Dept., George Mason Univ., Fairfax, VA, USA
Abstract :
In addition to providing a sound basis for analysis, formal methods can support other development activities; in our case the target is specification-based testing at the system level. We use the formal method of model checking to either generate new test sets or analyze existing test sets with respect to safety properties expressed in a temporal logic. We consider two types of tests: failing tests, in which a system must reject (fail) a specific dangerous action, and passing tests, in which a system must accept (pass) a safe action in a context that also includes a plausible dangerous action. We formalize our notion of dangerous actions with a mutation model for model checking specifications, and we develop coverage criteria to assess test sets. The coverage criteria are based on the logic operators from the Computation Tree Logic (CTL) and encompass the idea of scenarios where a dangerous action is either inevitable (A) or possible (E) as of the next state (X) or at some point in the future (F). We demonstrate the feasibility of our approach with an example
Keywords :
formal specification; program testing; safety-critical software; temporal logic; trees (mathematics); Computation Tree Logic; coverage criteria; formal methods; formal specification; model checker; mutation model; safety critical software; safety property testing; software testing; specification-based testing; temporal logic; Acoustic testing; Aerospace engineering; Automatic testing; Genetic mutations; Logic testing; NIST; Software safety; Software testing; System testing; Traffic control;
Conference_Titel :
Engineering of Complex Computer Systems, 2001. Proceedings. Seventh IEEE International Conference on
Conference_Location :
Skovde
Print_ISBN :
0-7695-1159-7
DOI :
10.1109/ICECCS.2001.930180
