Automated Model Based Testing From Theory via Tools to

Download Report

Transcript Automated Model Based Testing From Theory via Tools to 

Preorders on Labelled Transition
Systems
Ed Brinksma
Course 2004
Formal Testing
S
imp
test
generation

i imp s
specification
i passes T
test suite T
implementatio
i
n
test
execution
© Ed Brinksma/Jan Tretmans
pass / fail
Implementation Relation
i imp s : implementation i implements specification s
 imp reflexive ?
s imp s
Yes
 imp symmetric ?
i imp s  s imp i
No
 imp transitive ?
i imp s, s imp t  i imp t
Prefer
 imp anti-symmetric?
i imp s, s imp i  i = s
No
 imp linear ?
i imp s or s imp i
No
 imp congruent ?
i imp s  f( i ) imp f( s )
Prefer
equivalence :
preorder :
partial order :
linear/total order :
© Ed Brinksma/Jan Tretmans
reflexive, symmetric, transitive
reflexive, transitive
anti-symmetric preorder
linear partial order
Preorders on Transition Systems

implementation
i
specification
s
environment
e
ii  ss


environment
e
 ee 
 EE .. obs
obs (( e,
e, ii )) 
= obs (e, s )


?
© Ed Brinksma/Jan Tretmans

?

?
Preorders
on Transition Systems
implementation
i

environment
e
specification
s
environment
e
Suppose an environment interacts with the
implementation i and with the specification s :
black
i correctly implements s iff
all observation of i can be related to observations of s
© Ed Brinksma/Jan Tretmans
box
Preorders on
Transition Systems
For almost any equivalence

you can define a corresponding preorder
such that
S1
S1
S1
S1
S1
S1
S1
p
 h S2
 b S2
tr S2
te S2
ready S2
Q S2
ft S2
………
………
© Ed Brinksma/Jan Tretmans

q

p

q and q

 p:
homomorphism
various simulation relations
trace preorder
testing preorder
ready preorder
queue preorder
failure (trace) preorder
………
………
Equivalences on
Transition Systems
strong
weak
isomorphism
now you need to observe 's ……
bisimulation
( weak )
test an LTS with another LTS, and
undo, copy, repeat as often as you like
failure trace
= refusal
test an LTS with another LTS, and
try again (continue) after failure
failures
= testing
test an LTS with another LTS
completed
trace
observing sequences of actions and
their end
trace
© Ed Brinksma/Jan Tretmans
observing sequences of actions
Preorders on
Transition Systems
strong
weak
isomorphism
now you need to observe 's ……
bisimulation
( weak )
test an LTS with another LTS, and
undo, copy, repeat as often as you like
failure trace
= refusal
test an LTS with another LTS, and
try again (continue) after failure
failures
= testing
test an LTS with another LTS
completed
trace
observing sequences of actions and
their end
trace
© Ed Brinksma/Jan Tretmans
observing sequences of actions
Trace Preorder
implementation
i
tr
specification
s
environment
e
i tr s
Traces:
© Ed Brinksma/Jan Tretmans

environment
e
traces ( i )

traces ( s )
traces (s) = {   L* | s 
}
Trace Preorder
tr
dub
dub
tr
tea
coffee
tr
tr
i tr s =
traces(i)  traces(s)
© Ed Brinksma/Jan Tretmans
tr
dub
tea
dub
coffee
tr
coffee
Trace Preorder
dub
tr
dub
traces(i)  traces(s)
© Ed Brinksma/Jan Tretmans
tea
dub
tea
tr
coffee
i tr s =
tr
dub
coffee
coffee
Testing Preorder
implementation
i
te
specification
s
environment
e
i
te
s

environment
e
 e  E . obs ( e, i )  obs (e, s )


LTS(L) Ctraces (e||s)
© Ed Brinksma/Jan Tretmans
Testing Preorder
implementation
i
te
environment
e
i
te
specification
s
environment
e
 e  LTS(L) .    L* .
e||i after  refuses L  e||s after  refuses L
s


FP (i)  FP (s)
FP (p) = {  , A 
© Ed Brinksma/Jan Tretmans
| A  L,  traces(p),
p afer  refuses A }
Testing Preorder
p
q
a
b
a
c
te
te
b
a
c
p after a b refuses L
q after a b refuses L
p after a refuses {b}
q after a refuses {b}
p after a refuses {c}
q after a refuses {c}
p after a refuses {b,c}
q after a refuses {b,c}
© Ed Brinksma/Jan Tretmans
Testing Preorder
p
q
a
b
a
te
te
b
a
c
p after a refuses {a}
q after a refuses {a}
p after a refuses {b}
q after a refuses {b}
p after a refuses {c}
q after a refuses {c}
p after a refuses {b,c}
q after a refuses {b,c}
p after a refuses {a,b,c}
q after a refuses {a,b,c}
© Ed Brinksma/Jan Tretmans
Testing Preorder
te
a
b
a
a
te
c
b
a
te
te
i te s =
FP(i)  FP(s)
© Ed Brinksma/Jan Tretmans

b
te
te

c
c
Testing preorder
p
a
te
te
te

a
q
te
te
te
Environment e :
obs(e,p) = { a  }
© Ed Brinksma/Jan Tretmans
a
a
obs(e,q) = { a ,  }

Testing Preorder
?
te
a
te
a
?
a
b
b
?
te
a
?
© Ed Brinksma/Jan Tretmans
te
a

b
?
te
a

b
Testing Preorder
p
coin
coffee
bang
coffee
q
coin
coin
tea
coffee
bang
tea
bang
coin
tea
bang
tea
p te q
coffee
p te q ?
q te p ?
© Ed Brinksma/Jan Tretmans
Refusal Preorder
implementation
i
rf
specification
s
environment
e
i
rf
s

environment
e
 e  E . obs ( e, i )  obs (e, s )

LTS(L{})
© Ed Brinksma/Jan Tretmans

Ctraces (e||i)
Refusal Preorder
implementation
i
environment
e
i
rf
s

rf
specification
s
environment
e
 e  LTS(L{}) .    L* .
e||i after  refuses L  e||s after  refuses L

© Ed Brinksma/Jan Tretmans
Ftraces( i )  Ftraces ( s )
Refusal Preorder
Failure A :
s
Failure trace  :
A
s

  ( L ( L ) )* :
  A{}:
s

Failure traces of p : Ftraces (p) = {   ( L ( L ) )* | p
Failure trace preorder
= refusal preorder :
a
b
a
c
© Ed Brinksma/Jan Tretmans
p rf q


s

Ftraces(p)  Ftraces (q)
Ftraces :
Not Ftraces :
{b,c} a {a,c} b L
{a,b,c} a {a,c} b L
a {c} b {a} {b} {c}
a {c} c L
 a {b} {b} c
a a 
}
Refusal Preorder
p
coin
coffee
bang
coffee
q
coin
coin
tea
bang
tea
q rf p
Ftrace of p :
coin {coffee} bang {coffee} tea
Not an Ftrace of p :
coin {coffee} bang coffee
© Ed Brinksma/Jan Tretmans
coffee
bang
tea
coin
tea
bang
coffee
p rf q
Not an Ftrace of q :
coin {coffee} bang {coffee} tea
An Ftrace of q :
coin {coffee} bang coffee
Preorders on
Transition Systems
strong
failure trace
= refusal
preorder
test an LTS with another LTS, and
try again (continue) after failure
failures
= testing
preorder
test an LTS with another LTS
trace
preorder
observing sequences of actions
weak
© Ed Brinksma/Jan Tretmans