1 / 20

Evaluation of OCL for Large-Scale Modelling

Evaluation of OCL for Large-Scale Modelling. A Different View of the Mondex Smart Card Application. Emine G. Aydal, Richard F. Paige, Jim Woodcock University of York. AGENDA. Motivation Goal Modelling Mondex Modelling issues Validation Test case generation Conclusion.

dsander
Download Presentation

Evaluation of OCL for Large-Scale Modelling

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Evaluation of OCL for Large-Scale Modelling A Different View of the Mondex Smart Card Application Emine G. Aydal, Richard F. Paige, Jim Woodcock University of York

  2. AGENDA • Motivation • Goal • Modelling Mondex • Modelling issues • Validation • Test case generation • Conclusion Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  3. Motivation • MONDEX : Global e-payment scheme that offers immediate transfer of value without signature or PIN in currencies allowed. • First Step in Grand Challenge Program • Contribution of this study • Model the system from informal requirements by using semi-formal techniques • Perform model-based testing on formally-verified versions of Mondex • Assess the value added • Alloy (MIT) • Event-B (University of Southampton) • OCL (University of Bremen) • Perfect Developer (Escher Technologies) • RAISE (Uni. of UN Macao and TUD) • Z (University of York) Based on the monograph that outlined the specifications, refinement and proof details of Mondex in Z (Stepney and Woodcock) Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation| Conclusion

  4. Goal • Test cases derived from models before development stage • Model-based testing of formally verified s/w Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation| Conclusion

  5. Goal • Model Mondex by using UML and OCL • Diagrams • Invariants • Pre/post-conditions • Validate the model through scenarios • Explore the relationship between test case generation and assertion-based scenarios Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  6. Modelling Mondex Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  7. Modelling Mondex • Modelling Language : UML enriched with OCL expressions • Tool : UML Specification Environment (USE) • Use case diagrams and use scenarios Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  8. Modelling Mondex • 8 Classes • 30 Invariants • 31 Operations • 197 Pre/post-conditions • Traceability Matrix Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  9. Modeling issues • Constants • Derived Parameters • May be fixed at a later stage in the development or during application loading • Currently no support for constants • Example: inv iNoLanguages: self.languages->size() <= cNoLanguages • Prefixed with ‘/’ in UML (‘_’ in USE) • Supported by OCL • Not integrated into the OCL tools • Workaround : create invariants ensuring the correct calculation of the derived attributes inv iNoUnusedException : _NumberOfUnusedExceptions = cNoException - exceptionlogs->size() Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  10. Modeling issues • Constants • Derived Parameters • Invariants • Pre/post-conditions (assertions) • No consistency check • Restricting invariants • No tool support yet (OCL Compiler v2.0) Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  11. Modeling issues • Pre/Post-conditions • State Checking Self.OclInState(Unlocked) Self.LockingState = ‘Unlocked’ • Messaging: HasSent Operator (‘^’) post ChangePersonalCodePost1: %Personal Code changes successfully or (PersonalCode = PersonalCode@pre and Self^ChangeTheStateToLockedOut and result = false) Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  12. Modeling issues • Pre/Post-conditions • Frame Variables Set (FVS) • Distinct set of variables read/written by each operation • Determination of these variables • Management of the post values of these variables • Assumption : All the variables not included in FVS of an operation stay unchanged after the execution of that operation • No tool support Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  13. Validation of the model • Overall Objective: The model behaves as expected when an instance of the model is executed under certain conditions. • There is at least one instance of the model that satisfies all the invariants. • There is at least one instance of the model that allows each operation to run successfully, i.e. preconditions and postconditions of the operation are satisfied and the instance does not conflict with any of the invariants. Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  14. Validation of the model • Scenario: An instance of the model that serves a purpose, i.e. that satisfies a property. • Base object model : An initial, stable instance of the model that satisfies all the invariants. • Scenario structure • Setting/creation of FVS • Access the operation (Precondition check) • Modification/Deletion of FVS • Exit the operation (Postcondition check) Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  15. Validation of the model • Creation of scenarios that validate operations • Execution of scenarios • Immediate feedback by the tool • Drawback: Finding the set of frame variables and their values in order to satisfy assertions of a certain operation Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  16. Test Case Generation • Assertions ensure the correct functioning of operations. So why not using these critical points in test case generation? • Idea: Find scenarios that violates each assertion of each operation. Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  17. Test Case Generation • Existing research: In order to validate a model, generate automatic snapshots of a model by using ASSL (A Snapshot and Sequence Language) in USE [Gogolla,2003] • Based on invariant conflict. • Each invariant is addressed separately by feeding the system with its reverse. Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  18. Test Case Generation • Additional information • Scenarios that violate 197 assertions are already created manually. • Future work • Apply the technique described in [Gogolla,2003] for invariants to assertions . • Automate the generation of such scenarios • Compare the results of manual and automatic scenario generation • Concretise scenarios into test scripts Motivation | Goal | Modelling Mondex | Modelling Issues | Validation | Test case generation | Conclusion

  19. Conclusion • Modeled a real life application by using OCL. • The large number of invariants and assertions provided us ideas in terms of features that needs to be added into OCL tools. • The scenarios are a way of validating your model. The fact that scenarios use artifacts of the model supports the validation process. • Test case generation and Validation are two processes that may have common grounds. Motivation | Goal | Modelling Mondex | Modeling Issues | Validation | Test case generation | Conclusion

  20. THANK YOU… Motivation | Goal | Modelling Mondex | Modeling Issues | Validation | Test case generation | Conclusion

More Related