1 / 7

WP4 Algorithms, Tools, and Fault Injection

WP4 Algorithms, Tools, and Fault Injection. Fault-based TCG Techniques Daniel Kroening, ETH Zurich. TCG and Model Checking. Goal: automatic generation of test vectors from models Given a set of faults (mutations), the test vectors should cover all faults, or

gerard
Download Presentation

WP4 Algorithms, Tools, and Fault Injection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WP4Algorithms, Tools, and Fault Injection Fault-based TCG Techniques Daniel Kroening, ETH Zurich

  2. TCG and Model Checking • Goal: automatic generation of test vectors from models • Given a set of faults (mutations),the test vectors should • cover all faults, or • the model provably tolerates the fault. • Models • UML/OCL • Simulink/Stateflow

  3. Model Extraction • Simulink/Stateflow is a very rich language • Huge collection of “blocks” • Extensive libraries • Frequently links to binaries, i.e., C-Code • We need to extract a “clean” representation • First prototype implementation completed • Supports broad set of C (and some C++),as we have existing front-ends

  4. TCG with Model Checking • The fault model is merged into the system description, causing mutations SimulinkModel extract TransitionSystem MF FaultModel extract RewritingRules

  5. TCG with Model Checking • We build the “Miter”: S1 M Output Input Inputs tiedtogether = ? Safetyproperty! Output Input MF S2

  6. TCG with Model Checking • Two outcomes: • The Model Checker proves the property to holdIn this case, the fault is tolerated • The Model Checker produces a counterexampleThis is our test vector! • We plan to apply both bounded model checking and unbounded model checking

  7. Achievements so far • Survey paper on software verification(IEEE TCAD) • Paper at DATE on vacuity of specifications(the dual of coverage) • Paper on generating long counterexamples in FACJ • Prototype of Simulink Model Extractorwith support for ANSI-C s-boxes • Decision procedure for bit-level properties of floating-point properties – applied to automotive software

More Related