hazard based selection of test cases
play

Hazard-based Selection of Test Cases Functional Safety of - PowerPoint PPT Presentation

Sep 29, 2023 •976 likes •1.33k views

Hazard-based Selection of Test Cases Functional Safety of Mechatronic Systems Mario Gleirscher Software & Systems Engineering Institut f ur Informatik Technische Universit at M unchen May 24, 2011 Motivation Functional Safety

  1. Hazard-based Selection of Test Cases Functional Safety of Mechatronic Systems Mario Gleirscher Software & Systems Engineering Institut f¨ ur Informatik Technische Universit¨ at M¨ unchen May 24, 2011

  2. Motivation Functional Safety Hazards Conclusion Safety Case 1 : Assurance of an Airbag Control Machine I : An airbag system . . . 1 Cf. Safety case management [Kel98] 2 Cf. [Wik11] 2/20 Hazard-based Selection of Test Cases Mario Gleirscher

  3. Motivation Functional Safety Hazards Conclusion Safety Case 1 : Assurance of an Airbag Control Machine I : An airbag system . . . Safety Case G : Does the airbag release iff it’s intended? 1 Cf. Safety case management [Kel98] 2 Cf. [Wik11] 2/20 Hazard-based Selection of Test Cases Mario Gleirscher

  4. Motivation Functional Safety Hazards Conclusion Safety Case 1 : Assurance of an Airbag Control “. . . functional safety methods have to extend to non-E/E/PS parts of the system . . . ” 2 Machine I : An airbag system . . . “. . . functional safety can[not] Context E : . . . in a car operated be determined without consid- ering the environment . . . ” 2 out in a street by a human driver. 1 Cf. Safety case management [Kel98] 2 Cf. [Wik11] 2/20 Hazard-based Selection of Test Cases Mario Gleirscher

  5. Motivation Functional Safety Hazards Conclusion 1 Functional Safety System Modelling Property Analysis and Specification 2 Hazards Property Analysis and Specification Test Case Selection 3 Conclusion 3/20 Hazard-based Selection of Test Cases Mario Gleirscher

  6. Motivation Functional Safety Hazards Conclusion 1 Functional Safety System Modelling Property Analysis and Specification 2 Hazards Property Analysis and Specification Test Case Selection 3 Conclusion 4/20 Hazard-based Selection of Test Cases Mario Gleirscher

  7. Motivation Functional Safety Hazards Conclusion A System Model M W of the Airbag World W Functional 1 model M W : E I E Safety Analyst M I describing the mechatronic system I and M E describing its operational environment E . 1 Cf. [Bro10]. 5/20 Hazard-based Selection of Test Cases Mario Gleirscher

  8. Motivation Functional Safety Hazards Conclusion A System Model M W of the Airbag World W A system boundary allows interaction across shared phenomena 1 : M E M I M E ◮ M I � repaired(Airbag), refilled(Gas), signal(activate,Airbag), on(crashSensor), . . . M E ◭ M I � released(Airbag), . . . where A ◮ B = ctrV ar ( A ) ∩ monV ar ( B ) . 1 Cf. [Jac01, PM95] 5/20 Hazard-based Selection of Test Cases Mario Gleirscher

  9. Motivation Functional Safety Hazards Conclusion A System Model M W of the Airbag World W Supportive phenomena for safety modelling and measurement: M E M I M E \ M I � crashed(Car), shocked(Car), deformed(Car), pro- tected(Person), driving(Car), irritated(Passenger), . . . M I \ M E � empty(Airbag), . . . 5/20 Hazard-based Selection of Test Cases Mario Gleirscher

  10. Motivation Functional Safety Hazards Conclusion A System Model M W of the Airbag World W Interface behaviour � histories of shared phenomena states: M E M I Intervals . . . n . . . . . . n + j . . . m − → shocked(Car) F T T F F F F . . . deformed(Car) 0 2 10 10 10 10 10 . . . crashed(Car) F F F T T T T . . . signal(crash) F F F T T T T . . . released(Airbag) F F F F T T T . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5/20 Hazard-based Selection of Test Cases Mario Gleirscher

  11. Motivation Functional Safety Hazards Conclusion M W as a Test Model M E M I off off maintain enter leave boot maintain Independent con- trol states, transi- driving activate release activated maintain tions with action preconditions and collide release effects 1 . crashed release released Where to get the information? System use cases → M I , M E Domain and context analysis → M E 1 Details in Golog script, cf. [Rei01]. 6/20 Hazard-based Selection of Test Cases Mario Gleirscher

  12. Motivation Functional Safety Hazards Conclusion M W as a Test Model M E M I off off maintain enter leave boot maintain Independent con- trol states, transi- driving activate release activated maintain tions with action preconditions and collide release effects 1 . crashed release released Problem: Which of M W ’s possible or mutated transitions may obstruct safety in M E ? 1 Details in Golog script, cf. [Rei01]. 6/20 Hazard-based Selection of Test Cases Mario Gleirscher

  13. Motivation Functional Safety Hazards Conclusion Functional Safety in M W M E M I Functional Behavioral property to globally maintain (or avoid) safety goal 3 in E , formally: � φ � protected ( Body ) G � G ′ � � [ crashed ( Car ) → � < 400 ms absorbed ( Body ) ∧ � ¬ crashed ( Car ) → � ¬ released ( Airbag )] 3 Cf. [MP95]. 7/20 Hazard-based Selection of Test Cases Mario Gleirscher

  14. Motivation Functional Safety Hazards Conclusion Functional Safety in M W M E M I A/G safety G split into Assumptions for E and Guarantees for I , formally: � i As i → Gr i | = G specification As 1 � � [ crashed ( Car ) ↔ • signal ( crash )] . . . “reliable crash sensing expected from E ” Gr 1 � � [ signal ( crash ) ↔ � < 200 ms released ( Airbag )] . . . “reliable bag disengaging required from I ” 7/20 Hazard-based Selection of Test Cases Mario Gleirscher

  15. Motivation Functional Safety Hazards Conclusion 1 Functional Safety System Modelling Property Analysis and Specification 2 Hazards Property Analysis and Specification Test Case Selection 3 Conclusion 8/20 Hazard-based Selection of Test Cases Mario Gleirscher

  16. Motivation Functional Safety Hazards Conclusion Obstacles 2 to Functional Safety in M W What obstructs a functional safety goal G in W ? M E M I H Hazard H Risk of human or environmental harm in E H 1 � G ′ � � [ crashed ( Car ) ∧ • harmed ( Person )] � � [ � ¬ crashed ( Car ) ∧ • harmed ( Person )] H 2 � G ′ 2 Automated inference possible, e.g. [Let01]. 9/20 Hazard-based Selection of Test Cases Mario Gleirscher

  17. Motivation Functional Safety Hazards Conclusion Obstacles 2 to Functional Safety in M W How can such obstructions happen in W ? M E M I H Hazardous state σ State of M E (or M E ∩ M I ) leading to H � signal ( crash ) → ¬ released ( Airbag ) σ H 1 G � ¬ signal ( crash ) → released ( Airbag ) σ H 2 G � crashed ( Car ) → ¬ signal ( crash ) σ H 3 A � ¬ crashed ( Car ) → signal ( crash ) σ H 4 A 2 Automated inference possible, e.g. [Let01]. 9/20 Hazard-based Selection of Test Cases Mario Gleirscher

  18. Motivation Functional Safety Hazards Conclusion Obstacles 2 to Functional Safety in M W How can such obstructions be generated from M W ? M E M I H Hazardous state σ State of M E (or M E ∩ M I ) leading to H � signal ( crash ) → ¬ released ( Airbag ) σ H 1 G � ¬ signal ( crash ) → released ( Airbag ) σ H 2 G � crashed ( Car ) → ¬ signal ( crash ) σ H 3 A � ¬ crashed ( Car ) → signal ( crash ) σ H 4 A 2 Automated inference possible, e.g. [Let01]. 9/20 Hazard-based Selection of Test Cases Mario Gleirscher

  19. Motivation Functional Safety Hazards Conclusion Defects concerning Functional Safety Causes of (hazardous) system failures: M W (as specified) M E M I a W (as built & run) b E I a) Potential bug c M W (as intended) or runtime error . Assurance by M E M I system testing too weak and (Im)mature Specs Realization incomplete. 10/20 Hazard-based Selection of Test Cases Mario Gleirscher

  20. Motivation Functional Safety Hazards Conclusion Defects concerning Functional Safety Causes of (hazardous) system failures: M W (as specified) M E M I a b) Requirements W (as built & run) error , e.g. wrong b assumption or E I guarantee; wrong, c M W (as intended) incomplete or missing transition. M E M I Assurance by requirements (Im)mature Specs Realization validation. 10/20 Hazard-based Selection of Test Cases Mario Gleirscher

  21. Motivation Functional Safety Hazards Conclusion Defects concerning Functional Safety Causes of (hazardous) system failures: M W (as specified) M E M I a W (as built & run) b c) Bug or E I runtime error . c M W (as intended) Assurance by automated system M E M I testing strengthened by (Im)mature Specs Realization validation. 10/20 Hazard-based Selection of Test Cases Mario Gleirscher

  22. Motivation Functional Safety Hazards Conclusion Assure Functional Safety G of a Machine I in a Context E Constructive Safety Assurance (Requirements Engineer) 1 Safety risks: Does the airbag’s behaviour cause hazards? 2 Hazardous exceptions: Is it completely specified? 3 Automation: How to systematically explore such situations? 4 How can they be avoided or kept at minimum risk? Analytic Safety Assurance (Test Engineer) 1 Selection: How to test beyond the airbag’s specification? 2 Coverage: Have all relevant situations be explored, i.e. does an airbag’s realization exhibit hazardous behaviour? 3 How to mutate M W to get interesting test cases? 4 How to automatically generate and execute them? 11/20 Hazard-based Selection of Test Cases Mario Gleirscher

Recommend

State-Based Testing Part C Test Cases Generating test cases for complex behaviour Reference:

State-Based Testing Part C Test Cases Generating test cases for complex behaviour Reference:

State-Based Testing Part C Test Cases Generating test cases for complex behaviour Reference: Robert V. Binder Testing Object-Oriented Systems: Models, Patterns, and Tools Addison-Wesley, 2000, Chapter 7 Test strategies Exhaustive

687 views • 47 slides
State-Based Testing Part C Test Cases Generating test cases for complex behaviour

State-Based Testing Part C Test Cases Generating test cases for complex behaviour

State-Based Testing Part C Test Cases Generating test cases for complex behaviour Reference: Robert V. Binder Testing Object-Oriented Systems: Models, Patterns, and Tools Addison-Wesley, 2000, Chapter 7

1.09k views • 44 slides
Model-Based Testing: Automated Generation of Test Cases, Test Data, and Test Procedures from

Model-Based Testing: Automated Generation of Test Cases, Test Data, and Test Procedures from

Model-Based Testing: Automated Generation of Test Cases, Test Data, and Test Procedures from SysML Models Jrg Brauer and Jan Peleska Verified Systems International GmbH support@verified.de Space Tech Expo Europe 2015-11-19 Motivation

499 views • 26 slides
Selection and Execution of User Level Test Cases for Energy Cost Evaluation of Smartphones

Selection and Execution of User Level Test Cases for Energy Cost Evaluation of Smartphones

Selection and Execution of User Level Test Cases for Energy Cost Evaluation of Smartphones Rajesh Palit PhD Candidate Co-authors: R Arya, S Naik, A Singh Department of E&amp;CE Tuesday, May 24, 2011 Motivation Rapid development of

443 views • 19 slides
Acceptance Test Optimization Optimization Mohamed Mussa, Ferhat Khendek SAM2014 Outline

Acceptance Test Optimization Optimization Mohamed Mussa, Ferhat Khendek SAM2014 Outline

Acceptance Test Optimization Optimization Mohamed Mussa, Ferhat Khendek SAM2014 Outline Outline Background Problem Statement Overall Approach Integration test cases selection Integration test cases selection

490 views • 21 slides
Big-O-ology Problem You can only run a few test cases. There will be many inputs you wont test

Big-O-ology Problem You can only run a few test cases. There will be many inputs you wont test

How do you tell how fast a program is? Answer? Run some test cases. Big-O-ology Problem You can only run a few test cases. There will be many inputs you wont test ...and BAD things may be happening on that stuff. Jim Royer FIX? Test all

78 views • 7 slides
Test automation Whenever we alter our code, we should re-test Our collections of test cases

Test automation Whenever we alter our code, we should re-test Our collections of test cases

Test automation Whenever we alter our code, we should re-test Our collections of test cases can be substantial, and each test case can be large: manual testing is slow, error-prone Ideally, we would like a tool or script that lets us

186 views • 7 slides
Automating the Generation of Mutation-based Test Cases Mik ike e Pap apad adakis akis

Automating the Generation of Mutation-based Test Cases Mik ike e Pap apad adakis akis

Automating the Generation of Mutation-based Test Cases Mik ike e Pap apad adakis akis Department of Informatics Athens University of Economics and Business 1 Mutation Testing White-box, fault-based testing technique Considered as

540 views • 22 slides
Model-Based Testing (ISTQB Chapter 4) Arie van Deursen 1 4.1 ISTQB Test Design Test Scripts

Model-Based Testing (ISTQB Chapter 4) Arie van Deursen 1 4.1 ISTQB Test Design Test Scripts

Model-Based Testing (ISTQB Chapter 4) Arie van Deursen 1 4.1 ISTQB Test Design Test Scripts Test Basis 4.1.2: Test Analysis 4.1.4: Test Implementation Test Selected Test Cases Test Conditions Conditions 4.1.3: Test Design 2 Test

1.18k views • 38 slides
STARTS: STARTS: STARTS: STARTS: STAtic STAtic Regression Test Selection Regression Test

STARTS: STARTS: STARTS: STARTS: STAtic STAtic Regression Test Selection Regression Test

STARTS: STARTS: STARTS: STARTS: STAtic STAtic Regression Test Selection Regression Test Selection STAtic STAtic Regression Test Selection Regression Test Selection Owolabi Legunsen , August Shi, Darko Marinov ASE 2017 Urbana-Champaign,

480 views • 11 slides
Learning objectives Understand the rationale for systematic (non- random) selection of test

Learning objectives Understand the rationale for systematic (non- random) selection of test

Learning objectives Understand the rationale for systematic (non- random) selection of test cases Understand the basic concept of partition testing Functional testing and its underlying assumptions Understand why functional test

220 views • 5 slides
TEST AUTOMATION AT BMAR BMAR TEST TEAM Test Automation Planning 1. Selection Of Test

TEST AUTOMATION AT BMAR BMAR TEST TEAM Test Automation Planning 1. Selection Of Test

TEST AUTOMATION AT BMAR BMAR TEST TEAM Test Automation Planning 1. Selection Of Test Automation Tool Telerik Test Studio tool was selected. 2. Automation Projects - Agency Project- Yna - 26 developer, 5 tester, 12 years, 3.568.168 rows

591 views • 22 slides
State-Based Testing Part B Error Identification Generating test cases for complex

State-Based Testing Part B Error Identification Generating test cases for complex

State-Based Testing Part B Error Identification Generating test cases for complex behaviour Reference: Robert V. Binder Testing Object-Oriented Systems: Models, Patterns, and Tools Addison-Wesley, 2000, Chapter

635 views • 61 slides
Chapter 9 Adverse Selection 9.1 Introduction: Production Game VI In moral hazard with

Chapter 9 Adverse Selection 9.1 Introduction: Production Game VI In moral hazard with

Chapter 9 Adverse Selection 9.1 Introduction: Production Game VI In moral hazard with hidden knowledge and adverse selection, the principal tries to sort out agents of different types. In moral hazard with hidden knowledge , the

659 views • 30 slides
1 2 3 4 5 6 Pesticide are also classified based on hazard level. The hazard classification may

1 2 3 4 5 6 Pesticide are also classified based on hazard level. The hazard classification may

1 2 3 4 5 6 Pesticide are also classified based on hazard level. The hazard classification may help in assessing the risk/severity of a poisoning involving pesticides. IN MALAYSIA, label for pesticides are using different colour coding for

1.02k views • 52 slides
From Selection to Repetition Semantics of while loop The if statement and if/else statement

From Selection to Repetition Semantics of while loop The if statement and if/else statement

From Selection to Repetition Semantics of while loop The if statement and if/else statement allow a block of if (test) while (test) { { statements to be executed selectively: based on a guard/test

224 views • 9 slides
State-Based Testing Part A Modeling states Generating test cases for complex behaviour

State-Based Testing Part A Modeling states Generating test cases for complex behaviour

State-Based Testing Part A Modeling states Generating test cases for complex behaviour Reference: Robert V. Binder Testing Object-Oriented Systems: Models, Patterns, and Tools Addison-Wesley, 2000, Chapter 7 Motivation We are interested

846 views • 49 slides
State-Based Testing Part B Error Identification Generating test cases for complex behaviour

State-Based Testing Part B Error Identification Generating test cases for complex behaviour

State-Based Testing Part B Error Identification Generating test cases for complex behaviour Reference: Robert V. Binder Testing Object-Oriented Systems: Models, Patterns, and Tools Addison-Wesley, 2000, Chapter 7 Flattening the statechart

1.23k views • 73 slides
State-Based Testing Part B Error Identification Generating test cases for complex behaviour

State-Based Testing Part B Error Identification Generating test cases for complex behaviour

State-Based Testing Part B Error Identification Generating test cases for complex behaviour Reference: Robert V. Binder Testing Object-Oriented Systems: Models, Patterns, and Tools Addison-Wesley, 2000, Chapter 7 Flattening the statechart

664 views • 37 slides
Combinatorial Interaction Testing for Test Selection in Grammar-Based Testing Elke Salecker,

Combinatorial Interaction Testing for Test Selection in Grammar-Based Testing Elke Salecker,

Combinatorial Interaction Testing for Test Selection in Grammar-Based Testing Elke Salecker, Sabine Glesner Technical University of Berlin, Germany Workshop on Combinatorial Testing (CT) 2012 Montreal, Canada Introduction Background Approach

632 views • 45 slides
Tool-Assisted Unit Test Selection Based on Operational Violations Tao Xie David Notkin

Tool-Assisted Unit Test Selection Based on Operational Violations Tao Xie David Notkin

Tool-Assisted Unit Test Selection Based on Operational Violations Tao Xie David Notkin Department of Computer Science &amp; Engineering University of Washington, Seattle, WA Oct. 8th, 2003 ASE 2003, Montreal, Canada 1 Synopsis Context:

802 views • 32 slides
Median Finding Test Cases What's Next 1. Median finding, part 2 2. Why we write test cases 3.

Median Finding Test Cases What's Next 1. Median finding, part 2 2. Why we write test cases 3.

Median Finding Test Cases What's Next 1. Median finding, part 2 2. Why we write test cases 3. What's next? A problem Find the (upper) median of a list of n items. Upper median means &quot;if the list has an even number of items, pick

1.38k views • 52 slides
Portfolio Selection with Estimation Risk: a Test-based Approach Bertille Antoine Simon Fraser

Portfolio Selection with Estimation Risk: a Test-based Approach Bertille Antoine Simon Fraser

The 11th Annual Financial Econometrics Conference &quot;Econometric Modeling in Risk Management&quot; Portfolio Selection with Estimation Risk: a Test-based Approach Bertille Antoine Simon Fraser University, Vancouver March 27th, 2009

624 views • 28 slides
THT / SMT adapter for Test Socket Why need an adapter? In certain cases, you are not able to

THT / SMT adapter for Test Socket Why need an adapter? In certain cases, you are not able to

THT / SMT adapter for Test Socket Why need an adapter? In certain cases, you are not able to place any test socket on your board, because: - Its density is too high - It was not designed to accommodate any test socket. - The package

463 views • 3 slides

More recommend