sound and quasi complete detection of infeasible test
play

Sound and Quasi-Complete Detection of Infeasible Test Requirements - PowerPoint PPT Presentation

Aug 18, 2023 •427 likes •865 views

Sound and Quasi-Complete Detection of Infeasible Test Requirements Robin David S ebastien Bardin Micka el Delahaye Nickola Kosmatov 30 juillet 2015 Outline Introduction Overview Checking assertion validity Implementation

  1. Sound and Quasi-Complete Detection of Infeasible Test Requirements Robin David S´ ebastien Bardin Micka¨ el Delahaye Nickola¨ ı Kosmatov — 30 juillet 2015

  2. Outline Introduction Overview Checking assertion validity Implementation Experiments Conclusion CEA - 30 juillet 2015 - 2/27

  3. Context Testing process Generate a test input Run it and check for errors Estimate coverage : if enough stop, else loop Coverage criteria [decision, mcdc, mutants, etc.] play a major role generate tests, decide when to stop, assess quality of testing definition : systematic way of deriving test requirements CEA - 30 juillet 2015 - 3/27

  4. Context Testing process Generate a test input Run it and check for errors Estimate coverage : if enough stop, else loop The enemy : Infeasible test requirements waste generation effort, imprecise coverage ratios Coverage criteria [decision, mcdc, mutants, etc.] play a major role cause : structural coverage criteria are ... structural generate tests, decide when to stop, assess quality of testing detecting infeasible test requirements is undecidable definition : systematic way of deriving test requirements → Recognized as a hard and important issue in testing CEA - 30 juillet 2015 - 3/27

  5. Context Testing process Generate a test input Run it and check for errors Estimate coverage : if enough stop, else loop Coverage criteria [decision, mcdc, mutants, etc.] play a major role generate tests, decide when to stop, assess quality of testing definition : systematic way of deriving test requirements Testing oriented *but* scope beyond that : → original combination of two formal methods CEA - 30 juillet 2015 - 3/27

  6. Our goals and results → Focus on white-box (structural) coverage criteria Goals : automatic detection of infeasible test requirements sound method [thus, incomplete] applicable to a large class of coverage criteria strong detection power, reasonable detection speed rely as much as possible on existing verification methods CEA - 30 juillet 2015 - 4/27

  7. Our goals and results → Focus on white-box (structural) coverage criteria Goals : automatic detection of infeasible test requirements sound method [thus, incomplete] applicable to a large class of coverage criteria strong detection power, reasonable detection speed rely as much as possible on existing verification methods Results automatic, sound and generic method � new combination of existing verification technologies � experimental results : strong detection power [95%] , reasonable detection speed [ ≤ 1s/obj.] , improve test generation � yet to be proved : scalability on large programs ? [promising results..] CEA - 30 juillet 2015 - 4/27

  8. Our goals and results → Focus on white-box (structural) coverage criteria Goals : automatic detection of infeasible test requirements sound method [thus, incomplete] applicable to a large class of coverage criteria strong detection power, reasonable detection speed rely as much as possible on existing verification methods Results automatic, sound and generic method � new combination of existing verification technologies � Take away experimental results : strong detection power [95%] , reasonable VA ⊕ WP detection speed [ ≤ 1s/obj.] , improve test generation � better than VA, WP yet to be proved : scalability on large programs ? plug-in Frama-C [promising results..] CEA - 30 juillet 2015 - 4/27

  9. Outline Introduction Overview Checking assertion validity Implementation Experiments Conclusion CEA - 30 juillet 2015 - 5/27

  10. Background : Labels Annotate programs with labels [ICST 2014] predicate attached to a specific program instruction Label ( loc , ϕ ) is covered if a test execution reaches the instruction at loc satisfies the predicate ϕ Good for us can easily encode a large class of coverage criteria [see after] in the scope of standard program analysis techniques CEA - 30 juillet 2015 - 6/27

  11. Background : Labels Annotate programs with labels [ICST 2014] predicate attached to a specific program instruction Label ( loc , ϕ ) is covered if a test execution reaches the instruction at loc satisfies the predicate ϕ Good for us can easily encode a large class of coverage criteria [see after] in the scope of standard program analysis techniques infeasible label ( loc , ϕ ) ⇔ valid assertion ( loc , assert ¬ ϕ ) CEA - 30 juillet 2015 - 6/27

  12. Infeasible labels, valid assertions int g(int x, int a) { int res; if(x+a >= x) res = 1; else res = 0; //l1: res == 0 // infeasible } CEA - 30 juillet 2015 - 7/27

  13. Infeasible labels, valid assertions int g(int x, int a) { int res; if(x+a >= x) res = 1; else res = 0; //@assert res � = 0 // valid } CEA - 30 juillet 2015 - 7/27

  14. Standard coverage criteria Also Weak Mutation, GACC (weak MCDC) etc. CEA - 30 juillet 2015 - 8/27

  15. Overview of the approach labels as a unifying criteria label infeasibility ⇔ assertion validity s-o-t-a verification for assertion checking CEA - 30 juillet 2015 - 9/27

  16. Outline Introduction Overview Checking assertion validity Implementation Experiments Conclusion CEA - 30 juillet 2015 - 10/27

  17. Checking assertion validity Two broad categories of sound assertion checkers Value Analysis : state-approximation compute an invariant of the program then, analyze all assertions (labels) in one run Weakest-Precondition calculus : Goal-oriented checking perform a dedicated check for each assertion a single check usually easier, but many of them CEA - 30 juillet 2015 - 11/27

  18. Focus : checking assertion validity (2) VA WP � � sound for assert validity � � blackbox reuse × � local precision � × calling context � × calls / loop effects × × global precision � � scalability wrt. #labels × � scalability wrt. code size hypothesis : VA is interprocedural CEA - 30 juillet 2015 - 12/27

  19. VA and WP may fail int main () { int a = nondet (0 .. 20); int x = nondet (0 .. 1000); return g(x,a); } int g(int x, int a) { int res; if(x+a >= x) res = 1; else res = 0; //l1: res == 0 } CEA - 30 juillet 2015 - 13/27

  20. VA and WP may fail int main () { int a = nondet (0 .. 20); int x = nondet (0 .. 1000); return g(x,a); } int g(int x, int a) { int res; if(x+a >= x) res = 1; else res = 0; //@assert res � = 0 } CEA - 30 juillet 2015 - 13/27

  21. VA and WP may fail int main () { int a = nondet (0 .. 20); int x = nondet (0 .. 1000); return g(x,a); } int g(int x, int a) { int res; if(x+a >= x) res = 1; else res = 0; //@assert res � = 0 // both VA and WP fail } CEA - 30 juillet 2015 - 13/27

  22. Proposal : VA ⊕ WP (1) Goal = get the best of the two worlds idea : VA passes to WP the global info. it lacks Which information, and how to transfer it ? VA computes (internally) some form of invariants WP naturally takes into account assumptions //@ assume → Solution : VA exports its invariants on the form of WP-assumptions (Frama-C → ACSL) CEA - 30 juillet 2015 - 14/27

  23. Proposal : VA ⊕ WP (1) Goal = get the best of the two worlds idea : VA passes to WP the global info. it lacks Which information, and how to transfer it ? VA computes (internally) some form of invariants WP naturally takes into account assumptions //@ assume → Solution : VA exports its invariants on the form of WP-assumptions (Frama-C → ACSL) Notes : No manually-inserted WP-assumption CEA - 30 juillet 2015 - 14/27

  24. VA ⊕ WP succeeds! int main () { int a = nondet (0 .. 20); int x = nondet (0 .. 1000); return g(x,a); } int g(int x, int a) { int res; if(x+a >= x) res = 1; else res = 0; //l1: res == 0 } CEA - 30 juillet 2015 - 15/27

  25. VA ⊕ WP succeeds! int main () { int a = nondet (0 .. 20); int x = nondet (0 .. 1000); return g(x,a); } int g(int x, int a) { //@assume 0 < = a < = 20 //@assume 0 < = x < = 1000 int res; if(x+a >= x) res = 1; else res = 0; //@assert res != 0 } CEA - 30 juillet 2015 - 15/27

  26. VA ⊕ WP succeeds! int main () { int a = nondet (0 .. 20); int x = nondet (0 .. 1000); return g(x,a); } int g(int x, int a) { //@assume 0 < = a < = 20 //@assume 0 < = x < = 1000 int res; if(x+a >= x) res = 1; else res = 0; //@assert res != 0 // VA ⊕ WP succeeds } CEA - 30 juillet 2015 - 15/27

  27. Proposal : VA ⊕ WP (2) Exported invariants only names appearing in program independent from memory size non-relational information linear in VA only numerical information sets, intervals, congruence CEA - 30 juillet 2015 - 16/27

  28. Proposal : VA ⊕ WP (2) Soundness ok as long as VA is sound Exhaustivity of “export” only affect deductive power Finding the right trade-off in practice : exhaustive export has very low overhead CEA - 30 juillet 2015 - 17/27

  29. Invariant export strategies int fun(int a, int b, int c) { //@assume a [...] //@assume b [...] //@assume c [...] int x=c; //@assert a < b if(a < b) {...} else Parameters annotations {...} } CEA - 30 juillet 2015 - 18/27

  30. Invariant export strategies int fun(int a, int b, int c) { int x=c; //@assume a [...] //@assume b [...] //@assert a < b if(a < b) {...} else Label annotations {...} } CEA - 30 juillet 2015 - 18/27

Recommend

Sound and Quasi-Complete Detection of Infeasible Test Requirements S ebastien Bardin CEA

Sound and Quasi-Complete Detection of Infeasible Test Requirements S ebastien Bardin CEA

Sound and Quasi-Complete Detection of Infeasible Test Requirements S ebastien Bardin CEA LIST, Software Safety Lab (Paris-Saclay, France) joint work with: Micka el Delahaye, Robin David, Nikolai Kosmatov, Mike Papadakis, Yves Le Traon,

680 views • 50 slides
Detection of radio quasi-periodic oscillations in the -ray-loud X-ray binary LS I +61 303

Detection of radio quasi-periodic oscillations in the -ray-loud X-ray binary LS I +61 303

Detection of radio quasi-periodic oscillations in the -ray-loud X-ray binary LS I +61 303 Fr ed eric Jaron Max-Planck-Institute for Radio Astronomy Institute of Geodesy and Geoinformation, University of Bonn Effelsberg Science

206 views • 20 slides
Introduce self and training Instruct participants to complete the pre-test Collect the pre-test

Introduce self and training Instruct participants to complete the pre-test Collect the pre-test

Introduce self and training Instruct participants to complete the pre-test Collect the pre-test Pass out the Activity Worksheet Ask What is wellness? Allow approximately 2 minutes for people to answer Define wellness an active

564 views • 39 slides
07.01.2011 Topics Plagiarism Detection Software 2010 Plagiarism Plagiarism Detection

07.01.2011 Topics Plagiarism Detection Software 2010 Plagiarism Plagiarism Detection

07.01.2011 Topics Plagiarism Detection Software 2010 Plagiarism Plagiarism Detection Software Silver Bullet or Test 2010 Waste of Time? Test Results Portal Plagiarism Debora Weber-Wulff Questions? HTW Berlin Flickr

285 views • 3 slides
What is Smoke Test? Empirical Evaluation of the Fault-detection Effectiveness of Smoke Regression

What is Smoke Test? Empirical Evaluation of the Fault-detection Effectiveness of Smoke Regression

What is Smoke Test? Empirical Evaluation of the Fault-detection Effectiveness of Smoke Regression Test Cases Smoke test for GUI-based Software Borrowed from hardware testing Qing Xie A relatively simple check to see whether the

499 views • 5 slides
DALI KUBIK ONE A complete sound system in a simple, stylish and easy to place package DALI KUBIK

DALI KUBIK ONE A complete sound system in a simple, stylish and easy to place package DALI KUBIK

DALI KUBIK ONE A complete sound system in a simple, stylish and easy to place package DALI KUBIK ONE - overview Flexible sound system Connect any audio source, wired or wireless Optical, Analogue, USB and Bluetooth Place it

213 views • 9 slides
Sound Event Detection in Multisource Environments Using Source Separation Toni Heittola 1 ,

Sound Event Detection in Multisource Environments Using Source Separation Toni Heittola 1 ,

1 Sound Event Detection in Multisource Environments Using Source Separation Toni Heittola 1 , Annamaria Mesaros 1 , Tuomas Virtanen 1 , Antti Eronen 2 1 Tampere University of Technology, Department of Signal Processing 2 Nokia Research Center

731 views • 17 slides
Sound 1 Sound &quot;50% of the movie experience is sound - George Lucas Sound is used

Sound 1 Sound &quot;50% of the movie experience is sound - George Lucas Sound is used

Sound 1 Sound &quot;50% of the movie experience is sound - George Lucas Sound is used to create: Mood Ambience Drama Environmental clues Continuity Feedback Practical Issues Real-time requirement

311 views • 17 slides
Extending a Compiler Backend for Complete Memory Error Detection Norman A. Rink and Jeronimo

Extending a Compiler Backend for Complete Memory Error Detection Norman A. Rink and Jeronimo

Extending a Compiler Backend for Complete Memory Error Detection Norman A. Rink and Jeronimo Castrillon Technische Universitt Dresden Automotive Safety &amp; Security 2017 30 May 2017 Stuttgart Outline 1. Motivation 2. Error detection,

573 views • 23 slides
? Message sound Message P(wolf|sound) P(sound| wolf) x P(wolf) 1 9/4/19 P(sound| wolf)

? Message sound Message P(wolf|sound) P(sound| wolf) x P(wolf) 1 9/4/19 P(sound| wolf)

9/4/19 Speech Hynek Hermansky Elecrical and Computer Engineering Hackerman 324Fp ? Message sound Message P(wolf|sound) P(sound| wolf) x P(wolf) 1 9/4/19 P(sound| wolf) no wolf wolf loudness timbre (sound color) More

334 views • 14 slides
A Sound and Complete Algorithm for Simple Conceptual Logic Programs Cristina Feier and Stijn

A Sound and Complete Algorithm for Simple Conceptual Logic Programs Cristina Feier and Stijn

A Sound and Complete Algorithm for Simple Conceptual Logic Programs Cristina Feier and Stijn Heymans Institute of Information Systems, Knowledge-Based Systems Group, Vienna University of Technology 12 December 2008 1 Overview Open Answer Set

1.1k views • 45 slides
Sound and complete axiomatizations of coalgebraic language equivalence Marcello Bonsangue, Stefan

Sound and complete axiomatizations of coalgebraic language equivalence Marcello Bonsangue, Stefan

Platzhalter fr Bild, Bild auf Titelfolie hinter das Logo einsetzen Sound and complete axiomatizations of coalgebraic language equivalence Marcello Bonsangue, Stefan Milius, Alexandra Silva Regular Expressions Syntatic description of regular

565 views • 29 slides
Localization and Detection Paper: 3583 Session: AUD-L3 Acoustic Event Detection T. N. T.

Localization and Detection Paper: 3583 Session: AUD-L3 Acoustic Event Detection T. N. T.

A Sequence Matching Network for Poly lyphonic Sound Event Localization and Detection Paper: 3583 Session: AUD-L3 Acoustic Event Detection T. N. T. Nguyen*, D. L. Jones , W. S. Gan* *School of Electrical and Electronic Engineering, Nanyang

386 views • 20 slides
Sound and Complete Flow Typing with Unions, Intersections and Negations David J. Pearce School

Sound and Complete Flow Typing with Unions, Intersections and Negations David J. Pearce School

Sound and Complete Flow Typing with Unions, Intersections and Negations David J. Pearce School of Engineering and Computer Science Victoria University of Wellington What is Flow Typing? Defining characteristic : ability to retype variables JVM

534 views • 18 slides
Infinitary Term Graph Rewriting is Simple, Sound and Complete Patrick Bahr paba@diku.dk

Infinitary Term Graph Rewriting is Simple, Sound and Complete Patrick Bahr paba@diku.dk

Infinitary Term Graph Rewriting is Simple, Sound and Complete Patrick Bahr paba@diku.dk University of Copenhagen Department of Computer Science 23rd International Conference on Rewriting Techniques and Applications, Nagoya, Japan, March May

889 views • 73 slides
Image-based change detection to reduce false alarms in the Vision1200 synthetic aperture sonar

Image-based change detection to reduce false alarms in the Vision1200 synthetic aperture sonar

Image-based change detection to reduce false alarms in the Vision1200 synthetic aperture sonar Dr. C. Erdmann and Dr. J. Groen a sound decision a sound decsion The ATLAS ELEKTRONIK Group/ 1 Image-based Change Detection Content

787 views • 36 slides
Designs Chapter 11 Quasi-Experimentation Quasi-experiments resemble experiments, but lack

Designs Chapter 11 Quasi-Experimentation Quasi-experiments resemble experiments, but lack

Quasi-Experimental Designs Chapter 11 Quasi-Experimentation Quasi-experiments resemble experiments, but lack experimental control lack of random assignment is the key point of distinction between quasi- experiments and true

888 views • 31 slides
Mathematical Profile &amp; Dyscalculia Test National &amp; v Children who subsequently complete

Mathematical Profile &amp; Dyscalculia Test National &amp; v Children who subsequently complete

Mathematical Profile &amp; Dyscalculia Test National &amp; v Children who subsequently complete high school with relatively Kapodistrian University of low mathematics achievement are more likely to be Athens unemployed or paid lower wages

372 views • 12 slides
TAPPING TEST AND ANALYSIS FOR DAMAGE DETECTION S. J. Kim 1 , S. M. Ahn 1 , I. H. Hwang 1 , C. H.

TAPPING TEST AND ANALYSIS FOR DAMAGE DETECTION S. J. Kim 1 , S. M. Ahn 1 , I. H. Hwang 1 , C. H.

18 TH INTERNATIONAL CONFERENCE ON COMPOSITE MATERIALS TAPPING TEST AND ANALYSIS FOR DAMAGE DETECTION S. J. Kim 1 , S. M. Ahn 1 , I. H. Hwang 1 , C. H. Hong 2 1 Korea Aerospace Research Institute, Daejeon, Korea, 2 Chungnam National University,

181 views • 4 slides
1 quasi-newton in one variable: the secant method In a one dimensional problem, approximating the

1 quasi-newton in one variable: the secant method In a one dimensional problem, approximating the

QUASI-N E W TON MET HODS David F. Gleich February 29, 2012 Te material here is from Chapter 6 in No- Te idea behind Quasi-Newton methods is to make an optimization algorithm with cedal and Wright, and Section 12.3 in Griva, Sofer, and Nash.

56 views • 3 slides
SOUND SOUND Wha hat is t is sound sound? Click on the image below to find out. Sounds are

SOUND SOUND Wha hat is t is sound sound? Click on the image below to find out. Sounds are

SOUND SOUND Wha hat is t is sound sound? Click on the image below to find out. Sounds are made when objects vibrate and the vibrations travel to enter you ear. You hear these vibrations as sounds. Sound is all around us We cannot

357 views • 9 slides
Regionlets for Generic Object Detection A test on ImageNet Tianbao Yang Xiaoyu Wang

Regionlets for Generic Object Detection A test on ImageNet Tianbao Yang Xiaoyu Wang

Regionlets for Generic Object Detection A test on ImageNet Tianbao Yang Xiaoyu Wang Miao Sun University of Missouri Yuanqing Lin Tony X. Han Shenghuo Zhu Introduction Generic object detection is challenging

256 views • 22 slides
Web Testing w ith METS Presented by Greg Paskal 1 METS Physical Test Grid 2 Pages

Web Testing w ith METS Presented by Greg Paskal 1 METS Physical Test Grid 2 Pages

Web Testing w ith METS Presented by Greg Paskal 1 METS Physical Test Grid 2 Pages Complete Loading Verify complete page loading by observing the browser action icon. Internet Explorer Netscape 3 Pages Complete Loading Look

832 views • 27 slides
RI I Next Generation Scie cience Assessment (R (RI I NGSA) Test Coordinator Training

RI I Next Generation Scie cience Assessment (R (RI I NGSA) Test Coordinator Training

RI I Next Generation Scie cience Assessment (R (RI I NGSA) Test Coordinator Training Workshop January 2020 Wor orkshop Agenda 1. RI NGSA Overview 2. Tasks to Complete Before Testing 3. Tasks to Complete During Testing 4. Tasks to Complete

1.46k views • 109 slides

More recommend