Fig 1 - uploaded by Laura M. Castro
Content may be subject to copyright.
Simple ER diagram example
Source publication
Many software systems are data-intensive and use a data management systems for data storage, such as Relational Database Management Systems (RDBMS). RDBMSs are used to store information in a structured manner, and to define several types of constraints on the data, to maintain basic consistency. The RDBMSs are mature, well tested, software products...
Context in source publication
Citations
... Using the structural characteristics of PN can effectively find some control flow errors [9]. Although the traditional workflow net (WF-net) can simulate the control flow of activities [10], [11], [12] and analyze control flow errors [13], [14], it cannot describe the data operations so that some errors related to them cannot be checked by this class of PN. ...
... A data flow reflects the dependence of data items in a workflow system [15], [16]. Unreasonable data operations can still lead to many errors, such as data inconsistency and deadlock [9], [17]. ...
Many operations in workflow systems are dependent on database tables. The classical workflow net and its extensions (e.g., worflow net with data) cannot model these operations so that some related errors cannot be found by them. Recently, workflow nets with tables (WFT-nets) were proposed to remedy such a flaw. However, when the reachability graph of a WFT-net is constructed by their method, some pseudo states are possibly generated since it does not consider the guards that constrain the enabling and firing of transitions. Additionally, they only considered the soundness property that just represents a single design requirement, so that many other requirements, especially those related to tables, cannot be analyzed. In this paper, therefore, we re-define the WFT-net by augmenting constraints of guards to it and re-name it as workflow net with tables and constraints (WFTC-net). We propose a new method to generate the state reachability graphs (SRG) of WFTC-nets such that SRG can avoid pseudo states, due to the consideration of the guards in it. To represent design requirements related to database operations, we define database-oriented computation tree logic (DCTL), to represent more design requirements. We design the model checking algorithms of DCTL based on the SRG of WFTC-nets and develop a tool. Experiments on a number of public benchmarks show the usefulness of our methods.
... The data flows reflect the correlation between data items, data operations and guards [3]. If there are unreasonable data operations in the execution of some activities, data-flow errors may occur [4,5]. In fact, data flows and control flows are unified to detect abnormal data errors, which can strengthen the analysis ability of business process management [6,7,8]. ...
In order to model complex workflow systems with databases, and detect their data-flow errors such as data inconsistency, we defined Workflow Net with Table model (WFT-net) in our previous work. We used a Petri net to describe control flows and data flows of a workflow system, and labeled some abstract table operation statements on transitions so as to simulate database operations. Meanwhile, we proposed a data refinement method to construct the state reachability graph of WFT-nets, and used it to verify some properties. However, this data refinement method has a defect, i.e., it does not consider the constraint relation between guard functions, and its state reachability graph possibly has some pseudo states. In order to overcome these problems, we propose a new data refinement method that considers some constraint relations, which can guarantee the correctness of our state reachability graph. What is more, we develop the related algorithms and tool. We also illustrate the usefulness and effectiveness of our method through some examples.
... To date, and to the best of our knowledge, Quviq QuickCheck [37] is the most advanced and powerful PBT tool. It has been successfully used in research and industry to test complex, critical distributed and concurrent systems, implemented in Erlang and otherwise [39,3,10,11]. ...
Our daily life is increasingly becoming more and more dependent on software as they are being extensively used to control safety and mission-critical systems. This has lead to very stringent verification requirements for ensuring that the software performs as intended. However, the testing based techniques cannot provide a rigorous verification due to limited computational and memory constraints and traditional formal verification techniques, like model checking and theorem proving, are not too straightforward to work with in the industrial setting. In this paper, as a first step to overcome these limitations, we describe a hybrid property based testing and model checking based technique for verifying both models and implementation of access control systems. Our approach addresses the model checking of critical properties of access control systems and aims at improving their reliability by using property based testing to analyze the corresponding software code. For illustration purposes, a simple example of an access control system is used.
... Otherwise, there is still a great advantage in using a real implementation language as specification language for properties: it provides all the power of a fully functional syntax at a very high level of abstraction, close to human language and thus to system specification description. Successful applications of QuickCheck in industry are on the increase [2,1,4,5,7,6]. ...
... QuickCheck is an automatic test case generation and execution tool that allows to generate tests from manually-written properties that the software must satisfy (Arts et al., 2008;Castro and Arts, 2011;Castro et al., 2009). Among other formalisms, QuickCheck supports the use of state machines as a way to write properties for stateful systems, specifying a set of stateful operations (also known as commands in QuickCheck) and their side-effects. ...
... Actual calls will be performed only when executing the tests. Meanwhile, working with symbolic calls enables QuickCheck to treat tests as data structures, which is the source of its main strengths (Arts et al., 2008;Castro and Arts, 2011). ...
... It is also possible to specify, as part of the test specification itself, a probability distribution (i.e., command frequency) for operations in a state machine model. On the other hand, QuickCheck shrinking capabilities are of great help when an error is found, and they do provide ways of reproducing the shrunk counterexamples that are reported by the tool, which make error debugging and fixing considerably easier (Arts et al., 2008;Castro and Arts, 2011;Zeller and Hildebrandt, 2002). ...
Integration of reused, well-designed components and subsystems is a common practice in software development. Hence, testing integration interfaces is a key activity, and a whole range of technical challenges arise from the complexity and versatility of such components.
In this paper, we present a methodology to fully test different implementations of a software component integration API. More precisely, we propose a black-box testing approach, based on the use of QuickCheck and inspired by the TTCN-3 test architecture, to specify and test the expected behavior of a component. We have used a real-world multimedia content management system as case study. This system offers the same integration API for different technologies: Java, Erlang and HTTP/XML. Using our method, we have tested all integration API implementations using the same test specification, increasing the confidence in its interoperability and reusability.
... The work described in this paper is the result of using a QuickCheck statem -in the style described by Castro and Arts to test database intensive applications [3] -to the particular case of REST Web Services. We also show briefly how we can abstract the approach in order to use the module fsm for the same purpose, (Section 5). ...
... Also, whenever any method is used with a Key that is not in the dictionary, the tuple {error, not_found} is returned. This is illustrated in the example execution below: In order to test our model we used QuickCheck statem as described by Laura Castro and Thomas Arts in [3], but this time, we used the new grouped version of statem instead of the ungrouped one. ...
The trend in processor design is to build more cores on a single chip. Commercial many-core processor is emerging these years. Intel Xeon Phi coprocessor , which is equipped with at least 60 relatively slow cores, is the first commercial many-core product ...
... Otherwise, there is still a great advantage in using a real implementation language as specification language for properties: it provides all the power of a fully functional syntax at a very high level of abstraction, close to human language and thus to system specification description. Successful applications of QuickCheck in industry are on the increase [2,1,4,5,7,6]. ...
As needed as testing is in software development to ensure the construction of quality products, it has also been traditionally forgotten or neglected, mostly due to its cost. However, in the recent past industry is acknowledging the far greater costs of not testing, or testing in a non-efficient and non-effective manner, particularly when the monetization of a software product is involved. This has lead to new approaches, techniques and tools for software testing, such as property-based testing. In this paper, we present how we applied this advanced technique, property-based testing, to verify a system where the handling of temporal information is critical: a distributed system for advertisement transmission over a digital TV network.
... QuickCheck runs those test cases against a given real SUT, and diagnoses its behaviour in a black-box manner. Furthermore, whenever an error is found, QuickCheck shrinks the input values to find a smaller specific test case that causes the same error [2,8,32]. Hence, our approach replaces the tedious task of manually designing large test suites by the definition of a UML+OCL model, and enables automatic generation and execution of tests, together with a significant improvement of debugging thanks to small counterexamples. ...
... However, there is a strong reason for using regular preconditions and the two-pass algorithm: shrinking. QuickCheck's shrinking capabilities are of great help when an error is found, because they provide smaller counterexamples that, causing the same error as the original failing test case, make error debugging and fixing easier [2,8,32]. However, QuickCheck's shrinking capabilities are dependent on the offline generation of test cases, since the shrinking algorithm manages the test cases in their symbolic format, which is produced in the first pass (cf. ...
Model-Based Testing and Property-Based Testing are two testing methodologies that usually facilitate the automation of the generation of test cases, using either models or properties as basis to derive complete test suites. In doing so, they also contribute to reduce both the source code needed for testing purposes and the time spent on writing those tests, hence saving effort and increasing maintainability.
In this paper, we describe how to generate complete property-based test suites automatically translated from a model that describes the system under test, specifically a UML model with OCL constraints. The proposed approach can be applied to both stateless and stateful components.
We have used QuickCheck, an automatic property-based testing tool for test case generation, execution and diagnosis, as support tool. Our method produces QuickCheck executable test models as output, so we use the same tool to run and evaluate them. As part of our work, we analyze and discuss the advantages and disadvantages of our approach in contrast to writing test suites manually.
... A methodology for testing traditional database systems that also makes use of Quickcheck has been developed [20]. The methodology is based on defining constraints present on the database under test, and then building a model of it based on state machines and generate random queries that modify the data, checking that the constraints hold after every test. ...
... To enhance our testing methodology in the context of mutable data types, we re-implement our specification as a QuickCheck state machine [5]. This is a more natural approach, since mutable data types can be seen as a system with state [6]. Mutable data types can be abstracted as finite automata which transitions represent the data type operations; operations on the data type may or may not alter the state of the automaton. ...
... This particular strategy has proved very successful when the model or state needs, as it is this case, to be very abstract [6] for different reasons. ...
Data types are the core of many applications, and libraries offering implementations of data types should better be solid and well tested. Testing purely functional data types with QuickCheck provides a complete test method for data types, but establishing a complete test method for data types with side-effects is still an open issue. In this paper we show how we can use a stateful QuickCheck model to establish a complete test method for any data type. Considering side effects allows us to move from the purely functional world to the imperative world, as needed to face the testing of data types implementations in languages such as C. We therefore applied our method to some of the data types provided by the well-known GNOME Glib library.
