Information Technology Reference
In-Depth Information
/*1.Links to blocktypes definitions */
#include <Sum.h>
// Corresponds to the Add block
...
/*2.Declaration and initialization of block instances */
Sum_in_t b3_in;
Sum_out_t b3_out;
const Sum_prop_t b3_props={.Inputs="++"}; ...
/*3. Simulation loop: define data dependencies w.r.t.
block connections extracted from the model */
int main() {
for(sim_time=START; sim_time<END; sim_time+=sim_step) {
b3_in.port1 = b7_out.port1;
b3_in.port2 = b2_out.port2;
b3_out = *Sum_semfun(&b3_props, &b3_in); ...
}
}
Fig. 2.
Structural overview of the C code transformed from a Simulink model
The following sections present mutation-based test case generation (TCG)
using
bounded model checking
(see Section 3.2). We describe how test cases can
be extracted automatically from a model or implementation
M
by injecting
mutations or faults into
M
(producing in a
mutant model
M
) and checking the
equivalence of
M
and
M
by means of model checking. If
M
and
M
are not
equivalent, a model checking tool is able to generate a witness for the inequality
(a counterexample for equality). This counterexample determines a set of input
values for which the executions of
M
and
M
produce different outputs.
The coverage criteria for fault-based testing in our work are based on syntactic
and semantic modifications of the model. Given a modification to the model, the
aim is to generate a test case that demonstrates the resulting change of the be-
havior. Simple structural coverage metrics are not sucient, since even exhaus-
tive coverage criteria such as modified condition/decision coverage (MC/DC)
provide no guarantee that the error resulting from the modification of the model
has a visible impact on the behavior generated by exercising the test suite.
The fault-driven test case generation approach is inspired by mutation testing
and fault injection:
- Mutation testing
denotes the method of making (syntactic) modifications
to the source code of the implementation. The intention is to evaluate a
given test suite based on whether it is able to detect the introduced faults
and to aid the generation of additional meaningful test cases.
- Fault injection.
Fault injection triggers the occurrences of faults in the
system under test. The main purpose of this technique is to evaluate the
error handling mechanisms of the system.