1 / 22

Generating FSMs from Abstract State Machines

Generating FSMs from Abstract State Machines. Wolfgang Grieskamp Yuri Gurevich Wolfram Schulte Margus Veanes Foundations of Software Engineering Microsoft Research ISSTA 2002 , Rome, July 22-24. Outline. Background What is an ASM? Why use ASMs? Modeling with ASMs

eagan
Download Presentation

Generating FSMs from Abstract State Machines

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Generating FSMs from Abstract State Machines Wolfgang Grieskamp Yuri Gurevich Wolfram Schulte Margus Veanes Foundations of Software Engineering Microsoft Research ISSTA 2002, Rome, July 22-24

  2. Outline • Background • What is an ASM? • Why use ASMs? • Modeling with ASMs • Conformance Testing with ASMs • FSM Generation • Exploration of the FSM • Test Execution • Demo

  3. Abstract State Machines • Introduced by Yuri Gurevich • Deep mathematical theory • World wide user community (academia + industry) • The Idea: • A machine that describes a system on any (but particular) level of abstraction • An operational specification of a system • A very high-level program

  4. Nondeterminsm Parallelism A = [1,3,2] A = [2,1,3] A = [1,2,3] A Sample ASM var A as Seq of Integer Swap()choose i,j in indices(A) where i<j and A(i)>A(j) A(i) := A(j) A(j) := A(i) Sort()step until fixpoint Swap() A = [2,3,1]

  5. ASMs are evolving structures • An ASM is a mathematical machine that represents a system as evolving state • A state is given by the current values of the variables • A step is a transaction (synchronous parallelism) that may update many variables at once • In the sequential case, a program describes one step, a run is a sequence of consecutive steps. • In the distributed case, each agent has a program, a distributed run is a partial order of agents’ steps (asynchronous parallelism)

  6. Why is software error-prone? Some reasons: • Premature coding • Lack of confidence in descriptions • Late feedback from customer • Unforeseen feature interaction • Lack of understanding in maintenance phase

  7. Models solve these problems • Engineering models help you to gain confidence in requirements and designs. • Examples: Architectural, Mechanical, Electrical, etc. • Software models help you understand the behavior of each level of abstraction, examples are: • Steps required to carry out the system’s user scenarios • How features/components interact with each other • The behavior of subsystems like file storage and messaging

  8. Product Idea Models can be used everywhere Are you building the right product? What product are you building? Modeling Validation ASMModel Verification Refinement Are you building the product right ? Implementation C/C++/C#/…

  9. AsmL: A modeling toolkit AsmL is a powerful, ASM-based specification language • Combines mathematical, object-oriented and component-oriented approaches • Fully integrated with the .Net framework • Can be used for documentation • Integrated with MS Word and XML • Can be used for testing • Ongoing Integration with existing testing tools

  10. A guideline for AsmL users • Begin building a model by considering its purpose; this guides abstraction decisions during development • Define model state • Define model transitions • Validate the model early and often to increase confidence that the model is faithful. • Check internal consistency • Check against customer expectations

  11. Outline • Background • What is an ASM? • Why use ASMs? • Modeling with ASMs • Conformance Testing with ASMs • FSM Generation • Exploration of the FSM • Test Execution • Demo

  12. Using AsmL models for conformance testing ASM-Model Provides expected results for Generates PassNo pass User Info Test Cases Test Oracle Are run by Provides actual results for Implementation

  13. The dual role of ASM models Testing harness AsmL Model M Call next action IUT Get state view Pass S Reduce Random generation Is S valid accordingto M? FSM AsmL Model M FSM tool view Fail: witness Test cases view

  14. FSM Generation • Typically ASMs have infinite state space • We introduce indistinguishability properties to group states into equivalence classes called hyperstates • The non-discovery problem • The problem of reaching all hyperstates is in general undecidable • Improvement relations provide a partial solution to this problem • A way to encode domain specific search strategies

  15. FSM generation sample • Generate an FSM from the stack specification. class Stackvar s as Seq of Integer = [] Top() as Integer require s <> [] return first(stack) Pop() require s <> [] stack := rest(stack) Push(x as Integer) s := [x] + s Indistinguishability property: s=[]

  16. [0,0] [] [0,0] Pop() Push(0) Pop() Top() Push(0) Top [0,..] [0] Push(0) Pop Push(0) [] The generated FSM The FSM construction The tree can be pruned,if a hyperstate is reachedthat has “already” been visited []

  17. The algorithm generate() step s = head(frontier) frontier := tail(frontier) stepforeach a in Actions nextStates = explore Fire(s,a) stepforeach t in nextStates transitions(s,a,t) := true ifrelevant(s,a,t) then frontier := frontier + [t] hypers := hypers union {GetHyperstate(t)}

  18. Improvement relations relevant(s as State, a as Action, t as State) as Boolean forall g in goals where improved(bestState(g),t,g) bestState(g) := t return (h.GetHyperstate(t) notin hypers) or (exists g in h.goals() where h.improved(bestState(g),t,g))

  19. Outline • Background • What is an ASM? • Why use ASMs? • Modeling with ASMs • Conformance Testing with ASMs • FSM Generation • Exploration of the FSM • Test Execution • Demo

  20. Demo “Run” the paper

  21. Current Work • Generalized properties (non-Boolean finite valued properties) • Parameter generation for actions with parameters • .Net attribute scheme design for annotating the model with test related meta information

  22. For more information • Check out the public website of AsmL: research.microsoft.com/fse/asml • You can download AsmL 2 • You need VS.NET • You need Office XP for Word integration

More Related