![Page 1: VerTeCS Verification models and techniques applied to the Testing and Control of reactive Systems Thierry Jéron IRISA/INRIA Rennes, France](https://reader035.vdocument.in/reader035/viewer/2022071806/56649cf75503460f949c72de/html5/thumbnails/1.jpg)
VerTeCS
Verification models and techniques applied to the
Testing and Control of reactive Systems
Thierry Jéron
IRISA/INRIA Rennes, France
http://www.irisa.fr/vertecs
Team : 4 Inria researchers, 1 Post Doc, 4 PhD, 1 Engineer
T
Ve
C
re
s
![Page 2: VerTeCS Verification models and techniques applied to the Testing and Control of reactive Systems Thierry Jéron IRISA/INRIA Rennes, France](https://reader035.vdocument.in/reader035/viewer/2022071806/56649cf75503460f949c72de/html5/thumbnails/2.jpg)
Main research activities
Verification of finite/infinite state systems
Controller synthesis for Discrete Event Systems
Model-based test generation
Model-based fault diagnosis
![Page 3: VerTeCS Verification models and techniques applied to the Testing and Control of reactive Systems Thierry Jéron IRISA/INRIA Rennes, France](https://reader035.vdocument.in/reader035/viewer/2022071806/56649cf75503460f949c72de/html5/thumbnails/3.jpg)
Verification
MP Verification
Model
M P ?⊨Y/N
(witnesses/diagnostic)
Prop
Model-checking
Abstract Interpretation
Theorem proving
![Page 4: VerTeCS Verification models and techniques applied to the Testing and Control of reactive Systems Thierry Jéron IRISA/INRIA Rennes, France](https://reader035.vdocument.in/reader035/viewer/2022071806/56649cf75503460f949c72de/html5/thumbnails/4.jpg)
Controler synthesis for DES
P
M x C
M
c
uc
Controlersynthesis
Prop
Build C s.t. M x C ⊨ P
Model
![Page 5: VerTeCS Verification models and techniques applied to the Testing and Control of reactive Systems Thierry Jéron IRISA/INRIA Rennes, France](https://reader035.vdocument.in/reader035/viewer/2022071806/56649cf75503460f949c72de/html5/thumbnails/5.jpg)
Testing
Vis(IUT)
fail
Vis(M)
TC
!otherwise
Test generation
ioco ?
Build TC s.t. TC sound / M & iocoTS={TC} is exhaustiveImpossible in practice⇒ selection
IUT
Model
TC||
IUT ioco S STraces(IUT) STraces(S).⋂ ! Straces(S)
![Page 6: VerTeCS Verification models and techniques applied to the Testing and Control of reactive Systems Thierry Jéron IRISA/INRIA Rennes, France](https://reader035.vdocument.in/reader035/viewer/2022071806/56649cf75503460f949c72de/html5/thumbnails/6.jpg)
Main research activities in test generation
Enumerative on-the-fly techniques → TGVoff-line selection of behaviors of vis(M) accepted by TP based on reachability & co-reachability analysis
Symbolic test generation techniques → STG off-line selection
by symbolic transformations and approximated analysis ∼ slicing of M wrt TD
execution : on-line constraint solving Methodological combination of V & T:
“test on IUT what you tried to verify on M” (Vlad’s talk)M P ? TC that detects ⊨ ⌝(I ioco S) and/or I ⊭ P ? For enumerative and symbolic techniques
![Page 7: VerTeCS Verification models and techniques applied to the Testing and Control of reactive Systems Thierry Jéron IRISA/INRIA Rennes, France](https://reader035.vdocument.in/reader035/viewer/2022071806/56649cf75503460f949c72de/html5/thumbnails/7.jpg)
Test selection by test purposefail
Vis(M)
!
Vis(M)
TPAcc
coreach(Acc)
TC
Vis(M) x TP
inconc
Pass
!
!otherwise
Coreach(Acc) not computable for (infinite) models with data ⇒ over-approximation needed
![Page 8: VerTeCS Verification models and techniques applied to the Testing and Control of reactive Systems Thierry Jéron IRISA/INRIA Rennes, France](https://reader035.vdocument.in/reader035/viewer/2022071806/56649cf75503460f949c72de/html5/thumbnails/8.jpg)
Test selection by approximate analysis
Wait Acc
*
⌝(p=2 x≥3)∧!ok(p)
Sink
*
p=2 x≥3∧!ok(p)
!err(p)
*
Idle RyRx Cmp
End
?start
x≥0?a(p)y:=p
?a(p)x:=p
!end
p=y-x ∧ -2≤p≤2!ok(p)
x<0 ∧ p=x!err(p)
y<0 ∧ p=y!err(p)
p=y-x ∧ ⌝(-2≤p≤2)!nok(p)
M
TP
IdleWait
RyWait
RxWait
CmpWait
EndWait
?start
x≥0?a(p)y:=p
?a(p)x:=p
!end p=2 x≥3 ∧ ∧p=y-x ∧ -2≤p≤2!ok(p)
x<0 ∧ p=x!err(p)
y<0 ∧ p=y!err(p)
p=y-x ∧ ⌝(-2≤p≤2)!nok(p)
Pass
-Sink ⌝(p=2 x≥3)∧
-2≤p≤2;!ok(p)
Syntactical productM x TP
![Page 9: VerTeCS Verification models and techniques applied to the Testing and Control of reactive Systems Thierry Jéron IRISA/INRIA Rennes, France](https://reader035.vdocument.in/reader035/viewer/2022071806/56649cf75503460f949c72de/html5/thumbnails/9.jpg)
Test selection by approximate analysis
IdleWait
RyWait
RxWait
CmpWait
EndWait
?start
x≥0?a(p)y:=p
?a(p)x:=p
!end p=2 x≥3∧∧ p=y-x
∧ -2≤p≤2;!ok(p)
x<0 ∧ p=x!err(p)
y<0 ∧ p=y!err(p)
p=y-x ∧ ⌝(-2≤p≤2)!nok(p)
RxAcc
-Sink ⌝(p=2 x≥3)∧
∧ p=y-x ∧ -2≤p≤2; !ok(p)
M x TP
⊤
⊥
⊤
⊥
x≥3 y-x=2 ∧ x≥3
IdleWait
RyWait
RxWait
CmpWait
EndWait
?start
p=x+2;?a(p)y:=p
p≥3?a(p)x:=p
!endp=2 x≥3∧∧ p=y-x
∧ -2≤p≤2;!ok(p)
x<0∧ p=x!err(p)
y<0∧ p=x!err(p)
p=y-x ∧ ⌝(-2≤p≤2)! nok(p)
Pass
-Sink ⌝(p=2 x≥3)∧
∧ p=y-x -2≤p≤2; !ok(p)
reach (Acc) computed by NBAC→ simplification
!otherwise
fail
coreach (Acc) computed by NBAC
→ guard strengthening
p=2!ok(p)
inconc
⊤ ⊤ x≥3x≥3 ∧y-x=2
⊤
⊥
TC
x≥3 ∧y-x=2
⊤
Test execution against IUT:check output / choose input valuesby on-line constraint solving
![Page 10: VerTeCS Verification models and techniques applied to the Testing and Control of reactive Systems Thierry Jéron IRISA/INRIA Rennes, France](https://reader035.vdocument.in/reader035/viewer/2022071806/56649cf75503460f949c72de/html5/thumbnails/10.jpg)
Perspectives linked with Artist
Extension of symbolic techniques to symbolic timed models
Testing of security policies: formalization of conformance, generation of attacks(Potestat French project with LSR, Verimag)
Tools extensions