In this paper, new contributions to requirements-based testing with deterministic finite state machines are presented. Elementary requirements are specified as triples consisting of a state in the reference model, an input, and the expected reaction of the system under test defined by a set of admissible outputs, allowing for different implementation variants. Composite requirements are specified as collections of elementary ones. Two requirements-driven test generation strategies are introduced, and their fault coverage guarantees are proven. The first is exhaustive in the sense that it produces test suites guaranteeing requirements satisfaction if the test suite is passed. If the test suite execution fails for a given implementation, however, this does not imply that the requirement has been violated. Instead, the failure may indicate an arbitrary violation of I/O-equivalence, which could be unrelated to the requirement under test. The second strategy is complete in the sense that it produces test suites guaranteeing requirements satisfaction if and only if the suite is passed. Complexity considerations indicate that for practical application, the first strategy should be preferred to the second. Typical application scenarios for this approach are safety-critical systems, where safety requirements should be tested with maximal thoroughness, while user requirements might be checked with lesser effort, using conventional testing heuristics.
翻译:在本文中,介绍了对基于要求的测试的新贡献; 初级要求被定为三重要求,包括参考模型中的一个状态、输入和测试中的系统的预期反应,测试由一套可接受产出界定,允许不同的执行变量。 综合要求被指定为基本产出的集合。 引入了两种由要求驱动的测试生成战略,并证明了其缺陷的覆盖保障。 第一项是详尽无遗的,因为它生产了测试套件,保证测试套件一旦通过测试套件的要求得到满足。 但是,如果测试套件执行失败,这并不意味着该要求已经遭到违反。 相反,失败可能表明任意违反I/O-等效标准,这可能与测试中的要求无关。 第二项战略是完整的,因为它生产了测试套件,保证需求得到满足,如果而且只有套件通过的话。 复杂因素表明,为了实际应用,第一个战略应该比第二个更可取。 这种方法的典型应用情景是安全临界系统,其中的安全要求应当经过最严谨的测试,而用户要求则可以用较轻的常规测试来检查。