by Nicolas Guelfi and Benoît Ries

SESAME (Specification based testing of safety-critical small-sized embedded systems) is an industrial research project in the field of embedded systems test methodologies. The first targeted systems are small embedded systems developed by the Luxembourg company IEE S.A. for the control of airbags through sensors or infrared cameras.

SESAME (Specification based testing of safety-critical small-sized embedded systems) is an industrial research project in the field of embedded systems test methodologies. The first targeted systems are small embedded systems developed by the Luxembourg company IEE S.A. for the control of airbags through sensors or infrared cameras.

The objective is to develop an approach for specification-based testing that is adapted to the needs and constraints of safety-critical small-sized embedded systems. This approach aims to improve the efficiency of activities performed by test engineers, particularly during tests based on software specifications. This approach must have a sound theoretical foundation and must be usable by test engineers. In particular, it is a question of proposing a model transformation language that simplifies software specification models and thus the selection of test cases. This approach should be integrated in a semi-formal approach for the specification and testing of safety-critical embedded systems.

3D-MLI camera: an embedded system developed at IEE. (Photo: IEE.)
3D-MLI camera: an embedded system developed at IEE. (Photo: IEE.)

SESAME is a joint project between the University of Luxembourg and IEE; it started in April 2003 and will finish in March 2009. The work is performed both at the LASSY (Laboratory of Advanced Software Systems of the University of Luxembourg) and within the Embedded Software Team of the Innovation Department of IEE, also located in Luxembourg.

Embedded software systems introduce a bias toward system testing by customers and suppliers. The companies that develop embedded software systems previously spent significant time developing non-programmable physical systems. The first bias is that customer tests focus on physical attributes and thus do not cover the attributes introduced for the purpose of the embedded software. A similar bias is introduced for the requirements specifications, which may have important consequences in our context of specification-based testing. In particular, a supplier may neglect its own requirements and tests, both coming from its development and test platforms.

Product quality can be improved by following a verification process that proposes the execution of a tractable test phase for which test cases are selected in order to address explicit quality objectives. The SESAME approach uses simple software requirement models as an input, in order to add more weight to the requirements analysis phase of a project. This has corresponding benefits for the project, especially in the subsequent design phase. The SESAME method focuses on the software boundary; this helps reduce the number of hidden software defects and potentially the total time taken to discover and remove defects from the system as a whole.

To summarize, the SESAME approach for process improvement addresses three objectives. First, it is based on a simple software requirements model; second, it includes a precise description of the test space; and third, it offers a precise knowledge of the test coverage. Further study of this methodology, in particular the specification and test phases, will promote methodologies integrated with software engineering tools. Using this approach within an industrial framework will aid evaluation of the suggested solutions.

In order to ease the transfer of the SESAME methodology into industry, the concrete syntax of the software requirements modelling language used for this project has been selected with respect to the recent Unified Modelling Language 2 (UML2) notation standardized by the Object Management Group (OMG). In particular, UML2 protocol state machines (PSMs) have been chosen to describe the dynamic behaviour of the software interface, and UML2 class diagrams are indeed used to describe the data associated with the behaviour defined in the PSMs.

The precise description of the test space uses a domain-specific language (DSL) defined expressly for the purpose of test selection. Test constraints specifications defined with this language are interpreted as model transformations on the analysis model, and result in a test model containing the test selection information. At the same time, we will also concentrate on the identification of best practices in test selection activities in an industrial context, in order to tailor the SESAME approach to the automotive industry.

In order to precisely validate the impact of the test selection, we provide the semantics of the modelling language (class diagram together with protocol state machine) in terms of a formal specification language (eg Alloy). This formal specification, automatically derived from the graphical analysis and test models, is used for formal validation purposes.

Future activities will focus on the industry transfer of the approach, and in particular on the full deployment of the SESAME process for the test selection of the software for new system products from IEE.

Links:
IEE S.A.: http://www.iee.lu
LASSY: http://lassy.uni.lu/
SESAME: http://wiki.lassy.uni.lu/projects/SESAME

Please contact:
Nicolas Guelfi
University of Luxembourg
Tel: +352 46 66 44 5251
E-mail: nicolas.guelfi@uni.lu

Next issue: January 2018
Special theme:
Quantum Computing
Call for the next issue
Get the latest issue to your desktop
RSS Feed