Model-Based Testing of Spacecraft Flight Software

Similar documents
UIDE FOR NDEPENDENT OFTWARE ERIFICATION ALIDATION

SCADE Suite in Space Applications

System Engineering Data Repository

An Introduction to the ECSS Software Standards

DANSE Software Quality Assurance

LISA Pathfinder SUMMARY

FSW QA Testing Levels Definitions

USE OF PYTHON AS A SATELLITE OPERATIONS AND TESTING AUTOMATION LANGUAGE

Operability in the SAVOIR Context

Automated Model Based Testing for an Web Applications

An Increase in Software Testing Robustness: Enhancing the Software Development Standard for Space Systems

Space product assurance

Mission Operation Ground. ESA. Mario Merri GSAW, Los Angeles, USA 2 Mar 2011 ESA UNCLASSIFIED

The Project Management Plan will be used to guide, communicate and coordinate project efforts.

Database Administration for Spacecraft Operations The Integral Experience

ECSS-E-ST-40C 6 March Space engineering. Software. ECSS Secretariat ESA-ESTEC Requirements & Standards Division Noordwijk, The Netherlands

Introduction to Automated Testing

Space engineering. System engineering. ECSS-E-10 C Draft 1

RAMS Software Techniques in European Space Projects

Introduction of ISO/DIS (ISO 26262) Parts of ISO ASIL Levels Part 6 : Product Development Software Level

CSTE Mock Test - Part I - Questions Along with Answers

Assurance Cases and Test Design Analysis

Model-Based Quality Assurance of The SMB2 Protocol Documentation

Establishing an Environment for Continuous Integration and Test of Flight Software

Software Test Plan (STP) Template

ESA s Data Management System for the Russian Segment of the International Space Station

SAFE SOFTWARE FOR SPACE APPLICATIONS: BUILDING ON THE DO-178 EXPERIENCE. Cheryl A. Dorsey Digital Flight / Solutions cadorsey@df-solutions.

Software Verification for Space Applications Part 2. Autonomous Systems. G. Brat USRA/RIACS

NODIS Library Program Formulation(7000s) Search

Metrics in Software Test Planning and Test Design Processes

SOFTWARE CONFIGURATION MANAGEMENT GUIDEBOOK

USE OF SCILAB FOR SPACE MISSION ANALYSIS AND FLIGHT DYNAMICS ACTIVITIES

4 Applying DO-178B for safe airborne software

Life Cycle Quality Gates

Space Project Management

Example Software Development Process.

ATV Data Link Simulator: A Development based on a CCSDS Layers Framework

Thanks to SECNOLOGY s wide range and easy to use technology, it doesn t take long for clients to benefit from the vast range of functionality.

Certification of a Scade 6 compiler

How To Write Software

VDM vs. Programming Language Extensions or their Integration

AUTOMATED TESTING and SPI. Brian Lynch

Formal Software Testing. Terri Grenda, CSTE IV&V Testing Solutions, LLC

SOFTWARE DEVELOPMENT STANDARD FOR SPACECRAFT

CS 451 Software Engineering Winter 2009

Fundamentals of Measurements

ENEA: THE PROVEN LEADER IN SAFETY CRITICAL AVIONICS SYSTEMS

Appendix F Wyle Laboratories Test Plan and Test Report

Model-based Testing: Next Generation Functional Software Testing

Model-Based Testing of Web Applications using NModel

How CMMI contributes to Software Testing

Application Modelling

Standard Glossary of Terms Used in Software Testing. Version 3.01

4. Test Design Techniques

Goddard Procedures and Guidelines

End User Guide The guide for /ftp account owner

Dependable (Safe/Reliable) Systems. ARO Reliability Workshop Software Intensive Systems

8. Master Test Plan (MTP)

Software Engineering. Software Testing. Based on Software Engineering, 7 th Edition by Ian Sommerville

Software testing. Objectives

1.2 Tools support for management of testing & tests

Model Based Software Development for DDG 1000 Advanced Gun System

Belatrix Software Factory Sample Automated Load/Stress Testing Success Cases

TDRS / MUST. and. what it might do for you


Automated Software Testing Economics: A White Paper

Intro to scientific programming (with Python) Pietro Berkes, Brandeis University

System Build 2 Test Plan

Formal models of bank cards for free

REDUCING THE COST OF GROUND SYSTEM DEVELOPMENT AND MISSION OPERATIONS USING AUTOMATED XML TECHNOLOGIES. Jesse Wright Jet Propulsion Laboratory,

3SL. Requirements Definition and Management Using Cradle

A Practical Guide to implementing Agile QA process on Scrum Projects

Aligning IT investment and Business

Requirements engineering

Virtual Integration and Consistent Testing of Advanced Driver Assistance Functions

Model based testing tools. Olli Pekka Puolitaival

Introducing ECSS Software-Engineering Standards within ESA

ISTQB Certified Tester. Foundation Level. Sample Exam 1

AndroLIFT: A Tool for Android Application Life Cycles

From Use Cases to Test Cases. Step-by-step approach to ensure the quality of specifications and to derive test cases based on a use case model

<name of project> Software Project Management Plan

Is the Cost of Reliability, Maintainability, and Availability Affordable for Software Intensive Systems?

Presentation: 1.1 Introduction to Software Testing

PHASE 6: DEVELOPMENT PHASE

MNLARS Project Audit Checklist

Regression Testing Based on Comparing Fault Detection by multi criteria before prioritization and after prioritization

Transcription:

Model-Based Testing of Spacecraft Flight Software Maria Hernek Virtual 12/09/2013

Objective/Outline Objective: To present the result and achievements of ESA study Model Based Testing of flight SW and discuss strengths and weaknesses of the method Outline: ESA ISVV process short intro of applicable parts Background of ESA study Method and approach Test object Implementation Conclusion Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 2

Independent Software Verification & Validation (ISVV) by ESA 1. ISVV is required for Mission and Safety Critical software, (ECSS-E-40/ECSS-Q-80) 2. ISVV tasks are additional and complementary to the nominal SW supplier s verification and validations tasks 3. ISVV tasks cover verification and validation of software requirements, design, code and tests (typically starting at SW-SRR and finishing before the SW-QR) 4. ISVV supplier is required to be an organization independent of the software supplier as well as the prime/system integrator (full technical, managerial, and financial independence) 5. Most ESA projects implement the ISVV process as an industrial contract placed by the Prime contractor Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 3

ESA ISVV Process overview 6 activities/stages: Management (MAN), Verification (IVE) and Validation (IVA) Activities are composed of TASKS, and these are further split into SUBTASKS 1. Management (MAN.PM and MAN.VV) is concerned with issues such as ISVV objectives and scope, planning, roles, responsibilities, budget, communication, competence, confidentiality, schedule and ISVV level definition (to limit the scope of ISVV) 2. Technical Specification Analysis (IVE.TA) is verification of the software requirements 3. Design Analysis (IVE.DA) is verification of the SW Architectural Design and the Software Detailed Design 4. Code Analysis (IVE.CA) is verification of the SW source code 5. Validation (IVA) is testing of the SW to demonstrate that the implementation meets the technical specification MAN. Management MAN.PM.ISVV Process Management MAN.VV.ISVV level definition IVE. Independent Verification IVE.TA.Technical Specification Analysis IVE.DA.Design Analysis IVE.CA.Code Analysis IVA. Independent Validation IVA.Validation Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 4

ESA ISVV Process overview Example of a Task/Subtask description Activity: Technical Specification Analysis Task: SW Requirements Verification Subtasks: T1.S1, T1.S2 T1.S11 Start/End Events Inputs/Outputs Methods are identified for each subtask Some numbers: IVE.TA 1 task 11 subtasks IVE.DA 3 tasks 15/12/5 subtasks IVE.CA 3 tasks 10/5/3 subtasks IVA 3 tasks 3/3/3 subtasks Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 5

ESA ISVV Process overview IVE: Technical Specification Analysis TA.T1: Software Requirements Verification Subtasks: To verify Software Requirements external consistency with the system requirements Interface Requirements external consistency with the system requirements software requirements correctness consistent documentation of the software requirements software requirements completeness dependability and safety requirements readability of the software requirements timing and sizing budgets of the software requirements Identify test areas and test cases for Independent Validation that software requirements are testable software requirements conformance with applicable standards System Requirements Requirements allocated to Software (SRR) allocated to SW Requirements Specification (PDR) SW - SW-HW Interface Requirements Requirements (SRR) Interfaces Control Document (PDR) Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 6

ESA ISVV Process overview IVA: Independent Validation IVA: Independent Validation Subtasks: Identification of Test Cases Construction of Test procedures Execution of Test Procedures Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 7

Background o o Software Verification & Validation important phase Software Validation phase critical path o Software Validation labor intensive o Software versioning impact on Validation regression need Test lib Requirements o Source of problem Validation? and/or Specification? Test log SimOps TestScript Java, php python o o More automation possible? Specification incomplete, incorrect SCOS TC TM SVF SVF-Software Validation Facility SCOS - SpaceCraft Operations System SimOps Simulator Operations Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 8

Method and Approach o Sequence-Based Specification (SBS) combined with o Statistical-Based Testing (SBT) Sequence-Based Specification develop Black Box specification depends solely on external stimuli and responses Statistical-Based Testing Test values randomly generated using a probabilistic profile System boundary External Stimuli Black Box spec Responses Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 9

Approach Test lib Requirements Test log SimOps TestScript Java, php python TC SCOS SVF TM Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 10

Test Object Spacecraft Flight Software Earth observation mission Main functions: Thermal control Power control and distribution unit management Attitude and Orbit Control System and mode management Telemetry memory management Mass memory and formatting unit management Functions suited for SBS Modeled State machine based Complex combination of input sequences Possible to identify stimuli, predicate and responses On-Board time management Remote interface unit management Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 11 Predicate represent a stimuli which can be expressed in form of regular expression rule

Test Object Requirements metrics 500 FSW requirements 350 Irrelevant 350 200 Relevant but too simple for SBS Relevant and worth doing 225 Relevant but only for stimuli response Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 12 Relevant and selected

Sequence-Based Specification, steps Model system s state transition and responses according to all possible sequences of system inputs Requirements Tool support for all steps Sequence-based Specification Mealy Machine Annotated Mealy Machine Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 13 Test Model

Sequence-Based Specification, steps Requirements Sequence-based Specification Mealy Machine Identify boundaries Define interfaces Identify stimuli Identify responses Enumerate sequences of stimuli Identify canonical sequences Define state variables Annotated Mealy Machine Test Model Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 14

Statistical Based Testing, steps Test Model Tool support: JUMBL CONVAC-TC Abstract Test Cases Generate abstract test cases covering transitions of Mealy Machine Mapping abstract stimuli to test scripts Concrete libraries Test Cases What parameter and values of stimuli? What parameter and values of predicate? Where to read responses and expected values. Code Test Oracle Test Results Compare results with Oracle Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 15

Test generation Test case criteria: cover every arc of Mealy Machine (every state is covered) weighted arcs used reflecting frequency, importance, risk of the likelihood of arc to happen Patch coverage, typically infinite number of paths but basis path coverage can be achieved Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 16

Tool support 1. SBS Super a. Protoseq with some additions, dedicated build: Extended predicate support 2. JUMBL More responses supported Support dynamic sequence adjustment Forward traceability Interface smoothly with JUMBL Protoseq considered but not used a. By Software Quality Research Laboratory, SQRL 1 b. Generate abstract tests, a path in a usage model 3. CONVAC TC a. Custom made tool b. Converts abstracts test cases to executable Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 17 1 University of Tennessee

Implementation, characteristics Function Thermal cntrl Number of stimuli Max length of seq Number of predicates Response type 14 8 1 Simple 19 Power cntrl 30 2 2 Simple 4 AOCS mode mng 15 8 0 Simple 21 MMM 10 4 4 Complex 9 MMFU mng 11 4 0 Complex 5 OBT mng 12 6 0 Complex 6 Num of states Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 18

SBS, Effectiveness Function hrs spent SBS models hrs spent refining model Thermal cntrl 18 (60) 16 Power cntrl 18 (60) 28 AOCS mode mng 15 (51) 16 MMM 25 (86) 35 OBT 12 (42) 35 MMFU mng 8 10 Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 19 Explain stimuli, predicate and responses, revising model

Discrepancies found applying SBS Problem Major Minor Comment Inconsistency 1 4 2 Completeness 1 2 9 Testability 0 0 2 Understandability 0 0 1 Sum 2 6 14 Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 20

Conclusions + Method will discover issues related to completeness and consistency of requirements + Testability is addressed: identify stimuli and means to generate it + Traceability forward and backward is supported - Data management requirement are difficult to address - Implementation details are not addressed (black box) In the current version time dependent functions are not modeled Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 21

Thanks for your attention! For more information, please contact: Maria Hernek, European Space Agency Maria.hernek@esa.int Model-Based Testing Maria Hernek Virtual 12/09/2013 TEC-SWS Slide 22

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information