SlideShare a Scribd company logo

Data-Driven Mutation Analysis for CPS

Lionel Briand
Lionel Briand

Data-driven mutation analysis is proposed to assess if test suites for cyber-physical systems properly exercise component interoperability. Fault models are developed for different data types and dependencies, and are used to automatically generate mutants by injecting faults. Empirical results on industrial systems demonstrate the feasibility and effectiveness of the approach in identifying test suite shortcomings and poor oracles.

Software
1 of 28
Download to read offline
Data-driven Mutation Analysis for Cyber-Physical Systems Enrico Viganò1, Oscar Cornejo1, Fabrizio Pastore1, Lionel Briand1,2 1 University of Luxembourg, 2 University of Ottawa Journal First paper accepted in IEEE Transactions on Software Engineering DOI 10.1109/TSE.2022.3213041 ICSE 2023 - May 19th, 2023
2 Cyber-Physical Systems
3 CPS Components Central Unit Software ADCS Software PDHU Software
4 Testing CPS Software Central Unit Software ADCS Software PDHU Software Simulated/HW HW emulator How to assess if a test suite exercises components' interoperability properly?
5 Test3 Test1 Test4 Test2 Testing CPS Software Central Unit Software ADCS Software PDHU Software HW emulator Sun Sensor •diod1=23 Status •voltage=12 Status •voltage=1 DataMsg •seqID=20 FAILURE 24 Simulated/HW
How to assess if a test suite exercises components' interoperability properly? Mutation Analysis
7 Test3 Test1 Test4 Test2 Can’t mutate the simulated system Central Unit Software ADCS Software PDHU Software HW emulator Sun Sensor •diod1=23 Status •voltage=12 Status •voltage=1 DataMsg •seqID=20 Simulated/HW 11
Data-driven Mutation Analysis
9 Test3 Test1 Test4 Test2 Central Unit Software ADCS Software PDHU Software Simulated HW emulator Mutation Probe Sun Sensor •diod1=23 Status •voltage=12 Status •voltage=1 12 Mutation Probe Sun Sensor Fault Model DataMsg Fault Model 1 100 15 FAILURE FAILURE FAILURE FAILURE DataMsg •seqID=20 Status Fault Model Mutation Probe
10 Message Data Buffers Data Item 1 Data Item 2 Data Item 4 Data Item 3 Units in error Watchdog counter Circuit voltage Power supply (binary) (integer) (double) (double)
11 Fault Model Example Position Span Type Operator Delta Min Max 0 1 Binary Bit flip 1 2 Double Value Out of Range 0.1 10 14 1 2 Double Fix Value Out of Range 0.1 10 14 3 2 Double Value Above Threshold 0.1 6 5 1 Integer Value Above Threshold 1 10 Data Item 1 Data Item 2 Data Item 4 Data Item 3
12 12 Mutation Operators Value out of range (VOR) Fix value out of range (FVOR) Value above threshold (VAT) Fix value above threshold (FVAT) Value below threshold (VBT) Fix value below threshold (FVBT) Bit flip (BF) Random legal value (INV) Illegal value (IV) Amplified signal (AS) Shifted signal (SS) Flatten signal (HV)
13 Fault Modelling Methodology Data nature Dependencies # Input partitions Repr. Type Input partition type Numerical Categorical Stateless Stateful Signal BF ASA, SS, HV INV VOR+FVOR Nominal Non Nom. Other Ordinal ASA BF IV 2 >2 VAT+ FVAT VOR+ FVOR Integer Binary
14 . . . . 0 [V] 10 [V] 14 [V] 256 [V] Nominal values Exceptional values Exceptional values Operator Delta Min Max Value Out of Range 0.1 10 14 Fix Value Out of Range 0.1 10 14 Status •voltage=12 Status •voltage=12 Status •voltage=14.1 Status •voltage=9.9 Status •voltage=15 Status •voltage=9 Status •voltage=13 Status •voltage=11 Example: Stateless Numerical
15 Mutants Test1 Test2 Test3 Mut1: set diod above 100 threshold SunSensor Probe Test1 Test2 Test3 Mut3: set voltage above range Status Probe Status •voltage=12 Test1 Test2 Test3 Mut4: set voltage below range Status Probe Status •voltage=12 Test1 Test2 Test3 Mut2: replace seqID with random DataMsg Probe SunSensor •diod=105
16 From Fault Model to Mutants Position Span Operator Delta Min Max 0 1 Bit flip 1 2 Value Out of Range 0.1 10 14 1 2 Fix Value Out of Range 0.1 10 14 3 2 Value Above Threshold 0.1 6 5 1 Value Above Threshold 1 10 Mut 2: set to 14.1 Mut 3: set to 9.9 Mut 5: set< to [10,14] Mut 4: set > to [10,14] Mut 6: set to 6.1 Mut 7: set to 10.1 Mut 1: flip bits
17 All Mutants are Tested Test1 Test2 Test3 Mut1: set above 100 threshold SunSensor Probe Test1 Test2 Test3 Mut3: set above range Status Probe Status •voltage=12 24 Test1 Test2 Test3 Mut4: set below range Status Probe Status •voltage=12 1 Test1 Test2 Test3 Mut2: replace with random DataMsg Probe SunSensor •diod=105 FAILURE
Three Metrics
19 Fault Model Coverage: % fault models covered Test1 Test2 Test3 Mut1: set above 100 threshold SunSensor Probe Test1 Test2 Test3 Mut3: set above range Status Probe Status •voltage=12 24 Test1 Test2 Test3 Mut4: set below range Status Probe Status •voltage=12 1 Test1 Test2 Test3 Mut2: replace with random DataMsg Probe SunSensor •diod=105 ⅔=66.6% FAILURE
20 Mutation Operation Coverage: % executed probes that mutated some data item Test1 Test2 Test3 Mut1: set above 100 threshold SunSensor Probe Test1 Test2 Test3 Mut3: set above range Status Probe Status •voltage=12 24 Test1 Test2 Test3 Mut4: set below range Status Probe Status •voltage=12 1 Test1 Test2 Test3 Mut2: replace with random DataMsg Probe SunSensor •diod=105 ⅔=66.6% FAILURE
21 Covered Mutation Score: % mutants that mutated some data and lead to failures Test1 Test2 Test3 Mut1: set above 100 threshold SunSensor Probe Test1 Test2 Test3 Mut3: set above range Status Probe Status •voltage=12 24 Test1 Test2 Test3 Mut4: set below range Status Probe Status •voltage=12 1 Test1 Test2 Test3 Mut2: replace with random DataMsg Probe SunSensor •diod=105 ½=50.0% FAILURE
Empirical Assessment
23 Subjects Central Unit Software ADCS Software PDHU Software Client Server ESAIL LibP GPS Fault Models Operators Mutants 10 142 172 3 29 29 1 23 23 6 44 44
24 RQ1. What are the types of test suite shortcomings identified by the approach? We confirm the successful identification of uncovered message types (1), uncovered input partitions (48), and poor oracles (60).
25 RQ2. What is the impact of equivalent and redundant data-driven mutants on the mutation analysis process? No equivalent/redundant mutants. Live mutants can be killed by introducing oracles that • verify additional entries in the log files • verify additional observable state variables • verify not only the presence of error messages but also their content.
26 RQ3. Is data-driven mutation feasible? The configuration of our toolset (configure operators and insert mutation probes) for each subject took between 3 and 20 working hours. Our industry partners found the required effort acceptable. Execution overhead between 1.3% and 3.16%, no violation of real-time constraints.
Test3 Test1 Test4 Test2 Central Unit Software ADCS Software PDHU Software Simulated HW emulator Mutation Probe Sun Sensor •diod1=23 Status •voltage=12 Status •voltage=1 12 Mutation Probe Sun Sensor Fault Model DataMsg Fault Model 1 100 15 FAILURE FAILURE FAILURE FAILURE DataMsg •seqID=20 Status Fault Model Mutation Probe Data-driven Mutation Analysis Empirical results demonstrate feasibility and effectiveness with industrial subjects DOI: 10.1109/TSE.2022.3213041 https://github.com/SNTSVV/DAMAT Testing CPS Software Central Unit Software ADCS Software PDHU Software Simulated/HW HW emulator How to assess if a test suite exercises components' interoperability properly? Data-driven Mutation Analysis for Cyber-Physical Systems
Data-driven Mutation Analysis for Cyber-Physical Systems Enrico Viganò, Oscar Cornejo, Fabrizio Pastore, Lionel Briand University of Luxembourg, University of Ottawa Journal First paper accepted in IEEE Transactions on Software Engineering DOI 10.1109/TSE.2022.3213041 ICSE 2023 - May 19th, 2023 https://github.com/SNTSVV/DAMAT

Recommended

SERENE 2014 Workshop: Paper "Using Instrumentation for Quality Assessment of ...
SERENE 2014 Workshop: Paper "Using Instrumentation for Quality Assessment of ...SERENE 2014 Workshop: Paper "Using Instrumentation for Quality Assessment of ...
SERENE 2014 Workshop: Paper "Using Instrumentation for Quality Assessment of ...SERENEWorkshop
 
Effective Test Suites for ! Mixed Discrete-Continuous Stateflow Controllers
Effective Test Suites for ! Mixed Discrete-Continuous Stateflow ControllersEffective Test Suites for ! Mixed Discrete-Continuous Stateflow Controllers
Effective Test Suites for ! Mixed Discrete-Continuous Stateflow ControllersLionel Briand
 
IEE572 Final Report
IEE572 Final ReportIEE572 Final Report
IEE572 Final Reportjgoldpac
 
Aplication of on line data analytics to a continuous process polybetene unit
Aplication of on line data analytics to a continuous process polybetene unitAplication of on line data analytics to a continuous process polybetene unit
Aplication of on line data analytics to a continuous process polybetene unitEmerson Exchange
 
Testing of Cyber-Physical Systems: Diversity-driven Strategies
Testing of Cyber-Physical Systems: Diversity-driven StrategiesTesting of Cyber-Physical Systems: Diversity-driven Strategies
Testing of Cyber-Physical Systems: Diversity-driven StrategiesLionel Briand
 
SE2_Lec 20_Software Testing
SE2_Lec 20_Software TestingSE2_Lec 20_Software Testing
SE2_Lec 20_Software TestingAmr E. Mohamed
 
Integrated protection and control strategies for microgrid
Integrated protection and control strategies for microgridIntegrated protection and control strategies for microgrid
Integrated protection and control strategies for microgridSiksha 'O' Anusandhan (Deemed to be University )
 
Black-box Behavioral Model Inference for Autopilot Software Systems
Black-box Behavioral Model Inference for Autopilot Software SystemsBlack-box Behavioral Model Inference for Autopilot Software Systems
Black-box Behavioral Model Inference for Autopilot Software SystemsMohammad Jafar Mashhadi
 

Recommended

SERENE 2014 Workshop: Paper "Using Instrumentation for Quality Assessment of ...
SERENE 2014 Workshop: Paper "Using Instrumentation for Quality Assessment of ...SERENE 2014 Workshop: Paper "Using Instrumentation for Quality Assessment of ...
SERENE 2014 Workshop: Paper "Using Instrumentation for Quality Assessment of ...SERENEWorkshop
 
Effective Test Suites for ! Mixed Discrete-Continuous Stateflow Controllers
Effective Test Suites for ! Mixed Discrete-Continuous Stateflow ControllersEffective Test Suites for ! Mixed Discrete-Continuous Stateflow Controllers
Effective Test Suites for ! Mixed Discrete-Continuous Stateflow ControllersLionel Briand
 
IEE572 Final Report
IEE572 Final ReportIEE572 Final Report
IEE572 Final Reportjgoldpac
 
Aplication of on line data analytics to a continuous process polybetene unit
Aplication of on line data analytics to a continuous process polybetene unitAplication of on line data analytics to a continuous process polybetene unit
Aplication of on line data analytics to a continuous process polybetene unitEmerson Exchange
 
Testing of Cyber-Physical Systems: Diversity-driven Strategies
Testing of Cyber-Physical Systems: Diversity-driven StrategiesTesting of Cyber-Physical Systems: Diversity-driven Strategies
Testing of Cyber-Physical Systems: Diversity-driven StrategiesLionel Briand
 
SE2_Lec 20_Software Testing
SE2_Lec 20_Software TestingSE2_Lec 20_Software Testing
SE2_Lec 20_Software TestingAmr E. Mohamed
 
Integrated protection and control strategies for microgrid
Integrated protection and control strategies for microgridIntegrated protection and control strategies for microgrid
Integrated protection and control strategies for microgridSiksha 'O' Anusandhan (Deemed to be University )
 
Black-box Behavioral Model Inference for Autopilot Software Systems
Black-box Behavioral Model Inference for Autopilot Software SystemsBlack-box Behavioral Model Inference for Autopilot Software Systems
Black-box Behavioral Model Inference for Autopilot Software SystemsMohammad Jafar Mashhadi
 
ATE-info
ATE-infoATE-info
ATE-infoMark Chien
 
Fault tolerant real-time scheduling
Fault tolerant real-time schedulingFault tolerant real-time scheduling
Fault tolerant real-time schedulingReza Ramezani
 
Quality control and automation by Dr Anurag Yadav
Quality control and automation by Dr Anurag YadavQuality control and automation by Dr Anurag Yadav
Quality control and automation by Dr Anurag YadavDr Anurag Yadav
 
MSc dissertation presentation
MSc dissertation presentationMSc dissertation presentation
MSc dissertation presentationgoncalobento
 
Webinar: Practical DDR Testing for Compliance, Validation and Debug
Webinar: Practical DDR Testing for Compliance, Validation and DebugWebinar: Practical DDR Testing for Compliance, Validation and Debug
Webinar: Practical DDR Testing for Compliance, Validation and Debugteledynelecroy
 
From sensor readings to prediction: on the process of developing practical so...
From sensor readings to prediction: on the process of developing practical so...From sensor readings to prediction: on the process of developing practical so...
From sensor readings to prediction: on the process of developing practical so...Manuel Martín
 
Datasheet profitest mbase_mtech (1)
Datasheet profitest mbase_mtech (1)Datasheet profitest mbase_mtech (1)
Datasheet profitest mbase_mtech (1)ιωαννης αληφραγκης
 
Applied Reliability Symposium 2009 M Turner
Applied Reliability Symposium 2009 M TurnerApplied Reliability Symposium 2009 M Turner
Applied Reliability Symposium 2009 M TurnerMark Turner CRP
 
MiL Testing of Highly Configurable Continuous Controllers
MiL Testing of Highly Configurable Continuous ControllersMiL Testing of Highly Configurable Continuous Controllers
MiL Testing of Highly Configurable Continuous ControllersLionel Briand
 
L1_Introduction.ppt
L1_Introduction.pptL1_Introduction.ppt
L1_Introduction.pptVarsha506533
 
Benefits of enhanced event analysis in datacenter otdr testing
Benefits of enhanced event analysis in datacenter otdr testingBenefits of enhanced event analysis in datacenter otdr testing
Benefits of enhanced event analysis in datacenter otdr testingFangXuIEEE
 
CBM Fault Detection by Carl Byington
CBM Fault Detection by Carl ByingtonCBM Fault Detection by Carl Byington
CBM Fault Detection by Carl ByingtonCarl Byington
 
QCP user manual EN.pdf
QCP user manual EN.pdfQCP user manual EN.pdf
QCP user manual EN.pdfEmerson Ceras
 
Ch 6 randomization
Ch 6 randomizationCh 6 randomization
Ch 6 randomizationTeam-VLSI-ITMU
 
Basic method of measurement.pptx
Basic method of measurement.pptxBasic method of measurement.pptx
Basic method of measurement.pptxSivaGovind2
 
Noninvesive Lie Detection
Noninvesive Lie DetectionNoninvesive Lie Detection
Noninvesive Lie DetectionSarun Sumriddetchkajorn
 
Test cases for effective testing - part 2
Test cases for effective testing - part 2Test cases for effective testing - part 2
Test cases for effective testing - part 2Mona M. Abd El-Rahman
 
Concept of Limit of Detection (LOD)
Concept of Limit of Detection (LOD)Concept of Limit of Detection (LOD)
Concept of Limit of Detection (LOD)GH Yeoh
 
Modeling full scale-data(2)
Modeling full scale-data(2)Modeling full scale-data(2)
Modeling full scale-data(2)John B. Cook, PE, CEO
 
Hairong Qi V Swaminathan
Hairong Qi V SwaminathanHairong Qi V Swaminathan
Hairong Qi V SwaminathanFNian
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalLionel Briand
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLionel Briand
 

More Related Content

Similar to Data-Driven Mutation Analysis for CPS

Fault tolerant real-time scheduling
Fault tolerant real-time schedulingFault tolerant real-time scheduling
Fault tolerant real-time schedulingReza Ramezani
 
Quality control and automation by Dr Anurag Yadav
Quality control and automation by Dr Anurag YadavQuality control and automation by Dr Anurag Yadav
Quality control and automation by Dr Anurag YadavDr Anurag Yadav
 
MSc dissertation presentation
MSc dissertation presentationMSc dissertation presentation
MSc dissertation presentationgoncalobento
 
Webinar: Practical DDR Testing for Compliance, Validation and Debug
Webinar: Practical DDR Testing for Compliance, Validation and DebugWebinar: Practical DDR Testing for Compliance, Validation and Debug
Webinar: Practical DDR Testing for Compliance, Validation and Debugteledynelecroy
 
From sensor readings to prediction: on the process of developing practical so...
From sensor readings to prediction: on the process of developing practical so...From sensor readings to prediction: on the process of developing practical so...
From sensor readings to prediction: on the process of developing practical so...Manuel Martín
 
Applied Reliability Symposium 2009 M Turner
Applied Reliability Symposium 2009 M TurnerApplied Reliability Symposium 2009 M Turner
Applied Reliability Symposium 2009 M TurnerMark Turner CRP
 
MiL Testing of Highly Configurable Continuous Controllers
MiL Testing of Highly Configurable Continuous ControllersMiL Testing of Highly Configurable Continuous Controllers
MiL Testing of Highly Configurable Continuous ControllersLionel Briand
 
L1_Introduction.ppt
L1_Introduction.pptL1_Introduction.ppt
L1_Introduction.pptVarsha506533
 
Benefits of enhanced event analysis in datacenter otdr testing
Benefits of enhanced event analysis in datacenter otdr testingBenefits of enhanced event analysis in datacenter otdr testing
Benefits of enhanced event analysis in datacenter otdr testingFangXuIEEE
 
CBM Fault Detection by Carl Byington
CBM Fault Detection by Carl ByingtonCBM Fault Detection by Carl Byington
CBM Fault Detection by Carl ByingtonCarl Byington
 
QCP user manual EN.pdf
QCP user manual EN.pdfQCP user manual EN.pdf
QCP user manual EN.pdfEmerson Ceras
 
Basic method of measurement.pptx
Basic method of measurement.pptxBasic method of measurement.pptx
Basic method of measurement.pptxSivaGovind2
 
Test cases for effective testing - part 2
Test cases for effective testing - part 2Test cases for effective testing - part 2
Test cases for effective testing - part 2Mona M. Abd El-Rahman
 
Concept of Limit of Detection (LOD)
Concept of Limit of Detection (LOD)Concept of Limit of Detection (LOD)
Concept of Limit of Detection (LOD)GH Yeoh
 
Hairong Qi V Swaminathan
Hairong Qi V SwaminathanHairong Qi V Swaminathan
Hairong Qi V SwaminathanFNian
 

Similar to Data-Driven Mutation Analysis for CPS (20)

ATE-info
ATE-infoATE-info
ATE-info
 
Fault tolerant real-time scheduling
Fault tolerant real-time schedulingFault tolerant real-time scheduling
Fault tolerant real-time scheduling
 
Quality control and automation by Dr Anurag Yadav
Quality control and automation by Dr Anurag YadavQuality control and automation by Dr Anurag Yadav
Quality control and automation by Dr Anurag Yadav
 
MSc dissertation presentation
MSc dissertation presentationMSc dissertation presentation
MSc dissertation presentation
 
Webinar: Practical DDR Testing for Compliance, Validation and Debug
Webinar: Practical DDR Testing for Compliance, Validation and DebugWebinar: Practical DDR Testing for Compliance, Validation and Debug
Webinar: Practical DDR Testing for Compliance, Validation and Debug
 
From sensor readings to prediction: on the process of developing practical so...
From sensor readings to prediction: on the process of developing practical so...From sensor readings to prediction: on the process of developing practical so...
From sensor readings to prediction: on the process of developing practical so...
 
Datasheet profitest mbase_mtech (1)
Datasheet profitest mbase_mtech (1)Datasheet profitest mbase_mtech (1)
Datasheet profitest mbase_mtech (1)
 
Applied Reliability Symposium 2009 M Turner
Applied Reliability Symposium 2009 M TurnerApplied Reliability Symposium 2009 M Turner
Applied Reliability Symposium 2009 M Turner
 
MiL Testing of Highly Configurable Continuous Controllers
MiL Testing of Highly Configurable Continuous ControllersMiL Testing of Highly Configurable Continuous Controllers
MiL Testing of Highly Configurable Continuous Controllers
 
L1_Introduction.ppt
L1_Introduction.pptL1_Introduction.ppt
L1_Introduction.ppt
 
Benefits of enhanced event analysis in datacenter otdr testing
Benefits of enhanced event analysis in datacenter otdr testingBenefits of enhanced event analysis in datacenter otdr testing
Benefits of enhanced event analysis in datacenter otdr testing
 
CBM Fault Detection by Carl Byington
CBM Fault Detection by Carl ByingtonCBM Fault Detection by Carl Byington
CBM Fault Detection by Carl Byington
 
QCP user manual EN.pdf
QCP user manual EN.pdfQCP user manual EN.pdf
QCP user manual EN.pdf
 
Ch 6 randomization
Ch 6 randomizationCh 6 randomization
Ch 6 randomization
 
Basic method of measurement.pptx
Basic method of measurement.pptxBasic method of measurement.pptx
Basic method of measurement.pptx
 
Noninvesive Lie Detection
Noninvesive Lie DetectionNoninvesive Lie Detection
Noninvesive Lie Detection
 
Test cases for effective testing - part 2
Test cases for effective testing - part 2Test cases for effective testing - part 2
Test cases for effective testing - part 2
 
Concept of Limit of Detection (LOD)
Concept of Limit of Detection (LOD)Concept of Limit of Detection (LOD)
Concept of Limit of Detection (LOD)
 
Modeling full scale-data(2)
Modeling full scale-data(2)Modeling full scale-data(2)
Modeling full scale-data(2)
 
Hairong Qi V Swaminathan
Hairong Qi V SwaminathanHairong Qi V Swaminathan
Hairong Qi V Swaminathan
 

More from Lionel Briand

Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalLionel Briand
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLionel Briand
 
Metamorphic Testing for Web System Security
Metamorphic Testing for Web System SecurityMetamorphic Testing for Web System Security
Metamorphic Testing for Web System SecurityLionel Briand
 
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...Lionel Briand
 
Fuzzing for CPS Mutation Testing
Fuzzing for CPS Mutation TestingFuzzing for CPS Mutation Testing
Fuzzing for CPS Mutation TestingLionel Briand
 
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled SystemsMany-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled SystemsLionel Briand
 
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...Lionel Briand
 
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...Lionel Briand
 
PRINS: Scalable Model Inference for Component-based System Logs
PRINS: Scalable Model Inference for Component-based System LogsPRINS: Scalable Model Inference for Component-based System Logs
PRINS: Scalable Model Inference for Component-based System LogsLionel Briand
 
Revisiting the Notion of Diversity in Software Testing
Revisiting the Notion of Diversity in Software TestingRevisiting the Notion of Diversity in Software Testing
Revisiting the Notion of Diversity in Software TestingLionel Briand
 
Applications of Search-based Software Testing to Trustworthy Artificial Intel...
Applications of Search-based Software Testing to Trustworthy Artificial Intel...Applications of Search-based Software Testing to Trustworthy Artificial Intel...
Applications of Search-based Software Testing to Trustworthy Artificial Intel...Lionel Briand
 
Autonomous Systems: How to Address the Dilemma between Autonomy and Safety
Autonomous Systems: How to Address the Dilemma between Autonomy and SafetyAutonomous Systems: How to Address the Dilemma between Autonomy and Safety
Autonomous Systems: How to Address the Dilemma between Autonomy and SafetyLionel Briand
 
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...Lionel Briand
 
Reinforcement Learning for Test Case Prioritization
Reinforcement Learning for Test Case PrioritizationReinforcement Learning for Test Case Prioritization
Reinforcement Learning for Test Case PrioritizationLionel Briand
 
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...Lionel Briand
 
On Systematically Building a Controlled Natural Language for Functional Requi...
On Systematically Building a Controlled Natural Language for Functional Requi...On Systematically Building a Controlled Natural Language for Functional Requi...
On Systematically Building a Controlled Natural Language for Functional Requi...Lionel Briand
 
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...Lionel Briand
 
Guidelines for Assessing the Accuracy of Log Message Template Identification ...
Guidelines for Assessing the Accuracy of Log Message Template Identification ...Guidelines for Assessing the Accuracy of Log Message Template Identification ...
Guidelines for Assessing the Accuracy of Log Message Template Identification ...Lionel Briand
 
A Theoretical Framework for Understanding the Relationship between Log Parsin...
A Theoretical Framework for Understanding the Relationship between Log Parsin...A Theoretical Framework for Understanding the Relationship between Log Parsin...
A Theoretical Framework for Understanding the Relationship between Log Parsin...Lionel Briand
 
Requirements in Cyber-Physical Systems: Specifications and Applications
Requirements in Cyber-Physical Systems: Specifications and ApplicationsRequirements in Cyber-Physical Systems: Specifications and Applications
Requirements in Cyber-Physical Systems: Specifications and ApplicationsLionel Briand
 

More from Lionel Briand (20)

Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive Goal
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and Repair
 
Metamorphic Testing for Web System Security
Metamorphic Testing for Web System SecurityMetamorphic Testing for Web System Security
Metamorphic Testing for Web System Security
 
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
 
Fuzzing for CPS Mutation Testing
Fuzzing for CPS Mutation TestingFuzzing for CPS Mutation Testing
Fuzzing for CPS Mutation Testing
 
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled SystemsMany-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
 
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
 
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
 
PRINS: Scalable Model Inference for Component-based System Logs
PRINS: Scalable Model Inference for Component-based System LogsPRINS: Scalable Model Inference for Component-based System Logs
PRINS: Scalable Model Inference for Component-based System Logs
 
Revisiting the Notion of Diversity in Software Testing
Revisiting the Notion of Diversity in Software TestingRevisiting the Notion of Diversity in Software Testing
Revisiting the Notion of Diversity in Software Testing
 
Applications of Search-based Software Testing to Trustworthy Artificial Intel...
Applications of Search-based Software Testing to Trustworthy Artificial Intel...Applications of Search-based Software Testing to Trustworthy Artificial Intel...
Applications of Search-based Software Testing to Trustworthy Artificial Intel...
 
Autonomous Systems: How to Address the Dilemma between Autonomy and Safety
Autonomous Systems: How to Address the Dilemma between Autonomy and SafetyAutonomous Systems: How to Address the Dilemma between Autonomy and Safety
Autonomous Systems: How to Address the Dilemma between Autonomy and Safety
 
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
 
Reinforcement Learning for Test Case Prioritization
Reinforcement Learning for Test Case PrioritizationReinforcement Learning for Test Case Prioritization
Reinforcement Learning for Test Case Prioritization
 
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
 
On Systematically Building a Controlled Natural Language for Functional Requi...
On Systematically Building a Controlled Natural Language for Functional Requi...On Systematically Building a Controlled Natural Language for Functional Requi...
On Systematically Building a Controlled Natural Language for Functional Requi...
 
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
 
Guidelines for Assessing the Accuracy of Log Message Template Identification ...
Guidelines for Assessing the Accuracy of Log Message Template Identification ...Guidelines for Assessing the Accuracy of Log Message Template Identification ...
Guidelines for Assessing the Accuracy of Log Message Template Identification ...
 
A Theoretical Framework for Understanding the Relationship between Log Parsin...
A Theoretical Framework for Understanding the Relationship between Log Parsin...A Theoretical Framework for Understanding the Relationship between Log Parsin...
A Theoretical Framework for Understanding the Relationship between Log Parsin...
 
Requirements in Cyber-Physical Systems: Specifications and Applications
Requirements in Cyber-Physical Systems: Specifications and ApplicationsRequirements in Cyber-Physical Systems: Specifications and Applications
Requirements in Cyber-Physical Systems: Specifications and Applications
 

Recently uploaded

What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 

Recently uploaded (20)

What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 

Data-Driven Mutation Analysis for CPS

  • 1. Data-driven Mutation Analysis for Cyber-Physical Systems Enrico Viganò1, Oscar Cornejo1, Fabrizio Pastore1, Lionel Briand1,2 1 University of Luxembourg, 2 University of Ottawa Journal First paper accepted in IEEE Transactions on Software Engineering DOI 10.1109/TSE.2022.3213041 ICSE 2023 - May 19th, 2023
  • 4. 4 Testing CPS Software Central Unit Software ADCS Software PDHU Software Simulated/HW HW emulator How to assess if a test suite exercises components' interoperability properly?
  • 5. 5 Test3 Test1 Test4 Test2 Testing CPS Software Central Unit Software ADCS Software PDHU Software HW emulator Sun Sensor •diod1=23 Status •voltage=12 Status •voltage=1 DataMsg •seqID=20 FAILURE 24 Simulated/HW
  • 6. How to assess if a test suite exercises components' interoperability properly? Mutation Analysis
  • 7. 7 Test3 Test1 Test4 Test2 Can’t mutate the simulated system Central Unit Software ADCS Software PDHU Software HW emulator Sun Sensor •diod1=23 Status •voltage=12 Status •voltage=1 DataMsg •seqID=20 Simulated/HW 11
  • 9. 9 Test3 Test1 Test4 Test2 Central Unit Software ADCS Software PDHU Software Simulated HW emulator Mutation Probe Sun Sensor •diod1=23 Status •voltage=12 Status •voltage=1 12 Mutation Probe Sun Sensor Fault Model DataMsg Fault Model 1 100 15 FAILURE FAILURE FAILURE FAILURE DataMsg •seqID=20 Status Fault Model Mutation Probe
  • 10. 10 Message Data Buffers Data Item 1 Data Item 2 Data Item 4 Data Item 3 Units in error Watchdog counter Circuit voltage Power supply (binary) (integer) (double) (double)
  • 11. 11 Fault Model Example Position Span Type Operator Delta Min Max 0 1 Binary Bit flip 1 2 Double Value Out of Range 0.1 10 14 1 2 Double Fix Value Out of Range 0.1 10 14 3 2 Double Value Above Threshold 0.1 6 5 1 Integer Value Above Threshold 1 10 Data Item 1 Data Item 2 Data Item 4 Data Item 3
  • 12. 12 12 Mutation Operators Value out of range (VOR) Fix value out of range (FVOR) Value above threshold (VAT) Fix value above threshold (FVAT) Value below threshold (VBT) Fix value below threshold (FVBT) Bit flip (BF) Random legal value (INV) Illegal value (IV) Amplified signal (AS) Shifted signal (SS) Flatten signal (HV)
  • 13. 13 Fault Modelling Methodology Data nature Dependencies # Input partitions Repr. Type Input partition type Numerical Categorical Stateless Stateful Signal BF ASA, SS, HV INV VOR+FVOR Nominal Non Nom. Other Ordinal ASA BF IV 2 >2 VAT+ FVAT VOR+ FVOR Integer Binary
  • 14. 14 . . . . 0 [V] 10 [V] 14 [V] 256 [V] Nominal values Exceptional values Exceptional values Operator Delta Min Max Value Out of Range 0.1 10 14 Fix Value Out of Range 0.1 10 14 Status •voltage=12 Status •voltage=12 Status •voltage=14.1 Status •voltage=9.9 Status •voltage=15 Status •voltage=9 Status •voltage=13 Status •voltage=11 Example: Stateless Numerical
  • 15. 15 Mutants Test1 Test2 Test3 Mut1: set diod above 100 threshold SunSensor Probe Test1 Test2 Test3 Mut3: set voltage above range Status Probe Status •voltage=12 Test1 Test2 Test3 Mut4: set voltage below range Status Probe Status •voltage=12 Test1 Test2 Test3 Mut2: replace seqID with random DataMsg Probe SunSensor •diod=105
  • 16. 16 From Fault Model to Mutants Position Span Operator Delta Min Max 0 1 Bit flip 1 2 Value Out of Range 0.1 10 14 1 2 Fix Value Out of Range 0.1 10 14 3 2 Value Above Threshold 0.1 6 5 1 Value Above Threshold 1 10 Mut 2: set to 14.1 Mut 3: set to 9.9 Mut 5: set< to [10,14] Mut 4: set > to [10,14] Mut 6: set to 6.1 Mut 7: set to 10.1 Mut 1: flip bits
  • 17. 17 All Mutants are Tested Test1 Test2 Test3 Mut1: set above 100 threshold SunSensor Probe Test1 Test2 Test3 Mut3: set above range Status Probe Status •voltage=12 24 Test1 Test2 Test3 Mut4: set below range Status Probe Status •voltage=12 1 Test1 Test2 Test3 Mut2: replace with random DataMsg Probe SunSensor •diod=105 FAILURE
  • 19. 19 Fault Model Coverage: % fault models covered Test1 Test2 Test3 Mut1: set above 100 threshold SunSensor Probe Test1 Test2 Test3 Mut3: set above range Status Probe Status •voltage=12 24 Test1 Test2 Test3 Mut4: set below range Status Probe Status •voltage=12 1 Test1 Test2 Test3 Mut2: replace with random DataMsg Probe SunSensor •diod=105 ⅔=66.6% FAILURE
  • 20. 20 Mutation Operation Coverage: % executed probes that mutated some data item Test1 Test2 Test3 Mut1: set above 100 threshold SunSensor Probe Test1 Test2 Test3 Mut3: set above range Status Probe Status •voltage=12 24 Test1 Test2 Test3 Mut4: set below range Status Probe Status •voltage=12 1 Test1 Test2 Test3 Mut2: replace with random DataMsg Probe SunSensor •diod=105 ⅔=66.6% FAILURE
  • 21. 21 Covered Mutation Score: % mutants that mutated some data and lead to failures Test1 Test2 Test3 Mut1: set above 100 threshold SunSensor Probe Test1 Test2 Test3 Mut3: set above range Status Probe Status •voltage=12 24 Test1 Test2 Test3 Mut4: set below range Status Probe Status •voltage=12 1 Test1 Test2 Test3 Mut2: replace with random DataMsg Probe SunSensor •diod=105 ½=50.0% FAILURE
  • 23. 23 Subjects Central Unit Software ADCS Software PDHU Software Client Server ESAIL LibP GPS Fault Models Operators Mutants 10 142 172 3 29 29 1 23 23 6 44 44
  • 24. 24 RQ1. What are the types of test suite shortcomings identified by the approach? We confirm the successful identification of uncovered message types (1), uncovered input partitions (48), and poor oracles (60).
  • 25. 25 RQ2. What is the impact of equivalent and redundant data-driven mutants on the mutation analysis process? No equivalent/redundant mutants. Live mutants can be killed by introducing oracles that • verify additional entries in the log files • verify additional observable state variables • verify not only the presence of error messages but also their content.
  • 26. 26 RQ3. Is data-driven mutation feasible? The configuration of our toolset (configure operators and insert mutation probes) for each subject took between 3 and 20 working hours. Our industry partners found the required effort acceptable. Execution overhead between 1.3% and 3.16%, no violation of real-time constraints.
  • 27. Test3 Test1 Test4 Test2 Central Unit Software ADCS Software PDHU Software Simulated HW emulator Mutation Probe Sun Sensor •diod1=23 Status •voltage=12 Status •voltage=1 12 Mutation Probe Sun Sensor Fault Model DataMsg Fault Model 1 100 15 FAILURE FAILURE FAILURE FAILURE DataMsg •seqID=20 Status Fault Model Mutation Probe Data-driven Mutation Analysis Empirical results demonstrate feasibility and effectiveness with industrial subjects DOI: 10.1109/TSE.2022.3213041 https://github.com/SNTSVV/DAMAT Testing CPS Software Central Unit Software ADCS Software PDHU Software Simulated/HW HW emulator How to assess if a test suite exercises components' interoperability properly? Data-driven Mutation Analysis for Cyber-Physical Systems
  • 28. Data-driven Mutation Analysis for Cyber-Physical Systems Enrico Viganò, Oscar Cornejo, Fabrizio Pastore, Lionel Briand University of Luxembourg, University of Ottawa Journal First paper accepted in IEEE Transactions on Software Engineering DOI 10.1109/TSE.2022.3213041 ICSE 2023 - May 19th, 2023 https://github.com/SNTSVV/DAMAT