Behavioral interface specification languages, such as java modeling language (JML), can be used to specify the behavior of program modules. We have developed a behavioral interface specification language Moxa, an exte...
详细信息
Behavioral interface specification languages, such as java modeling language (JML), can be used to specify the behavior of program modules. We have developed a behavioral interface specification language Moxa, an extension of JML. Moxa provides a new modularization mechanism called assertion aspect that can capture the crosscutting properties among assertions. In this paper, we briefly explain the notion of assertion aspects and the design of Moxa, and then we show an example specification. By comparing the specification to its JML counterpart, we show that the use of assertion aspects clarifies the large, complex specification and greatly simplifies each assertion in the specification.
ESC/java2 is a tool that statically detects errors in java programs and that uses the java modeling language (JML) as its annotation language. ESC/java2 can modularly reason about the code of a java Web-based Enterpri...
详细信息
ESC/java2 is a tool that statically detects errors in java programs and that uses the java modeling language (JML) as its annotation language. ESC/java2 can modularly reason about the code of a java Web-based Enterprise Application (WEA) and uncover potential errors. In this paper, we assessed the effectiveness of ESC/java2 at helping developers increase WEA quality by detecting design and implementation issues.
We present an original approach for the automated computation of model-based test cases from specifications written in java modeling language (JML). We aim at activating all the behaviors from the JML method specifica...
详细信息
ISBN:
(纸本)3540372156
We present an original approach for the automated computation of model-based test cases from specifications written in java modeling language (JML). We aim at activating all the behaviors from the JML method specifications. Therefore, we extract each behavior and we compute the pertinent test data for the input parameters;we select the boundary values of the ordered domains, and we consider specific features for the objects, involving inheritance and aliasing. Finally, a preamble for each test case is computed by symbolic animation of the JML specification using constraint logic programming techniques. Thus, we are able to automatically generate executable java test sequences to be run on the system under test. Moreover, this process requires the less possible intervention from a validation engineer.
This paper describes the automated generation of test sequences derived from a JML specification and a safety property written in an ad hoc language, named JTPL. The functional JML model is animated to build the test ...
详细信息
ISBN:
(纸本)9783540496991
This paper describes the automated generation of test sequences derived from a JML specification and a safety property written in an ad hoc language, named JTPL. The functional JML model is animated to build the test sequences w.r.t. the safety properties, which represent the test targets. From these properties, we derive strategies that are used to guide the symbolic animation. Moreover, additional JML annotations reinforce the oracle in order to guarantee that the safety properties are not violated during the execution of the test suite. Finally, we illustrate this approach on an industrial javaCard case study.
This paper describes a tool for symbolically animating JML specifications using Constraint Logic Programming. A customized solver handles constraints that represent the value of instance fields. We have extended a mod...
详细信息
ISBN:
(纸本)3540253335
This paper describes a tool for symbolically animating JML specifications using Constraint Logic Programming. A customized solver handles constraints that represent the value of instance fields. We have extended a model-based approach to be able to handle object-oriented specifications. Our tool is also able to check properties during the simulation and exhibit counter-examples for false properties. Therefore, it can be used both for semi-automated verification and for validation purposes.
This paper presents a solution to the lack of tool-support for the JML models verification. We propose an approach for expressing JML specifications within the B abstract machines notation. The B machines generated fr...
详细信息
ISBN:
(纸本)3540255591
This paper presents a solution to the lack of tool-support for the JML models verification. We propose an approach for expressing JML specifications within the B abstract machines notation. The B machines generated from the JML can then be checked to ensure their correctness. Thus, we deduce the correctness of the original JML specification, ensured by rewriting rules which give the semantical equivalence of the two models. More generally, this translation can be applied to object-oriented specification languages using before-after predicates.
Design by Contract (DbC) is widely acknowledged to be a powerful technique for creating reliable software. DbC allows developers to specify the behavior of an operation precisely by pre- and post-conditions. Existing ...
详细信息
ISBN:
(纸本)0769524435
Design by Contract (DbC) is widely acknowledged to be a powerful technique for creating reliable software. DbC allows developers to specify the behavior of an operation precisely by pre- and post-conditions. Existing DbC approaches predominantly use textual representations of contracts to annotate the actual program code with assertions. In the Unified modelinglanguage (UML), the textual Object Constraint language (OCL) supports the specification of pre- and post-conditions by constraining the model elements that occur in UML diagrams. However textual specifications in OCL can become complex and cumbersome, especially for software developers who art, typically not used to OCL. In this paper we propose to specify the preand post-conditions of an operation visually by a pair of UML object diagrams (visual contract). We define a mapping of visual contracts into java classes that are annotated with behavioral interface specifications in the java modeling language (JML). The mapping supports testing the correctness of the implementation against the specification using JML tools, which include a runtime assertion checker Thus we make the visual contracts executable.
An unusually high number of published JML specifications are invalid or inconsistent, including cases from the security critical area of smart card applications. We claim that these specification errors are due to a m...
详细信息
ISBN:
(纸本)3540408282
An unusually high number of published JML specifications are invalid or inconsistent, including cases from the security critical area of smart card applications. We claim that these specification errors are due to a mismatch between user expectations and the current JML semantics of expressions over numeric types. At the heart of the problem is JML's language design decision to assign to arithmetic operators the same semantics as in java. Consequently, JML arithmetic is bounded in precision and more importantly loss of precision occurs stealthily. After a short discussion of JML language design goals and objectives, we introduce JMLa, an adaptation of JML supporting primitive arbitrary precision numeric types. To support our claim that the identified specification errors are due to JML's divergence from user expectations, we demonstrate that the invalidities and inconsistencies disappear under JMLa semantics with either no, or minor syntactic changes to the specifications. Other advantages of JMLa are illustrated including safety-how it allows an automated static checker like ESC/java to detect more specification and implementation errors. We also briefly illustrate how these issues are applicable to other assertion-based languages like Eiffel.
暂无评论