Certifying derivation of state machines from coroutines

One of the biggest implementation challenges in security-critical network protocols is nested state machines. In practice today, state machines are either implemented manually at a low level, risking bugs easily missed in audits; or are written using higher-level abstractions like threads, depending on runtime systems that may sacrifice performance or compatibility with the ABIs of important platforms (e.g., resource-constrained IoT systems). We present a compiler-based technique allowing the best of both worlds, coding protocols in a natural high-level form, using freer monads to represent nested coroutines , which are then compiled automatically to lower-level code with explicit state. In fact, our compiler is implemented as a tactic in the Coq proof assistant, structuring compilation as search for an equivalence proof for source and target programs. As such, it is straightforwardly (and soundly) extensible with new hints, for instance regarding new data structures that may be used for efficient lookup of coroutines. As a case study, we implemented a core of TLS sufficient for use with popular Web browsers, and our experiments show that the extracted Haskell code achieves reasonable performance.

Coverage Criteria for State-Based Testing

State-based testing (SBT) is known as deriving test cases from state machines and examining the dynamic behaviour of the system. It helps to identify various types of state-based faults within a system under test (SUT). For SBT, test cases are generated from state chart diagrams based on various coverage criteria such as All Transition, Round Trip Path, All Transition Pair, All Transition Pair with length 2, All Transition Pair with length 3, All Transition Pair of length 4 and Full Predicate. This article discuses a number of coverage criteria at the design level to find out various types of state-based faults in SBT. First, the intermediate graph is generated from a state chart diagram using an XML parser. The graph is traversed based on the given coverage criteria to generate a sequence of test cases. Then, mutation testing and sneak-path testing are applied on the generated test cases to check the effectiveness of the generated test suite. These two are common methods for checking the effectiveness of test cases. Mutation testing helps in the number of seeded errors covered whereas sneak-path testing basically helps to examine the unspecified behavior of the system. In round trip path (RTP), it is not possible to cover all paths. All transition is not an adequate level of fault detection with more execution time compared to all transition pair (ATP) with length 4 (LN4). In the discussion, ATP with LN4 is the best among all coverage criteria. SBT can able to detect various state-based faults-incorrect transition, missing transition, missing or incorrect event, missing or incorrect action, extra missing or corrupt state, which are difficult to detect in code-based testing. Most of these state-based faults can be avoided, if the testing is conducted at the early phase of design.

Ontology-Based Modelling of State Machines for Production Robots in Smart Manufacturing Systems

The integration of modern IT technologies in production equipment does not only enable them to acquire information from different sources and provide it to others but also to make decisions depending on the situation. Due to the limited processing power of such equipment, usage of state machine to describe and program it is considered a promising direction. However, the necessity of intensive interaction of the equipment units causes problems related to interoperability, which are usually solved with the usage of ontologies. The objective of the presented research is to model state machines of production robots via ontologies. The results are demonstrated on the example of a fragment of an automated production line.

DIGITAL SAFETY MANAGER: IOT SERVICE TO ASSURE THE SAFE BEHAVIOUR OF MACHINES AND CONTROLS IN THE DIGITAL INDUSTRY

The digital industry requires increasingly complex and reliable software systems. They need to control and make critical decisions at runtime. As a consequence, the verification and validation of these systems has become a major research challenge. At design and development time, model testing techniques are used while run-time verification aims at verifying that a system satisfies a given property. The latter technique complements the former. The solution presented in this paper targets embedded systems whose software components are designed by state machines defined by Unified Modelling Language (UML). The CRESCO (C++ REflective State-Machines based observable software COmponents) platform generates software components that provide internal information at runtime and the verifier uses this information to check system-level reliability/safety contracts. The verifier detects when a system contract is violated and initiates a safeState process to prevent dangerous scenarios. These contracts are defined by internal information from the software components that make up the system. Thus, as demonstrated in the tested experiment, the robustness of the system is increased. All software components (controllers), such as the verifier, have been deployed as services (producers/consumers) of the Arrowhead IoT platform: the controllers are deployed on local Arrowhead platforms (Edge) and the verifier (Safety Manager) is deployed on an Arrowhead platform (Cloud) that will consume controllers on the Edge and ensure the proper functioning of the plant controllers. Keywords: run-time monitoring, robustness, software components, contracts, software models, state machines

Efficient parallel derivation of short distinguishing sequences for nondeterministic finite state machines using MapReduce

Distinguishing sequences are widely used in finite state machine-based conformance testing to solve the state identification problem. In this paper, we address the scalability issue encountered while deriving distinguishing sequences from complete observable nondeterministic finite state machines by introducing a massively parallel MapReduce version of the well-known Exact Algorithm. To the best of our knowledge, this is the first study to tackle this task using the MapReduce approach. First, we give a concise overview of the well-known Exact Algorithm for deriving distinguishing sequences from nondeterministic finite state machines. Second, we propose a parallel algorithm for this problem using the MapReduce approach and analyze its communication cost using Afrati et al. model. Furthermore, we conduct a variety of intensive and comparative experiments on a wide range of finite state machine classes to demonstrate that our proposed solution is efficient and scalable.