Model-based Testing for Safety-Critical Systems

Author: Jan Peleska

Standards for safety-critical software systems in the transportation domains (avionics, railways, automotive) take into account that systems may be developed according to the model-driven paradigm. But what is their position with respect to model-driven testing? In this presentation, we summarise the explicit requirements imposed by these standards on the model-driven test approach and point out which aspects are currently not covered. The focus of the presentation lies on complete test strategies that are able to uncover every possible deviation of an implementation from its reference model, as longe as the true implementation behaviour is reflected by a model contained in a given fault domain. As an example, a novel result about complete model-based equivalence partition testing is used, and application examples from the railway domain are given. It is explained how such a complete strategy can be extended by adaptive random testing techniques, leading to a significant improvement of test strength for implementations outside the fault domain, when compared to conventional testing heuristics. Therefore we conclude that adaptations of complete strategies should become mandatory testing approaches in future versions of the applicable standards. It is further discussed whether this or similar results can be applied to effective security testing.