%\documentclass[t,12pt,numbers,fleqn,handout]{beamer}
\documentclass[t,12pt,numbers,fleqn]{beamer}
\usepackage{pgfpages}
\usepackage{hyperref}
\hypersetup{colorlinks=true,
linkcolor=blue,
citecolor=blue,
filecolor=blue,
urlcolor=blue,
unicode=false}
\urlstyle{same}
\usepackage{hhline}
\usepackage{booktabs}
\usepackage{multirow}
\usepackage{multicol}
\usepackage{array}
\usepackage{listings}
\usepackage{amssymb}
\usepackage{amsmath}
\useoutertheme{split} %so the footline can be seen, without needing pgfpages
% \pgfpagesuselayout{resize to}[letterpaper,border
% shrink=5mm,landscape] %if this is uncommented, the hyperref links do not work
\mode<presentation>{}
\input{../def-beamer}
\Draftfalse
\newcommand{\topicTitle}{30 Introduction to Verification Continued (Ch.\ 6)}
\ifDraft
\newcommand{\topic}{\topicTitle~DRAFT}
\else
\newcommand{\topic}{\topicTitle}
\fi
\input{../titlepage}
\begin{document}
\input{../footline}
\lstset{language=java,breaklines=true,showspaces=false,showstringspaces=false,breakatwhitespace=true}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{\topic}
\begin{itemize}
\item Partially based on slides by Dr.\ Wassyng, Ghezzi et al
\item Administrative details
\item Approaches to verification
\item Goals of testing
\item Test plan
\item Types of test - white box, versus black box, manual versus automated, etc.
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Administrative Details}
\ifDraft
TBD
\else
{
\begin{itemize}
\item A3
\begin{itemize}
\item Part 2 - Code: due 11:59 pm Mar 26
\end{itemize}
\item A4
\bi
\item Due April 9 at 11:59 pm
\item Might be tempted to write code first
\bi
\item Recommend starting with syntax of
module(s), state variables
\item Maybe program a little before semantics part
\ei
\ei
\end{itemize}
}
\fi
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Properties of Verification}
\begin{itemize}
\item May not be binary (OK, not OK)
\begin{itemize}
\item Severity of defect is important
\item Some defects may be tolerated
\item Our goal is typically acceptable reliability, not correctness
\end{itemize}
\item May be subjective or objective - for instance, usability, generic level of
maintainability or portability
\bi
\item \structure{How might we make usability objective?}
\ei
\item Even implicit qualities should be verified
\begin{itemize}
\item Because requirements are often incomplete
\item For instance robustness, maintainability, performance
\end{itemize}
\item \structure{What is better than implicitly specified
qualities?} % explicit!
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Approaches to Verification}
\begin{itemize}
\item \structure{What are some approaches to verification?}
\item \structure{How can we categorize these approaches?}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Approaches to Verification}
\begin{itemize}
\item Experiment with behaviour of product
\begin{itemize}
\item Sample behaviours via testing
\item Goal is to find ``counter examples''
\item \structure{Dynamic} technique
\item Examples: unit testing, integration testing, acceptance testing, white box
testing, stress testing, etc.
\end{itemize}
\item Analyze product to deduce its adequacy
\begin{itemize}
\item Analytic study of properties
\item \structure{Static} technique
\item Examples: Code walk-throughs, code inspections, correctness proof, etc.
\end{itemize}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Does our Engineering Analogy Fail?}
\begin{itemize}
\item \structure{If a bridge can hold 512 kN, can it hold 499 kN?}
\item \structure{If our software works for the input 512, will it work for 499?}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Verification in Engineering}
\begin{itemize}
\item Example of bridge design
\item One test assures infinite correct situations
\item In software a small change in the input may result in significantly different behaviour
\item There are also chaotic systems in nature, but products of engineering
design are usually stable and well-behaved
% consider the examples of weather, bifurcation in engineering, chaos theory for traffic, etc.
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Modified Version Works for 512, but not 499}
\includegraphics[scale=0.5]{../Figures/BinarySearch.png}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Testing and Lack of ``Continuity''}
\begin{itemize}
\item Testing samples behaviours by examining ``test cases''
\item Impossible to extrapolate behaviour of software from a finite set of test cases
\item No continuity of behaviour - it can exhibit correct behaviour in
infinitely many cases, but may still be incorrect in some cases
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Goals of Testing}
\begin{itemize}
\item \structure{If our code passes all test cases, is it now guaranteed to be
error free?}
\item \structure{Are 5000 random tests always better than 5 carefully selected
tests?}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Goals of Testing}
\begin{itemize}
\item To show the \structure{presence} of bugs (Dijkstra, 1972)
\item If tests do not detect failures, we cannot conclude that software is defect-free
\item Still, we need to do testing - driven by sound and systematic principles
\begin{itemize}
\item Random testing is often not a systematic principle to use
% look at the example from the text, or divide by zero within a circular range
\item Need a test plan
\end{itemize}
\item Should help isolate errors - to facilitate debugging
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Goals of Testing Continued}
\begin{itemize}
\item Should be repeatable
\begin{itemize}
\item Repeating the same experiment, we should get the same results
\item Repeatability may not be true because of the effect of the execution
environment on testing
\item Repeatability may not occur if there are uninitialized variables
\item Repeatability may not happen when there is nondeterminism
\end{itemize}
\item Should be accurate
\begin{itemize}
\item Accuracy increases reliability
\item Part of the motivation for formal specification
\end{itemize}
\item \structure{Is a \structure{successful} test case one that passes the test, or one
that shows a failure?}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Test Plan}
\begin{itemize}
\item \structure{Given that no single verification technique can prove
correctness, the practical approach is to use ALL verification techniques.
Is this statement True or False?}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Test Plan}
\begin{itemize}
\item Testing can uncover errors and build confidence in the software
\item Resources of time, people, facilities are limited
\item Need to plan how the software will be tested
\item You know in advance that the software is unlikely to be perfect
\item You need to put resources into the most important parts of the project
\item A risk analysis can determine where to put your limited resources
\item A risk is a condition that can result in a loss
\item Risk analysis involves looking at how bad the loss can be and at the
probability of the loss occurring
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Test Plan}
\begin{itemize}
\item Risks cannot be eliminated, but the development process can reduce the probability of loss associated with risks
to an ``acceptable'' level
\item One approach to risk analysis is FMEA - Failure Mode Effect Analysis
\item Consider the capstone project of the autonomous rescue robots (A3)
\begin{itemize}
\item The final grade is mostly based on the final documentation and the final
demonstration/presentation in front of an industry panel
\item \structure{What are the most significant risks?}
\item \structure{How do you test the robot?}
\item \structure{How should calibration be handled?}
\end{itemize}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Test Plan For Autonomous Rescue Robot}
\begin{itemize}
\item Consider the capstone project of the autonomous rescue robots
\begin{itemize}
\item Largest risk, robot fails during final demonstrations
\item Test to improve reliability
\item Test results of great interest to IBM judges
\item Think about test cases, think about testing environment versus final environment
\end{itemize}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{White Box Versus Black Box Testing}
\begin{itemize}
\item \structure{Do you know (or can you guess) the difference between white box
and black box testing?}
\item \structure{What if they were labelled transparent box and opaque box
testing, respectively?}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{White Box Versus Black Box Testing}
\begin{itemize}
\item White box testing is derived from the program's internal structure
\item Black box testing is derived from a description of the program's function
\item Should perform both white box and black box testing
\item Black box testing
\begin{itemize}
\item Uncovers errors that occur in implementing requirements or design specifications
\item Not concerned with how processing occurs, but with the results
\item Focuses on functional requirements for the system
\item Focuses on normal behaviour of the system
\end{itemize}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{White Box Testing}
\begin{itemize}
\item Uncovers errors that occur during implementation of the program
\item Concerned with how processing occurs
\item Evaluates whether the structure is sound
%\item Focuses on the nonfunctional requirements for the system
\item Focuses on abnormal or extreme behaviour of the system
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Dynamic Testing}
\begin{itemize}
\item \structure{Is there a dynamic testing technique that can guarantee
correctness?}
\item \structure{If so, what is the technique?}
\item \structure{Is this technique practical?}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Dynamic Versus Static Testing}
\begin{itemize}
\item Another classification of verification techniques, as previously discussed
\item Use a combination of dynamic and static testing
\item Dynamic analysis
\begin{itemize}
\item Requires the program to be executed
\item Test cases are run and results are checked against expected behaviour
\item Exhaustive testing is the only dynamic technique that guarantees program
validity
\item Exhaustive testing is usually impractical or impossible
\item Reduce number of test cases by finding criteria for choosing representative test cases
\end{itemize}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Static Testing Continued}
\begin{itemize}
\item Static analysis
\begin{itemize}
\item Does not involve program execution
\item Testing techniques simulate the dynamic environment
\item Includes syntax checking
\item Generally static testing is used in the requirements and design stage, where there is no code to execute
\item Document and code walkthroughs
\item Document and code inspections
\end{itemize}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Manual Versus Automated Testing}
\begin{itemize}
\item \structure{What is the difference between manual and automated testing?}
\item \structure{What are the advantages of automated testing?}
\item \structure{What is regression testing?}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Manual Versus Automated Testing}
\begin{itemize}
\item Manual testing
\begin{itemize}
\item Has to be conducted by people
\item Includes by-hand test cases, structured walkthroughs, code inspections
\end{itemize}
\item Automated testing
\begin{itemize}
\item The more automated the development process, the easier to automate testing
\item Less reliance on people
\item Necessary for \structure{regression testing}
\item Test tools can assist, such as Junit, Cppunit, CuTest etc.
\item Can be challenging to automate GUI tests
\item Test suite for Maple has 2 000 000 test cases, run on 14 platforms, every
night, automated reporting
\end{itemize}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Automated Testing at MapleSoft}
\begin{itemize}
\item Three steps
\begin{itemize}
\item Write the problem description
\item result := solver(problem)
\item assert(result == expected)
\end{itemize}
\item Assert writes out code to reproduce any failures
\item Track failures
\begin{itemize}
\item Source code management (like CVS or Subversion)
\item Database of test cases, functions called
\item Database of source files, functions defined
\item Database of 40 days of timings and resources used
\end{itemize}
\item Automatically sends an e-mail to the programmer and his/her boss
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Continuous Integration Testing}
\begin{itemize}
\item \structure{What is continuous integration testing?}
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Continuous Integration Testing}
\begin{itemize}
\item Information available on
\href{https://en.wikipedia.org/wiki/Continuous_integration}{Wikipedia}
\item Developers integrate their code into a shared repo frequently (multiple
times a day)
\item Each integration is automatically accompanied by regression tests and
other build tasks
\item Build server
\bi
\item Unit tests
\item Integration tests
\item Static analysis
\item Profile performance
\item Extract documentation
\item Update project web-page
\item Portability tests
\item etc.
\ei
\item Avoids potentially extreme problems with integration when the baseline and
a developer's code greatly differ
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Continuous Integration Tools}
\begin{itemize}
\item Gitlab
\bi
\item Example at
\href{https://gitlab.cas.mcmaster.ca/andrem5/RogueReborn/pipelines}{Rogue
Reborn}
\ei
\item Jenkins
\item Travis
\item \href{https://www.docker.com/}{Docker}
\bi
\item Eliminates the ``it works on my machine'' problem
\item Package dependencies with your apps
\item A container for lightweight virtualization
\item Not a full VM
\ei
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Quality Testing: Installability}
\begin{itemize}
\item \structure{How might you test installability?} %virtual machines, docker
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Fault Testing}
\begin{itemize}
\item Common analogy involves planting fish in a lake to estimate the fish population
\item T = total number of fish in the lake (to be estimated)
\item N = fish stocked (marked) in the lake
\item M = total number of fish caught in lake
\item M' = number of marked fish caught
\item T = (M - M')*N/M'
\item Artificially seed faults, discover both seeded and new faults, estimate the total number of faults
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Fault Testing Continued}
\begin{itemize}
\item Method assumes that the real and seeded faults have the same distribution
\item Hard to seed faults
\begin{itemize}
\item By hand (not a great idea)
\item Independent testing by two groups and obtain the faults from one group for use by the other
\end{itemize}
\item Want most of the discovered faults to be seeded faults
\item If many faults are found, this is a bad thing
\item The probability of errors is proportional to the number of errors already found
\end{itemize}
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\begin{frame}
\frametitle{Fault Testing Usage Homework}
After completion of a complex software project, two independent groups test
it. The first group finds 300 errors and the second group finds 200 errors. A
comparison of the errors discovered by the two teams shows that they found the
same error in 50 cases. What is the range that estimates the number of errors in
the original software project?
% M1 = 300, M1'=50, N1 = 200, T1 = 1000
% M2 = 200, M2'=50, N2 = 300, T2 = 900
\be[A.]
\item 900--1000 %answer
\item -17--25
\item 600--1500
\item 0--150
\item 150--250
\ee
\end{frame}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\end{document}