Skip to main content

Advertisement

Springer Nature Link
Log in

An automated testing experiment for layered embedded C code

  • Regular Paper
  • Published:
International Journal on Software Tools for Technology Transfer Aims and scope Submit manuscript

Abstract

This paper describes an experiment using an automated tool for testing smart cards embedded software developed in C. Conventional testing of smart cards uses low-level commands and writing the use cases and test scripts is an error-prone and tedious task. Our goal was to show how one can use a formal tool to improve the testing process in order to concentrate better on the efficiency of the test. The approach consists in modeling each layer of the system independently while abstracting the services provided by the lower layers. The model is then verified, simulated and test cases are automatically generated using test criteria such as reachable state coverage and transition coverage. We also developed a translator to execute those test cases on the C implementation of the system. We show the results obtained and the lessons learned from the application of this approach to the validation phase of a smart cards file system manager.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Chen, Z.: Java Card Technology for Smart Cards: Architecture and Programmer’s Guide. The Java Series. Addison-Wesley, Reading (2000)

  2. Pretschner A., Slotosch O., Aiglstorfer E., Kriebel S.: Model based testing for real—the inhouse card case study. J. Softw. Tools Technol. Transf. 5(2–3), 140–157 (2004)

    Article  Google Scholar 

  3. Berry G.: The foundation of Esterel. In: Plotkin, G., Stirling, C., Tofte, M. (eds) Proof, Language and Interaction, Essays in Honour of Robin Milner., MIT press, Cambridge (2000)

    Google Scholar 

  4. André, C.: Syncharts: a visual representation of reactive behaviors. Technical Report RR 95–52, rev. RR (96–56), I3S, Sophia-Antipolis, France, Rev. April (1996)

  5. King J.C.: Symbolic execution and program testing. Commun. ACM 19(7), 385–394 (1976)

    Article  MATH  Google Scholar 

  6. Clarke L.: A system to generate test data and symbolically execute programs. IEEE Trans. Softw. Eng. 2(3), 215–222 (1976)

    Article  Google Scholar 

  7. International Organization for Standardization (ISO). ISO/IEC9646: Information processing systems—Open Systems Interconnection—Conformance testing methodology and framework (1999)

  8. El-Far, I.K., Whittaker, J.A.: Model-based software testing. In: Marciniak, J.J. (ed.) Encyclopedia of Software Engineering, pp. 825–837. Wiley, New York (2001)

  9. Bernard E., Legeard B., Luck X., Peureux F.: Generation of test sequences from formal specifications: GSM 11-11 standard case study. Int. J. Softw. Pract. Exp. 34(10), 915–948 (2004)

    Article  Google Scholar 

  10. Bouquet, F., Legeard, B., Peureux, F., Torreborre, E.: Mastering Test Generation from Smart Card Software Formal Models. In: Proc. of CASSIS’04. Lecture Notes in Computer Science, vol. 3362, pp. 70–85. Springer, Berlin (2004)

  11. Philipps J., Pretschner A., Slotosch O., Aiglstorfer E., Kriebel S., Scholl K.: Model-based test case generation for smart cards. Electr. Notes Theor. Comput. Sci. 80, 1–15 (2003)

    Article  Google Scholar 

  12. Clarke, D., J豯n, T., Rusu, V., Zinovieva, E.: Automated test and oracle generation for smart-card applications. In: Proc. of E-SMART’01. Lecture Notes in Computer Science, vol. 2140, pp. 58–70. Springer, Berlin (2001)

  13. Zhu H., Hall P.A.V., May J.H.R.: Software unit test coverage and adequacy. ACM Comput. Surv. 29(4), 366–427 (1997)

    Article  Google Scholar 

  14. Coppit D., Yang J., Khurshid S., Le W., Sullivan K.J.: Software assurance by bounded exhaustive testing. IEEE Trans. Softw. Eng. 31(4), 328–339 (2005)

    Article  Google Scholar 

  15. Bigot, C., Faivre, A., Gaston, C., Simon, J.: Automatic test generation on a (U)SIM smartcard. In: Domingo-Ferrer, J., Posegga, J., Schreckling, D. (eds.) Proc. of CARDIS’06. Lecture Notes in Computer Science, vol. 3928. Springer, Berlin (2006 to appear)

  16. Cheon, Y., Leavens, G.T.: A simple and practical approach to unit testing: the JML and JUnit way. In: Magnusson, B. (ed.) Proceedings of ECOOP’02. Lecture Notes in Computer Science, vol. 2374, pp. 231–255. Springer, Berlin (2002)

  17. Visser W., Păsăreanu C.S., Khurshid S.: Test input generation with Java PathFinder. SIGSOFT Softw. Eng. Notes 29(4), 97–107 (2004)

    Article  Google Scholar 

  18. Barnett, M., Rustan, K., Leino, M., Schulte, W.: The Spec# programming system: an overview. In: Barthe, G., Burdy, L., Huisman, M. (eds.) Procs. of CASSIS’04. Lecture Notes in Computer Science, vol. 3362, pp. 49–69. Springer, Berlin (2004)

  19. Campbell, C., Grieskamp, W., Nachmanson, L., Schulte, W., Tillmann, N., Veanes, M.: Testing concurrent object-oriented systems with Spec Explorer (extended abstract). In: Fitzgerald, J., Hayes, I.J., Tarlecki, A. (eds.) Proc. of FM’05. Lecture Notes in Computer Science, vol. 3582, pp. 542–547. Springer, Berlin (2005)

  20. Common criteria for information technology security evaluation, August 1999. Version 2.1. http://www.commoncriteriaportal.org/

  21. Andronick, J., Chetali, B., Paulin-Mohring, C.: Formal verification of security properties of smart card embedded source code. In: Fitzgerald, J., Hayes, I.J., Tarlecki, A. (eds.) Proc. of FM’05. Lecture Notes in Computer Science, vol. 3582, pp. 302–317. Springer, Berlin (2005)

  22. Andronick, J., Chetali, B., Ly, O.: Using Coq to verify Java Card Applet isolation properties. In: Basin, D.A., Wolff, B. (eds.) Proc. of TPHOLs’03. Lecture Notes in Computer Science, vol. 2758, pp. 335–351. Springer, Berlin (2003)

  23. Nguyen, Q-H., Chetali, B.: Certifying Native Java Card API by formal refinement. In: Domingo-Ferrer, J., Posegga, J., Schreckling, D. (eds.) Proc. of CARDIS’06. Lecture Notes in Computer Science, vol. 3928, pp. 313–328. Springer, Berlin (2006)

  24. Casset, L.: Development of an embedded verifier for Java Card byte code using formal methods. In: Eriksson, L.-H., Lindsay, P. (eds.) Proc. of FME’02. Lecture Notes in Computer Science, vol. 2391, pp. 290–309 (2002)

Download references

Author information

Authors and Affiliations

  1. Gemalto, Security Labs, 6, rue de la Verrerie, 92197, Meudon Cedex, France

    Boutheina Chetali & Quang-Huy Nguyen

Authors
  1. Boutheina Chetali
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Quang-Huy Nguyen
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Quang-Huy Nguyen.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Chetali, B., Nguyen, QH. An automated testing experiment for layered embedded C code. Int J Softw Tools Technol Transfer 11, 175–185 (2009). https://doi.org/10.1007/s10009-009-0108-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10009-009-0108-3

Keywords