Olga Kouchnarenko

Julien Bernard, Pierre-Cyrille Héam, Olga Kouchnarenko

System modeling is a classical approach to ensure their reliability since it is suitable both for a formal verification and for software testing techniques. In the context of model-based testing an approach combining random testing and coverage based testing has been recently introduced [9]. However, this approach is not tractable on quite large models. In this paper we show how to use statistical approximations to make the approach work on larger models. Experimental results, on models of communicating protocols, are provided; they are very promising, both for the computation time and for the quality of the generated test suites.

Béatrice Bérard, Olga Kouchnarenko, John Mullins et al.

Given a probabilistic transition system (PTS) $\cal A$ partially observed by an attacker, and an $ω$-regular predicate $\varphi$over the traces of $\cal A$, measuring the disclosure of the secret $\varphi$ in $\cal A$ means computing the probability that an attacker who observes a run of $\cal A$ can ascertain that its trace belongs to $\varphi$. In the context of refinement, we consider specifications given as Interval-valued Discrete Time Markov Chains (IDTMCs), which are underspecified Markov chains where probabilities on edges are only required to belong to intervals. Scheduling an IDTMC $\cal S$ produces a concrete implementation as a PTS and we define the worst case disclosure of secret $\varphi$ in ${\cal S}$ as the maximal disclosure of $\varphi$ over all PTSs thus produced. We compute this value for a subclass of IDTMCs and we prove that refinement can only improve the opacity of implementations.

Arnaud Lanoix, Olga Kouchnarenko

Component substitution has numerous practical applications and constitutes an active research topic. This paper proposes to enrich an existing component-based framework--a model with dynamic reconfigurations making the system evolve--with a new reconfiguration operation which "substitutes" components by other components, and to study its impact on sequences of dynamic reconfigurations. Firstly, we define substitutability constraints which ensure the component encapsulation while performing reconfigurations by component substitutions. Then, we integrate them into a substitutability-based simulation to take these substituting reconfigurations into account on sequences of dynamic reconfigurations. Thirdly, as this new relation being in general undecidable for infinite-state systems, we propose a semi-algorithm to check it on the fly. Finally, we report on experimentations using the B tools to show the feasibility of the developed approach, and to illustrate the paper's proposals on an example of the HTTP server.

Alois Dreyfus, Pierre-Cyrille Heam, Olga Kouchnarenko

In the context of software testing, generating complex data inputs is frequently performed using a grammar-based specification. For combinatorial reasons, an exhaustive generation of the data -- of a given size -- is practically impossible, and most approaches are either based on random techniques or on coverage criteria. In this paper, we show how to combine these two techniques by biasing the random generation in order to optimise the probability of satisfying a coverage criterion.