Reification of Executable Test Scripts in Formal Specification-Based Test Generation: The Java Card Transaction Mechanism Case Study

  • Fabrice Bouquet
  • Bruno Legeard
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2805)


Automatic generation of test cases from formal specification is a very promising way both to give a rationale for deciding the scope of testing and to reduce the time for test design and coding. In order to achieve this purpose, formal specification-based methods must solve the problem of executable test script generation from abstract test cases and automatic verdict assignment. This question requires calculating oracles, mapping between the abstract and concrete representations and monitoring test execution. In this paper, we present an effective use in the testing process of automatically generated test suites on an industrial application of Java Card Transaction Mechanism. Abstract test cases are synthesized from a B formal specification using a boundary value approach. From the abstract test cases, executable scripts are generated using execution context pattern and representation mappings. This is fully supported by a tool-set, called BZ-Testing-Tools. On the basis of this Java Card case study, we describe the difficulties that arose and present some generic solutions embedded in the BZ-Testing-Tools environment.


B abstract machine Formal methods Java Card Oracle synthesis Representation mapping Specification-Based test generation 


  1. 1.
    Abrial, J.-R.: The B-Book: Assigning Programs to Meaning. Cambridge University Press, Cambridge (1996)CrossRefGoogle Scholar
  2. 2.
    Ambert, F., Bouquet, F., Chemin, S., Guenaud, S., Legeard, B., Peureux, F., Vacelet, N., Utting, M.: BZ-TT: A tool-set for test generation from Z and B using contraint logic programming. In: Hierons, R., Jerron, T. (eds.) Formal Approaches to Testing of Software, FATES 2002 workshop of CONCUR 2002, August 2002, pp. 105–120. INRIA Report (2002)Google Scholar
  3. 3.
    Bernot, G., Gaudel, M.-C., Marre, B.: Software testing based on formal specifications: a theory and a tool. Software Engineering Journal 6(6), 387–405 (1991)CrossRefGoogle Scholar
  4. 4.
    Bouquet, F., Legeard, B., Peureux, F.: CLPS-B – A Constraint Solver for B. In: Katoen, J.-P., Stevens, P. (eds.) TACAS 2002. LNCS, vol. 2280, pp. 188–204. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  5. 5.
    Carrington, D., MacColl, I., McDonald, J., Murray, L., Strooper, P.: From object- Z specifications to classbench test suites. Technical Report 98–22, SVRC – University of Queensland (1998)Google Scholar
  6. 6.
    Clearsy. Atelier B V3, 10/2001,
  7. 7.
    Dick, J., Faivre, A.: Automating the generation and sequencing of test cases from model-based specifications. In: Larsen, P.G., Woodcock, J.C.P. (eds.) FME 1993. LNCS, vol. 670, pp. 268–284. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  8. 8.
    Fernandez, J.-C., Jard, C., Jeron, T., Viho, C.: Using on-the-fly verification techniques for the generation of test suites. In: Alur, R., Henzinger, T.A. (eds.) CAV 1996. LNCS, vol. 1102, pp. 348–359. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  9. 9.
    Gaudel, M.-C.: Testing can be formal too. In: Mosses, P.D., Schwartzbach, M.I., Nielsen, M. (eds.) CAAP 1995, FASE 1995, and TAPSOFT 1995. LNCS, vol. 915, pp. 82–96. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  10. 10.
    Hierons, R.: Testing from a Z specification. The Journal of Software Testing, Verification and Reliability 7, 19–33 (1997)CrossRefGoogle Scholar
  11. 11.
    ISO. OSI Conformance Testing Methodology and Framework – ISO 9646 (1999)Google Scholar
  12. 12.
    Jones, C.: Systematic Software Development Using VDM, 2nd edn. Prentice-Hall, Englewood Cliffs (1990)zbMATHGoogle Scholar
  13. 13.
    Legeard, B., Peureux, F.: Generation of functional test sequences from B formal specifications – presentation and industrial case-study. In: 16th IEEE International conference on Automated Software Engineering (ASE 2001), San Diego, USA, pp. 377–381. IEEE press, Los Alamitos (2001)CrossRefGoogle Scholar
  14. 14.
    Legeard, B., Peureux, F., Utting, M.: Automated boundary testing from Z and B. In: Eriksson, L.-H., Lindsay, P.A. (eds.) FME 2002. LNCS, vol. 2391, pp. 21–40. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    Offutt, A., Jin, Z., Pan, J.: The dynamic domain reduction procedure for test data generation. The Journal of Software Practice and Experience 29(2), 167–193 (1999)CrossRefGoogle Scholar
  16. 16.
    Peters, D.K., Parnas, D.L.: Using test oracles generated from program documentation. Software Engineering 24(3), 161–173 (1998)CrossRefGoogle Scholar
  17. 17.
    Richardson, D., O’Malley, S.A.T.: Specification-based test oracles for reactive systems. In: Proceedings of the 14th International Conference on Software Engineering (ICSE 1992), Melbourne, Australia, May 1992, pp. 105–118. ACM Press, New York (1992)Google Scholar
  18. 18.
    Spivey, J.: The Z notation: A Reference Manual, 2nd edn. Prentice-Hall, Englewood Cliffs (1993)Google Scholar
  19. 19.
    Sun microsystems. Java Card 2.1.1 Virtual Machine Specification (2000),
  20. 20.
    Tretmans, J.: Test generation with inputs, outputs and repetitive quiescence. Software-Concepts and Tools 17(3), 103–120 (1996)zbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Fabrice Bouquet
    • 1
  • Bruno Legeard
    • 1
  1. 1.Laboratoire d’Informatique (LIFC)Université de Franche-Comté CNRS – INRIA projet CASSISBesançonFrance

Personalised recommendations