Docstoc

examples of case tools

Document Sample
examples of case tools Powered By Docstoc
					                                                                             Softech               CASE tool-based system development                             1
                                                                                reiburg
                                                                                                        Motivation

                                                                              Why specify?
   CASE tool-based system development
            using UML/OCL                                                       – Complex software systems require a precise specification of
                                                                                  architecture and components.
                       Achim D. Brucker
                                                                                – Semi-formal methods (like UML) are not strong enough.
                               u
                     Institut f¨r Informatik
                                        a
              Albert-Ludwigs-Universit¨t Freiburg
           brucker@informatik.uni-freiburg.de                                 Why UML/OCL?
     http://www.informatik.uni-freiburg.de/~brucker
                                                                                – UML is the standard modeling language in OO development.
                              April 12, 2002
                                                                                – OCL is part of the OMG UML standard.


                                                                                     Specification should not only generate documentation!



Softech                 CASE tool-based system development               2   Softech               CASE tool-based system development                             3
   reiburg                                                                      reiburg


                             Overview                                                     The V-Model (simplified)

1. The V-Model
                                                                                                          System                                    Transition
                                                                                                         Requirem.                                       to
                                                                                                          Analysis                                  Utilziation
2. UML/OCL
                                                                              process and                                                         System
                                                                                                             System
                                                                               development model             Design
                                                                                                                                                 Integration
3. Using specifications: code generation, verification, validation,. . .
                                                                              describes dependencies
                                                                               and (work) flows                Software                      Software
4. Two examples:                                                              ISO standard                   Requirem.                    Integration
                                                                                                               Analysis
                                                                              an example of a
   Automated test case generation using UML/OCL                               phase-based
                                                                               development model                     Software
   ArcSecure                                                                                                         Design



                                                                                                                                   Software
                                                                                                                                Implementation
Softech                CASE tool-based system development                                          4        Softech              CASE tool-based system development                                5
    reiburg                                                                                                    reiburg


        Benefits of using a (semi-) formal                                                                                           CASE Tools
                  specification
                                                                                                                  Computer Aided Software Engineering tools support the
 understanding and communication                                                                                software development process by providing a framework for:

 Formal reasoning and analysis (verification, model checking)                                                documentation
 generating code
                                                                                                             specification
 runtime assertion checking

 generation of test data for validation (testing)                                                           code generation
 use constraints for runtime assertion checking
                                                                                                             validation
 Documentation

                                                                                                             verification


Softech                CASE tool-based system development                                          6        Softech              CASE tool-based system development                                7
    reiburg                                                                                                    reiburg


  The Unified Modeling Language (UML)                                                                          The Object Constraint Language (OCL)


                                             Customer                          Account
                                             name : String                     balance : Real                extension based on logic and
 visual modeling language                   + getName(): String           1..∗ + getBalance(): Real                                             context Account::makeDeposit(amount:Real):Boolean
                                             + netValue(): Real           Role + makeDeposit(a: Real)         set theory
 many diagram types, e.g.                                                      + makeWithdrawal(a: Real)
                                                                                                                                                 pre: amount >= 0
                                                                                                                                                 post: balance = balance@pre + amount
                                                                                                             designed for annotating UML
   – class diagrams (static)
                                                              : Account                                       diagrams
   – state charts (dynamic)                                                                                                                        1..99                    Account
                                       : Customer                                                            in the context of class–            accounts - balance:Real
   – use cases
                                                                                                              diagrams:                                    + getBalance():Real
 diagrammatic method                          getBalance()
                                                                                                                                                           + makeDeposit(amount:Real):Boolean
                                                                                                               – preconditions                             + makeWithdrawal(amount:Real):Boolean
 OO development
                                                                                                               – postconditions
 OMG standard
                                                                                                               – invariants
 widely used
                                                                                                             can be used for other diagram
Softech                CASE tool-based system development                                        8                      Softech                             CASE tool-based system development                                         9
    reiburg                                                                                                                    reiburg


         Verification and Model Checking                                                                                                                     Code Generation
                                                                                                                        semi-formal: generate skeleton/stubs
                                                                                                                        formal: generate implementation

                                                                                                                                                        class Account{                              System                                    Transition
                                                    System                                    Transition
                                                   Requirem.                                       to                                                           float balance;                      Requirem.                                       to

 prove that a implementation fulfills its spec-     Analysis                                  Utilziation                                                                                           Analysis                                  Utilziation



  ification                                             System
                                                                                             System                                                             float getBalance(){                     System
                                                                                                                                                                                                                                             System
                                                                                                                                                                                                                                           Integration
                                                                                           Integration                                                                                                 Design
 abstract: prove properties of an abstract            Design                                                                                                          return balance;
                                                                                                                                                                }
  model                                                 Software
                                                        Requirem.
                                                                                      Software
                                                                                                                                  Account
                                                                                                                                                                                                        Software
                                                                                                                                                                                                        Requirem.
                                                                                                                                                                                                                                      Software
                                                                                                                                                                                                                                     Integration
                                                                                     Integration
 source code level: prove properties of a con-          Analysis
                                                                                                                       + balance: Real
                                                                                                                                                                void setBalance(float balance){           Analysis


                                                                                                                                                                        this .balance = balance;
  crete implementation                                         Software
                                                                                                                       + makeWithdrawal(a: Real):void
                                                                                                                                                                }                                              Software
                                                                                                                                                                                                                Design
 often not fully automated                                     Design



 needs a formal specification                                                Software
                                                                                                                                                                void makeDeposit(float a){                                    Software
                                                                                                                                                                                                                          Implementation
                                                                          Implementation                                                                               // user defined code begins here
                                                                                                                                                                       this .balance = this.balance + a;
                                                                                                                                                                       // end of user defined code
                                                                                                                                                                }
                                                                                                                                                        }



Softech                CASE tool-based system development                                      10                       Softech                             CASE tool-based system development                                       11
    reiburg                                                                                                                    reiburg


                    Assertion Checking                                                                                               Test Case Generation (Validation)

                                                                                                                        test the implementation with a specified input
 generates runtime checks for constraints
                                                                                                                        validates the implementation against its
  (pre-/post-conditions, invariants,. . . )
                                                           System
                                                          Requirem.
                                                                                                         Transition
                                                                                                              to
                                                                                                                         specification                                                               System
                                                                                                                                                                                                   Requirem.
                                                                                                                                                                                                                                              Transition
                                                                                                                                                                                                                                                   to
                                                           Analysis                                      Utilziation
                                                                                                                        meaningful testing requires high grade sets of                             Analysis                                  Utilziation


                                                                                                     System              test data                                                                                                           System
 slightly similar to assert.h                                  System
                                                                Design
                                                                                                   Integration                                                                                         System
                                                                                                                                                                                                       Design
                                                                                                                                                                                                                                           Integration

                                                                                                                        no formal proof of correctness
                                                                  Software
                                                                  Requirem.
                                                                                                 Software
                                                                                                Integration
                                                                                                                        needs a formal specification                                                    Software
                                                                                                                                                                                                        Requirem.
                                                                                                                                                                                                                                      Software
                                                                                                                                                                                                                                     Integration
                                                                   Analysis                                                                                                                              Analysis

 a post-hoc debugging method
                                                                      Software                                                                                                                                 Software
                                                                       Design                                                                                                                                   Design
                                                                                                                       if ( ( a < 5) || ( a > 10) && (b=5)
                                                                                                                       {
 needs a formal specification
                                                                                    Software                                                                                                                                 Software
                                                                                 Implementation                            // Block A                                                                                     Implementation

                                                                                                                       }else{
                                                                                                                           // Block B
                                                                                                                       }
 Softech                                           CASE tool-based system development                                                                          12   Softech                CASE tool-based system development                                13
    reiburg                                                                                                                                                             reiburg


              Test Case Generation (Example)                                                                                                                                  Specifying Security (ArcSecure)
Input: three integer, representing the length of the sides of a triangle
                                                                                                                                                                     model information needed for authorization
Output: whether the input describes an equilateral, isosceles, scalene or                                                                                            based on RBAC with dynamic extensions
  invalid triangle                                                                                                                                                   code generation honors authorization con-             System
                                                                                                                                                                                                                           Requirem.
                                                                                                                                                                                                                            Analysis
                                                                                                                                                                                                                                                                      Transition
                                                                                                                                                                                                                                                                           to
                                                                                                                                                                                                                                                                      Utilziation

                                                                                                                                                                      straints
                                                                                                                                                                                                                                                                     System
                                                                                                                                                                                                                                System
                                                                                                                                                                                                                                                                   Integration
                                                                                                                                                                                                                                Design
    Based on an OCL specification, it is possible to determine
    partition for test case selection automatically.                                                                                                                 only for specification: informal possible
                                                                                                                                                                                                                                 Software
                                                                                                                                                                                                                                 Requirem.
                                                                                                                                                                                                                                                              Software
                                                                                                                                                                                                                                                             Integration
                                                                                                                                                                                                                                  Analysis

                                                                                                                                                                     further analysis requires semi-formal or formal
 already six partitions                                                                                                                                              specification                                                     Software
                                                                                                                                                                                                                                        Design



                                                                                                                                                                                                                                                     Software
 select test cases from these partitions, exploiting boundary cases                                                                                                                                                                              Implementation


                                                                                                                                                                     ArcSecure can profit in all presented ways from
                                                                                                                                                                      the specification



 Softech                                           CASE tool-based system development                                                                          14   Softech                CASE tool-based system development                                15
    reiburg                                                                                                                                                             reiburg


                   Specifying Security (Example)                                                                                                                                               Conclusion
                                                                                                            <<ejb>>
         UserCalendarPerm                                                                                   Calendar
        - actiontype : change                      <<secuml.resourceView>>
                                                         CalendarView              <<secuml.context>>
                                                                                                        + name : string                                              Specification helps mastering complex projects
                                                   + name : string                                      + createEntry()
                                                                                                        + updateEntry()
                                                                                                        + removeEntry()
    <<secuml.permission>>                                                                               + findAllEntries()

                   <<secuml.constraint>>                EntryOwnerPerm
                                                                                                                                                                     Widely used CASE tools support:
                        Ownership                                                                                 0..
                                                      - actiontype : update                                        *
                  {call.current().principal.name
                  = owner}                                                                                   <<ejb>>
                                                                                                              Entry
                                                                                                        + Location : string
                                                                                                                                                                       – documentation generation
      <<secuml.role>>                               <<secuml.permission>>                               + Start : date           <<secuml.constraint>>
           User                                                                                         + End : date              BusinessHoursOnly


                                                    <<secuml.permission>>
                                                                                                        + Owner : string         {time.currentHour() > 8 and
                                                                                                                                 time.currentHour() < 17}              – code generation
                                                                                                        + getEntryInfo()
                                                                                                        + setEntryInfo()
                                                          UserEntryPerm
                                                   - actiontype : read
                                                                                                                              authorization constraint                 – assertion checking
      <<secuml.role>>                                    <<secuml.permission>>
         SuperUser

                                                             SuperUserPerm
                                                                                                                                                                     Specialized CASE tools and academia provide support for
                 role permission
                                                          - actiontype : update
                                                          - actiontype1 : delete                                                                                      validation and verification.