计算机科学

计算机科学 ›› 2025, Vol. 52 ›› Issue (6A): 240500080-10.doi: 10.11896/jsjkx.240500080

• 计算机软件&体系架构 • 上一篇    下一篇

基于MARTE和STAMP的安全关键软件测试建模方法

薛雯耀, 王轶辰, 任庆玮   

  1. 北京航空航天大学可靠性与系统工程学院 北京 100191
  • 出版日期:2025-06-16 发布日期:2025-06-12
  • 通讯作者: 王轶辰(wangyichen@buaa.edu.cn)
  • 作者简介:(peaceful_world_top@163.com)

Safety-Critical Software Testing Modeling Method Based on MARTE and STAMP

XUE Wenyao, WANG Yichen, REN Qingwei   

  1. College of Reliability and Systems Engineering,Beihang University,Beijing 100191,China
  • Online:2025-06-16 Published:2025-06-12
  • About author:XUE Wenyao,born in 2002,postgra-duate,is a member of CCF(No.Z0312G).His main research interests include model-based embedded software testing technology and so on.
    WANG Yichen,born in 1977,senior engineer.His main research interests include model-based software testing,software quality evaluation,and so on.

PDF (PC)

41

摘要: 基于模型的软件工程(MBSE)方法在安全关键软件(Safety-critical Software)开发和测试中的应用是当前研究的热点。然而,在建立模型时,如何完整且准确地刻画软件的安全属性仍然是一个亟待解决的问题。文中提出了一种创新性的方法,将软件安全性分析深度集成到软件模型构建过程中。该方法结合MARTE(实时和嵌入式系统建模与分析)建模语言和STAMP(系统理论事故模型与过程)理论,通过扩展MARTE构造型或增加标签的方式对非功能属性进行描述,并在MARTE视图层次融入STAMP控制结构模型。最终,通过STPA(系统理论过程分析)技术进行迭代建模,形成一个多视图的混合模型。STPA方法中的控制结构构建、不安全控制行为识别及致因场景分析等步骤展现出更高的分析深度和自动化潜力。案例研究表明,所提方法能够有效且清晰地展示软件系统的功能和非功能性能需求,更好地实现基于模型的软件安全特性刻画,并为测试用例的自动化生成和建模提供坚实的技术基础。

关键词: MARTE模型, STAMP理论, STPA方法, 安全关键软件, 基于模型的软件工程

Abstract: The application of model-based systems engineering(MBSE) methods in the development and testing of safety-critical software has become a current research hotspot.However,accurately and comprehensively modeling the safety attributes of software remains a significant challenge.Safety-critical software,typically embedded in real-time systems,must not only meet stringent functional and safety requirements but also execute operations correctly within strict time constraints to ensure real-time performance and system reliability.In modern software engineering,as the complexity of safety-critical software increases,traditional modeling methods can no longer adequately address the dual demands of high safety and real-time performance.This paper focuses on integrating safety characteristics into model-based testing techniques for safety-critical software,proposing an innovative modeling approach based on the MARTE(modeling and analysis of real-time and embedded systems) language and the STAMP(systems-theoretic accident model and process) theory.This approach extends MARTE stereotypes,adds tags to constrain non-functional properties,and incorporates the STAMP control structure model into the MARTE view hierarchy.A multi-view hybrid model is formed through iterative modeling using STPA(system theoretic process analysis) techniques.Steps in the STPA method,including control structure construction,identification of unsafe control actions,and causal scenario analysis,provide deeper analysis and greater potential for automation.Experimental results demonstrate that the proposed modeling method can effectively and clearly present both functional and non-functional performance requirements of software systems,thus better achieving the characterization of software safety properties based on models.This approach also provides a stronger technical foundation for automated modeling.In the future,we aim to further advance the automation of test model construction,develop software tools that can automatically implement model building and STPA safety analysis,and generate test cases and test systems,thereby enhancing the efficiency of model-based testing techniques.

Key words: MARTE, STAMP, STPA, Safety-critical software, Model-based systems engineering

中图分类号: 

  • TP311.5
[1]KURIAN E,BRAIONE P,BRIOLA D,et al.Automated test case generation for safety-critical software inscade[C]//2023 IEEE/ACM 45th International Conference on Software Engineering:Software Engineering in Practice(ICSE-SEIP).IEEE,2023:483-494.
[2]HENDERSON K,SALADO A.Value and benefits of model‐based systems engineering(MBSE):Evidence from the literature[J].Systems Engineering,2021,24(1):51-66.
[3]MAŽEIKA D,BUTLERIS R.MBSEsec:Model-based systemsengineering method for creating secure systems[J].Applied Sciences,2020,10(7):2574.
[4]BOMBARDA A,BONFANTI S,GARGANTINI A,et al.RATE:A model‐based testing approach that combines model refinement and test execution[J].Software Testing,Verification and Reliability,2023,33(2):e1835.
[5]ZAFAR M N,AFZAL W,ENOIU E.Towards a workflow for model-based testing of embedded systems[C]//Proceedings of the 12th International Workshop on Automating TEST Case Design,Selection,and Evaluation.2021:33-40.
[6]TIAN Y,YIN B,LI C.A model-based test cases generationmethod for spacecraft software[C]//2021 8th International Conference on Dependable Systems and Their Applications(DSA).IEEE,2021:373-382.
[7]KARLSSON V A,ALMASRI A,ENOIU E P,et al.Automation of the creation and execution of system level hardware-in-loop tests through model-based testing[C]//Proceedings of the 13th International Workshop on Automating Test Case Design,Selection and Evaluation.2022:9-16.
[8]PUNNOOSE S,NANDA M,ERABHOVI N.An Adoption ofAutomation Framework for Model-Based Testing to System Testing for Airborne Safety Critical Systems[C]//2023 IEEE AUTOTESTCON.IEEE,2023:1-5.
[9]OMG.UNIFIED MODELING LANGUAGE SPECIFICATION2[EB/OL].(2024-04-15) [2024-05-20].https://www.uml.org.
[10]OMG.Unified Modeling Language:OMG UML Version 2.5.1[S/OL].[2024-05-20].https://www.omg.org/spec/UML/2.5.1/PDF.
[11]OMG.MODELING AND ANALYSIS OF REAL-TIME AND EMBEDDEDSYSTEMS[EB/OL].(2023-11-19)[2024-05-20].https://www.omg.org/omgmarte.
[12]OMG.Profile for MARTE:Modeling and Analysis of Real-Time Embedded Systems Version 1.3[S/OL].[2024-05-20].https://www.omg.org/spec/MARTE/1.3/PDF.
[13]HU X,ZHUANG Y,ZHANG F.A security modeling and verification method of embedded software based on Z and MARTE[J].Computers & Security,2020,88:101615.
[14]ZHONG D,SUN R,GONG H,et al.System-theoretic processanalysis based onSysML/MARTE and NuSMV[J].Applied Sciences,2022,12(3):1671.
[15]XU J,ZHOU Q,DU J,et al.A temporal analysis algorithmbased on the DFT-MARTE model [J].Computer Engineering and Design,2024,45(1):120-129.
[16]WU PP,WU Z X,TANG W B.Real-time Performance Analysis of Intelligent Unmanned Vehicle System Based on Absorbing Markov Chain[J].Computer Science,2021,48(S2):147-153.
[17]NANCY G.LEVESON.Engineering a safer world:systemsthinking applied tosafety[M].Cambridge:The MIT Press,2011:89-100.
[18]NANCY G L,JOHN P T.STPA Handbook:MIT-STAMP-001[EB/OL].(2018-03)[2024-05-21].http://psas.scripts.mit.edu/home/get_file.php?name=STPA_handbook.pdf.
[19]ZHANG Y,DONG C,GUO W,et al.Systems theoretic accident model and process(STAMP):A literaturereview[J].Safety Science,2022,152:105596.
[20]CHAAL M,BANDA O A V,GLOMSRUD J A,et al.A framework to model the STPA hierarchical control structure of an autonomousship[J].Safety Science,2020,132:104939.
[21]BENSACI C,ZENNIR Y,POMORSKI D,et al.Collision hazard modeling and analysis in a multi-mobile robots system transportation task with STPA and SPN[J].Reliability Engineering & System Safety,2023,234:109138.
[22]LIU J,DONG L,CHEN X,et al.Analysis of causative factors in intelligent avionics systems based on improved STPA-DEMATEL [J/OL].Systems Engineering and Electronics:1-15[2024-05-20].Available from:http://kns.cnki.net/kcms/detail/11.2422.TN.20231031.1645.008.html.
[23]BECKER C,VAN EIKEMA HOMMES Q.Transportation systems safety hazard analysis tool(SafetyHAT) user guide(version 1.0)[R/OL].(2014-03-24)[2024-05-20].https://rosap.ntl.bts.gov/view/dot/12034/dot_12034_DS1.pdf.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发