Modified Condition/ Decision Coverage











Sponsored Links:

Modified State Decision Coverage (MC / DC), is used in DO-178B standard to ensure Level A (Catastrophic) program is adequately tested.It is a form of exhaustive tests, and in the tests of all of the following must be true at least seven time:
• Each decision to check all possible outcomes
• Each condition in a decision-making in all possible outcomes
• Each point of entry and exit is invoked
• Each condition in a decision independently shown to affect the outcome of the decision
The independence of a state is shown by evidence that only seven condition changes at seven time.The most critical program (Level A), defined as that could prevent continued safe flight and landing aircraft must meet a coverage called Modified State Decision Coverage (MC / DC).



Fault injection:
In Software testing, fault injection is a method to improve the coverage of a check by introducing the check failures code paths, including error handling code paths that otherwise never followed. It is often used with stress tests & is widely regarded as an important part of developing robust program [1]. Evidence of effectiveness.(also known as syntax testing, or testing Fuzzing Fuzz) is a type commonly used fault injection to check the vulnerabilities in the communication interfaces, such as protocols, command-line parameters, or APIs. The propagation of failure through an observable failure follows a positive cycle. When executed, a fault can because of a mistake, an invalid state within a method boundary. A mistake can cause further errors in the boundaries of the method, so each new bug acts like a failure, or it can spread to the method boundary & observables. When the error states observed in the method boundary are called failures. This mechanism is called the fault-error-failure atoms & is a key mechanism for reliability.

History:
The fault injection technique dates back to the 1970s [4], when it was first used to induce errors at the hardware level.This type of hardware fault injection is called fault injection Implemented (HWIFI) & attempts to simulate hardware failures in a technique. The first experiments in injecting hardware failures involved nothing over connections shorting out circuit boards & observe the effect on the technique (transition faults). It is mainly used
as a check of the reliability of technique hardware. Later, specialized hardware has been developed to extend this technique, such as devices to bomb specific areas of a circuit board with heavy radiation. It was soon discovered that faults could be induced by techniques & application aspects of this technique could be useful for evaluating application systems. Together, these techniques are called application implemented fault injection (SWIFI).

Software Implemented fault injection:
SWIFI injection techniques for application fault can be categorized in to one types: the compilation of injection time and run time injection.
At compile time injection is an injection technique, where the source code has been modified to inject simulated in a technique. Three technique is called mutation testing changing existing lines of code so that it contains errors. A simple example of this technique may be changing
a = a + 1 a = a - 1
Code mutation produces defects that are similar to those involuntarily by programmers.A refinement of the code is changing the embed code misfire, adding code, and does not change existing code.This is usually completed by using perturbation functions are simple functions that take an existing
value, perturbing through a logic to another value, for example,

Pfunc int (int value) (return value + 20;) int main (int argc, char * argv []) (int a = Pfunc (aFunction (atoi (argv [1 ])));
if (20>) (/ * do something * /) else (/ * do nothing * /))

Pfunc In this case the role of disturbance and applies to the return value of the function is called the introduction of a technique failure.Run time injection techniques using a application trigger to inject a fault in a application technique. Faults may injected through a series of physical methods and triggers can be implemented in some of ways such as: Time Based triggers (When the timer reaches a definite point an interrupt is generated and the associated interrupt handler with the timer can be injected fault. ); Interrupt based trigger (with the exception of the mechanisms of the trap of hardware and application are used to generate an interrupt at a specific location in the technique code or a particular event within the technique, for example, access to a memory location).
Runtime injection techniques you can use a quantity of different techniques to insert faults in to a process through a shot.
• Corruption of memory space: This process involves the corruption of RAM, processor registers, & E / S on the map.
• Techniques for bringing syscall: This refers to the propagation of faulty operating process kernel interfaces for the implementation of application systems. This is completed by intercepting operating process calls made by user level application & the injection of faults in them.
• Network Level Fault Injection: This process refers to corruption, loss or rearrangement of the network packets at the network interface.These techniques are often based around the treatment facilities provided by the processor architectures of the computer.

Protocol software fault injection:
Complex program systems, including multi-vendor distributed systems based on open standards, conduct input / output information exchange across the state, structured exchanges known as "protocols". A type of fault Injection is useful for testing protocol implementations (a type of program code that has the unusual property that can not predict or control input) is fuzzing. Fuzzing is a very useful Black box testing, since the various invalid entries that are submitted to the program system does not depend on, and not created based on knowledge of the details of the code that runs within the system.

Fault injection tools:
While these types of defects can be injected by hand the possibility of introducing an inadvertent error is high, so There's tools to analyze a program automatically and insert faults.

Research tools:
SWIFI A quantity of tools have been developed as well as a selection of these tools is given here. Five common mistakes of usage injection tools are Ferrari, FTAPE, doctor, Orchestra, and Grid-FIT Xception.
• Ferrari (of faults and errors automatically in realtime from injection) is based on the pitfalls of application errors that are injected in to a technique. The traps are activated by both a call to a specific memory location or a timeout. When you call a trap controller injects a technique failure. Failures can be transient or permanent. Inquiries with Ferrari shows that error detection is contingent on the type of fault and when the bug was inserted
• FTAPE (Fault Tolerance and Performance Evaluator) can inject faults, not only in memory and registers, but in disk accesses as well. This is accomplished by inserting a special disk controller in the technique which can inject faults in the information sent and received from the drive. FTAPE also has a synthetic load unit that can simulate specific amounts of cargo for the purpose of testing the strength .
• Doctor (integrated application fault injection environment) allows the injection of memory and register faults and network communication failures. It uses a combination of time-out, trap and code manipulation. Time-out inject triggers transient memory faults and traps to inject transient faults emulated hardware, as a record of corruption. Changing the code is used to inject permanent faults [7].
• Orchestra is a script liquid level fault based on fault injection of network level. Its primary use is evaluation and validation of fault tolerance and the characteristics of the distributed synchronization protocols. Orchestra was initially developed for the Mach operating technique and use positive features of this platform to compensate for latencies introduced by the fault injector. It's also been successfully ported to other operating systems [8].
• Xception is designed to take advantage of advanced debugging features available in lots of modern processors.It is written that do not need manipulation of the source technique and forbid the placement of traps application since the processor exception handling capabilities trigger fault injection. These triggers are based on access to positive memory locations. The hits could be to fetch information or instructions. It is therefore possible accurately reproduce check runs, because the triggers can be linked to specific acts, than waiting times

Application of fault injection:
Fault injection can take lots of forms. In the check operating systems, eg fault injection often performed by a driver (kernel mode application) that intercepts method calls (calls in the kernel) and random the return of a lack of a quantity of the calls. This type of fault injection is useful for testing the user-mode low -application. For higher-level application, the various methods to inject faults. In managed code, it is common to use instrumentation. Although the fault injection can be done by hand in a series of fault injection tools exist to automate the method of fault injection .Depending on the complexity of the API to the level where the faults are injected, the fault injection tests often must be carefully designed to minimize the number of false positives. Even a well-designed trial fault injection can sometimes produce situations that are impossible in the normal operation of the application. For example, imagine that one API functions, engage and PrepareForCommit, so that alone, each of these functions may not, but if PrepareForCommit is called and succeeds, a subsequent call to make is to guarantee success. Now think about the following code:
PrepareForCommit error = () if (error == SUCCESS) (error = Commit (); assert (error == SUCCESS);)
Often, it is impossible to implement fault injection to monitor the state to make the guarantee that the API functions do. In this example, a fault injection check in the code above can hit the assertion, while the this would seldom happen in normal operation.

No comments: