Overall, the project developed innovative V&V techniques for software-intensive systems in collaboration with industry partners in the automotive, satellite and financial domains. Industrial case studies were used to validate our solutions. Most of the proposed solutions involve the application of machine learning, evolutionary computing, natural language processing, and model-driven engineering. The project outcomes were disseminated through various means, such as publications and presentations. Among them, 73 peer-reviewed publications acknowledge the ERC grant, 31 of them in journals (including the best ones in the field) and the rest in reputable conferences, which are typically selective and prestigious in computer science sub-fields. In addition, the knowledge and technologies produced from the project were transferred to the industry partners, which are in the process of adopting our V&V solutions. Specific project topics addressed during the project period are described below.
● Requirements Quality Assurance
We focused on the automation for some complex and laborious RQA (requirements quality assurance) tasks. Our focus throughout was on requirements stated in natural (human) language, motivated by the prevalent use of natural-language requirements in industry.
● Model-Based Testing of Software-Based Systems and Services
We developed automated testing solutions that leverage the artifacts commonly produced during software analysis and design practices: requirements specifications in natural language, domain models, and timed automata capturing the timing requirements of the system. In addition, we proposed scalable and efficient automated testing solutions through the combination of (1) a methodology to model the input and output of the system and their relationships, and (2) a set of techniques for the automated generation of optimized test suites using model-based data mutation, meta-heuristic search and constraint solving. Furthermore, we devised a technology to support the optimization of hardware-in-the-loop testing, which is usually the last stage before deployment and typically a very time-consuming and expensive activity.
● Testing and Analysis of Product lines
We developed and validated a technique for the automated classification and prioritization of test cases in the context of product lines and requirements-driven testing. The technique relies on change impact analysis to identify obsolete and reusable test cases. To automatically prioritize test cases, the technique relies on a prediction model that computes a prioritization score based on multiple risk factors such as fault-proneness of requirements and requirements volatility.
● Security Testing
The work on security testing led to the development of automated, black-box solutions to identify the most frequent security risks according to OWASP, e.g. SQL injection vulnerabilities, XML injection vulnerabilities. Our approach is however generalizable to most types of vulnerabilities.
● Model Testing
We developed an environment for the co-simulation of software models (in UML) and function models in Simulink, which is a necessary platform for early design verification. In addition, we developed a framework to perform trace checking of simulation results in order to verify the types of properties that are typically checked on input and output signals in cyber-physical systems.