Criteria and associated tool for functional test coverage of safety critical software



We propose two specific functional test coverage criteria for safety critical software and describe the corresponding measurement tool named GATeL. The two criteria which are proposed illustrate different ways of formally expressing the idea of “graphically covering” the functional requirement diagrams of a software under test.

From a synthetic formal functional description (in Lustre) of those functional requirement diagrams, and additional user interactions to describe the selected test criterion, GATeL uses a constraint solver to define each of the test categories. The tool may then either automatically scan a set of tests and fill the corresponding coverage matrix or generate a test sequence (inputs and expected outputs) for each of the non-empty categories.

Based on our recent experience, this approach has proved to scale up to real size problems producing test scenarios and relevant coverage measurement.