Applying Automata Learning to Embedded Control Software
W. Smeenk, Joshua Moerman, D.N. Jansen, and F.W. Vaandrager. Applying Automata Learning to Embedded Control Software. In M. Butler, S. Conchon and F. Zaidi, editors. Proceedings 17th International Conference on Formal Engineering Methods (ICFEM 2015), Paris, 3-6 November 2015. LNCS 9407, pp. 1-17, Springer Verlag, 2015. DOI: 10.1007/978-3-319-25423-4_5.Abstract
Using an adaptation of state-of-the-art algorithms for black-box automata learning, as implemented in the LearnLib tool, we succeeded to learn a model of the Engine Status Manager (ESM), a software component that is used in printers and copiers of Oce. The main challenge that we encountered was that LearnLib, although very effective in constructing hypothesis models, was unable to find counterexamples for some hypotheses. In fact, none of the existing FSM-based conformance testing methods that we tried worked for this case study. We therefore implemented the algorithm of Lee and Yannakakis for computing an adaptive distinguishing sequence. Even when an adaptive distinguishing sequence does not exist, this algorithm produces an adaptive sequence that `almost' identifies states. In combination with a standard algorithm for computing separating sequences for pairs of states, we managed to verify states with on average 3 test queries. Altogether, we needed around 60 million queries to learn a model of the ESM with 77 inputs and 3.410 states. We also constructed a model directly from the ESM software and established equivalence with the learned model. To the best of our knowledge, this is the first paper in which active automata learning has been applied to industrial control software.