Assertion-Driven Development: Assessing the Quality of Contracts using Meta-Mutations
Research output: Contribution to conferences › Paper › Contributed › peer-review
Contributors
Abstract
Agile development methods have gained momentum in
the last few years and, as a consequence, test-driven development
has become more prevalent in practice. However, test cases are
not sufficient for producing dependable software and we rather
advocate approaches that emphasize the use of assertions or
contracts over that of test cases. Yet, writing self-checks in code
has been shown to be difficult and is itself prone to errors. A
standard technique to specify runtime properties is design-by-
contract (DbC). But how can one test if the contracts themselves
are sensible and sufficient? We propose a measure to quantify
the goodness of contracts (or assertions in a broader sense). We
introduce meta-mutations at the source code level to simulate
common programmer errors that the self-checks are supposed
to detect. We then use random mutation testing to determine
a lower and upper bound on the detectable mutations and
compare these bounds with the number of mutants detected by
the contracts. Contracts are considered “good” if they detect a
certain percentage of the detectable mutations. We have evaluated
our tools on Java classes with contracts specified using the
Java Modeling Language (JML). We have additionally tested the
contract quality of 19 implementations, written independently by
students, based on the same specification.
the last few years and, as a consequence, test-driven development
has become more prevalent in practice. However, test cases are
not sufficient for producing dependable software and we rather
advocate approaches that emphasize the use of assertions or
contracts over that of test cases. Yet, writing self-checks in code
has been shown to be difficult and is itself prone to errors. A
standard technique to specify runtime properties is design-by-
contract (DbC). But how can one test if the contracts themselves
are sensible and sufficient? We propose a measure to quantify
the goodness of contracts (or assertions in a broader sense). We
introduce meta-mutations at the source code level to simulate
common programmer errors that the self-checks are supposed
to detect. We then use random mutation testing to determine
a lower and upper bound on the detectable mutations and
compare these bounds with the number of mutants detected by
the contracts. Contracts are considered “good” if they detect a
certain percentage of the detectable mutations. We have evaluated
our tools on Java classes with contracts specified using the
Java Modeling Language (JML). We have additionally tested the
contract quality of 19 implementations, written independently by
students, based on the same specification.
Details
| Original language | English |
|---|---|
| Pages | 182-191 |
| Number of pages | 10 |
| Publication status | Published - 2009 |
| Peer-reviewed | Yes |
Conference
| Title | ICSTW '09: IEEE International Conference on Software Testing, Verification, and Validation Workshops, IEEE Computer Society, 2009 |
|---|---|
| Abbreviated title | ICSTW '09 |
| Conference number | |
| Duration | 1 April 2009 |
| Degree of recognition | International event |
| Location | |
| City | Denver |
| Country | United States of America |
External IDs
| Scopus | 69949086632 |
|---|
Keywords
Research priority areas of TU Dresden
DFG Classification of Subject Areas according to Review Boards
Keywords
- Design-by-contract, self-checks, mutation testing