Requirement Interfaces

MoMuT::REQS generates tests from system models given as a set of requirements. In difference to MoMuT::OOAS/UML the model is assumed state-based and synchronous, meaning that for each time-step all inputs and all expected outputs are supplied.  MoMuT::REQS supports OSLC integration with requirements engineering tools, e.g., SystemCockpit, to allow the seamless integration of requirements written in natural language and MoMuT::REQS-style. Thus, it enables a fine-grained traceability between test cases and individual requirements.

Suppose the following requirements (taken from an automotive use-case) are given:

  1. There shall be seven operating states for the safing engine: RESET, INITIAL, DIAGNOSTIC, NORMAL, TEST, SAFE, DESTRUCTION
  2. The safing engine shall change per default from RESET to INIT
  3. On a reset signal, the safing engine shall enter RESET and stay while the reset signal is active

Each of the above requirements can be modelled (“formalized”) by one assume-guarantee pair. Given the input variable reset and the output variable state the requirement interface will comprise the following three assume-guarantee pairs FR1…FR3.

Requirement Interface formalizing the textual customer requirements R1-R3

Once formalized, the tool allows for consistency checks of all modelled requirements at any time. In case the requirements are conflicting, MoMuT::REQS will highlight the conflict sets as shown in the following figure.


Once the requirements are consistent, test cases can be created for all or a subset of requirements. Test cases generated by MoMuT::REQS encode a sequence of input vectors and constraints relating input, output, and hidden valuations that the system must satisfy and that are defined by the requirements interface. The following figure shows the (simplified) test case that specifies the correct transition from the reset to the initial state, as defined by the specification.