Data Flow Analysis of System Specifications in Lotos

In LOTOS, a system is specified as a behaviour expression describing the externally observable behaviour of the system in terms of possible sequences of interactions between the system and its environment. The desired control flow and data flow that must be established by a possible implementation of the system are specified in the behaviour expression as implicit enumarations of allowed sequences of interaction identifiers and relationships among interaction parameters, respectively. A model exposing the desired flow of data within the allowed control flow expressed in a system specification in LOTOS is presented. Based on the explicit information provided by the model, data flow anomaly detection and data flow oriented test selection are facilitated. A comprehensive example, i.e. an alternating bit protocol specification, is used to illustrate both these validation activities. An error in this specification is revealed by the analysis of a data flow anomaly detected within the specification. A set of test paths is derived from the specification by the application of an existing data flow oriented test selection criterion, called all-uses criterion.