Ambar A. Gadkari

Indian Institute of Technology Bombay, Mumbai, Mahārāshtra, India

Are you Ambar A. Gadkari?

Claim your profile

Publications (8)0.96 Total impact

  • [Show abstract] [Hide abstract]
    ABSTRACT: Model-based test generation techniques based on random input generation and guided simulation do not satisfy the demands of high test coverage and completeness guarantees as required by safety-critical applications. Recently, test generation techniques based on model checking have been reported to bridge this gap. To evaluate the effectiveness of these techniques, an in-house tool suite, AutoMOTGen, has been developed for Simulink/Stateflow and applied on real-life case studies at General Motors. This paper outlines the test generation methodology of AutoMOTGen and gives a comparative study with a commercial, primarily random input-based, test generation tool on the same set of examples. The results indicate that in terms of coverage, model checking-based techniques complement the random input-based techniques. In addition, they provide proofs for unreachability that can aid in debugging the models. Therefore, it is recommended that model checking-based tools be utilized to complement and enhance the effectiveness of model-based testing methods in safety-critical systems engineering.Copyright © 2013 John Wiley & Sons, Ltd.
    Software Testing Verification and Reliability 01/2013; · 0.96 Impact Factor
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Simulink/Stateflow (SL/SF) is the primary modeling notation for the development of control systems in automotive and aerospace industries. In model based testing, test cases derived from a design model are used to show model-code conformance. Safety standards such as ISO 26262 recommend model based testing to show the conformance of a software with the corresponding model. From our experiments with various test generation techniques, we have observed that their coverage capabilities are complementary in nature. With this observation in mind, we have developed a new tool called SmartTestGen which integrates different test generation techniques. In this paper, we discuss SmartTestGen and the different test generation techniques utilized - random testing, constraint solving, model checking and heuristics. We experimented with 20 production-quality SL/SF models and compared the performance of our tool with that of two prominent commercial tools.
    01/2012;
  • S. Arora, A.A. Gadkari, S. Ramesh
    [Show abstract] [Hide abstract]
    ABSTRACT: Requirements of embedded systems often describe the system behavior with quantitative constraints over parameters such as timing, memory, and other resources. In this letter, we present a visual language suited for scenario-based specification of requirements with quantitative constraints. Our language, known as event sequence charts with quantitative constraints (ESC-QC), is inspired by message sequence charts (MSC) and its variants. We introduce ESC-QC notations through an example from automotive requirements and then describe the formal syntax and semantics. Besides being useful for formal documentation and analysis of system requirements, ESC-QC specifications can be translated into monitors and used for run-time verification of designs. In automotive systems Simulink/Stateflow (SL/SF) is widely used for design of control systems. We have developed an algorithm for automatic synthesis of SL/SF monitors from ESC-QC specifications. We have used this algorithm for generating monitors for verification of controller models from active safety and body control applications.
    IEEE embedded systems letters 07/2011;
  • S. Ramesh, Ambar A. Gadkari
    [Show abstract] [Hide abstract]
    ABSTRACT: The development of in-vehicle software, often controlling safety-critical functions related to braking, steering and transmission systems, requires rigorous techniques to ensure high-integrity and reliability requirements. Formal models of requirements and design artifacts based on state-transition systems and other formalisms serve as a means to apply rigorous analysis and verification techniques at every stage in the development process. We present here one such formal analysis and verification flow, developed at General Motors R&D, provide an overview of methods for automatic test generation based on mathematical modeling and discuss the future directions for research.
    Proceedings of the 48th Design Automation Conference, DAC 2011, San Diego, California, USA, June 5-10, 2011; 01/2011
  • [Show abstract] [Hide abstract]
    ABSTRACT: We present AutoMOTGen, a tool for automatic test case generation (ATG) from MATLAB Simulink/Stateflow (SL/SF) models [6] for testing automotive controllers. Our methodology is based on model checking [2]. The main highlights of the tool are: 1 Enhanced coverage of the model elements as well as high-level requirements. 1 A modular design for plug-and-play of different model checkers, test data generators and coverage analysis tools for enhancing the test suite quality. 1 Implements sampling time abstraction to generate tests with lesser number of (discrete) steps in the intermediate model. 1 Implements coverage dependent instrumentation of the model for the structural coverage criteria. 1 Capability to handle SL/SF blocks commonly used in automotive controllers (including blocks such as integrator, delay, multiplication/division, look-up tables, triggered subsystems and hierarchical and parallel charts). The current implementation of AutoMOTGen uses SAL [8] as an intermediate representation and uses associated tools such as sal-atg, sal-bmc and sal-smc for generation of test data and proving the unreachability of some of the coverage goals. AutoMOTGen is implemented in Java and C++ (.NET framework) and uses MATLAB scripting language for extracting the relevant information from SL/SF models required for the purpose of test generation.
    Computer Aided Verification, 20th International Conference, CAV 2008, Princeton, NJ, USA, July 7-14, 2008, Proceedings; 01/2008
  • Source
    Ambar A. Gadkari, S. Ramesh
    [Show abstract] [Hide abstract]
    ABSTRACT: Automated synthesis of monitors from high-level properties plays a significant role in assertion-based verification. We present here a methodology to synthesize assertion monitors from visual specifications given in CESC (Clocked Event Sequence Chart). CESC is a visual language designed for specifying system level interactions involving single and multiple clock domains. It has well-defined graphical and textual syntax and formal semantics based on synchronous language paradigm enabling formal analysis of specifications. In this paper we provide an overview of CESC language with few illustrative examples. The algorithm for automated synthesis of assertion monitors from CESC specifications is described. A few examples from standard bus protocols (OCP-IP and AMBA) are presented to demonstrate the application of monitor synthesis algorithm.
    01/2007;
  • Source
    A.A. Gadkari, S. Ramesh
    [Show abstract] [Hide abstract]
    ABSTRACT: Automated synthesis of monitors from high-level properties plays a significant role in assertion-based verification. We present a methodology to synthesize assertion monitors from visual specifications given in CESC (Clocked Event Sequence Chart). CESC is a visual language designed for specifying system level interactions involving single and multiple clock domains. It has well-defined graphical and textual syntax and formal semantics based on a synchronous language paradigm enabling formal analysis of specifications. We provide an overview of the CESC language with a few illustrative examples. The algorithm for automated synthesis of assertion monitors from CESC specifications is described. A few examples from standard bus protocols (OCP-IP and AMBA) are presented to demonstrate the application of the monitor synthesis algorithm.
    Design, Automation and Test in Europe, 2005. Proceedings; 04/2005
  • Source
    Ambar A. Gadkari, S. Ramesh, Rubin A. Parekhji
    [Show abstract] [Hide abstract]
    ABSTRACT: Verification of present day SoCs is proving to be challenging due to complex interactions among various subcomponents and IPs, with multiple clock domains and diverse bus protocols. The quality of verification depends on the precision in specifying the interaction behaviors. We propose a visual specification language called CESC (Clocked Event Sequence Chart), designed to specify interaction scenarios in SoCs. CESC provides a unique mechanism for representating multiple clock domains, based upon which event occurrences and interactions among different subcomponents can be represented. CESC has a pictorial and textual syntax, and a formal semantics to enable rigorous analysis. The semantics is based on standard notions of partial ordering and timed event traces. CESC is useful in many ways in formalizing SoC verification flows, namely, formalization of verification scenarios, synthesis of protocol checkers and consistency checking of specification versus implementation. This paper describes an algorithm to translate CESC scenarios to protocol checkers used in SoC verification flow. A few examples from industrial designs are included to illustrate the applicability of this formalism in specifying bus transactions and properties of protocols.
    Proceedings of the 14th ACM Great Lakes Symposium on VLSI 2004, Boston, MA, USA, April 26-28, 2004; 01/2004