A System Identification Based Oracle for Control-CPS Software Fault Localization

Zhijian He, Yao Chen, Enyan Huang, Qixin Wang, Yu Pei, Haidong Yuan

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

24 Citations (Scopus)


Control-CPS software fault localization (SFL, aka bug localization) is of critical importance as bugs may cause major failures, even injuries/deaths. To locate the bugs in control-CPSs, SFL tools often demand many labeled ('correct'/'incorrect') source code execution traces as inputs. To label the correctness of these traces, we must judge the corresponding control-CPS physical trajectories' correctness. However, unlike discrete outputs, the boundaries between correct and incorrect physical trajectories are often vague. The mechanism (aka oracle) to judge the physical trajectories' correctness thus becomes a major challenge. So far, the ad hoc practice of ''human oracles'' is still widely used, whose qualities heavily depend on the human experts' expertise and availability. This paper proposes an oracle based on the well adopted autoregressive system identification (AR-SI). With proven success for controlling black-box physical systems, AR-SI is adapted by us to identify the buggy control-CPS as a black-box. We use this identification result as an oracle to judge the control-CPS's behaviors, and propose a methodology to prepare traces for control-CPS debugging. Comprehensive evaluations on classic control-CPSs with injected real-life and artificial bugs show that our proposed approach significantly outperforms the human oracle approach in SFL accuracy (recall) and latency, and in oracle false positive/negative rates. Our approach also helps discover a new real-life bug in a consumer-grade control-CPS.

Original languageEnglish
Title of host publicationProceedings - 2019 IEEE/ACM 41st International Conference on Software Engineering, ICSE 2019
PublisherIEEE Computer Society
Number of pages12
ISBN (Electronic)9781728108698
Publication statusPublished - May 2019
Event41st IEEE/ACM International Conference on Software Engineering, ICSE 2019 - Montreal, Canada
Duration: 25 May 201931 May 2019

Publication series

NameProceedings - International Conference on Software Engineering
ISSN (Print)0270-5257


Conference41st IEEE/ACM International Conference on Software Engineering, ICSE 2019


  • Cyber-Physical System
  • Debug
  • Oracle
  • Testing

ASJC Scopus subject areas

  • Software


Dive into the research topics of 'A System Identification Based Oracle for Control-CPS Software Fault Localization'. Together they form a unique fingerprint.

Cite this