Bootstrapping Automated Testing for RESTful Web Services

AbstractModern RESTful services expose RESTful APIs to integrate with diversified applications. Most RESTful API parameters are weakly typed, which greatly increases the possible input value space. This poses difficulties for automated testing tools to generate effective test cases to reveal web service defects related to parameter validation. We call this phenomenon the type collapse problem. To remedy this problem, we introduce FET (Format-encoded Type) techniques, including the FET, the FET lattice, and the FET inference to model fine-grained information for API parameters. Enhanced by FET techniques, automated testing tools can generate targeted test cases. We demonstrate Leif, a trace-driven fuzzing tool, as a proof-of-concept implementation of FET techniques. Experiment results on 27 commercial services show that FET inference precisely captures documented parameter definitions, which helps Leif to discover 11 new bugs and reduce $$72\% \sim 86\%$$ 72 % ∼ 86 % fuzzing time as compared to state-of-the-art fuzzers.

Download Full-text

An Architecture for Restful Web Service Discovery Using Semantic Interfaces

International Journal on Semantic Web and Information Systems ◽

10.4018/ijswis.2020010101 ◽

2020 ◽

Vol 16 (1) ◽

pp. 1-24

Author(s):

José Renato Villela Dantas ◽

Pedro Porfirio Muniz Farias

Keyword(s):

Web Services ◽

Web Service ◽

Service Discovery ◽

Web Service Discovery ◽

Representational State Transfer ◽

State Transfer ◽

Internet Environment ◽

Restful Web Service ◽

Restful Web Services ◽

Restful Services

In the internet environment, web services based on representational state transfer (REST) have become the de facto standard. The addition of semantics is intended to enhance the description of web services with information that enables automatic agents to understand their data. However, the existence of different languages to semantically describe services makes it difficult to discover and select the service that best meets a requirement. Furthermore, relatively few proposals have a RESTful service semantic description, making the discovery process for RESTful services more difficult. This work proposes a RESTful semantic web service discovery architecture based on semantic interfaces (SERIN). SERIN is an ontology with annotations that semantically describe RESTful web services. This architecture enables software agents to automatically discover and make service calls in order to execute a determined task.

Download Full-text

TESTAR

International Journal of Information System Modeling and Design ◽

10.4018/ijismd.2015070103 ◽

2015 ◽

Vol 6 (3) ◽

pp. 46-83 ◽

Cited By ~ 28

Author(s):

Tanja E.J. Vos ◽

Peter M. Kruse ◽

Nelly Condori-Fernández ◽

Sebastian Bauersfeld ◽

Joachim Wegener

Keyword(s):

Graphical User Interface ◽

State Of The Art ◽

Research Impact ◽

Automated Testing ◽

Test Cases ◽

Sensitive Test ◽

Testing Tools ◽

Innovation Transfer ◽

Insight Into ◽

Maintenance Problem

Testing applications with a graphical user interface (GUI) is an important, though challenging and time consuming task. The state of the art in the industry are still capture and replay tools, which may simplify the recording and execution of input sequences, but do not support the tester in finding fault-sensitive test cases and leads to a huge overhead on maintenance of the test cases when the GUI changes. In earlier works the authors presented the TESTAR tool, an automated approach to testing applications at the GUI level whose objective is to solve part of the maintenance problem by automatically generating test cases based on a structure that is automatically derived from the GUI. In this paper they report on their experiences obtained when transferring TESTAR in three different industrial contexts with decreasing involvement of the TESTAR developers and increasing participation of the companies when deploying and using TESTAR during testing. The studies were successful in that they reached practice impact, research impact and give insight into ways to do innovation transfer and defines a possible strategy for taking automated testing tools into the market.

Download Full-text

A General Overview of RESTful Web Services

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Applications and Approaches to Object-Oriented Software Design ◽

10.4018/978-1-7998-2142-7.ch006 ◽

2020 ◽

pp. 133-165

Author(s):

Eyuphan Ozdemir

Keyword(s):

Web Services ◽

Web Service ◽

General Overview ◽

Core Elements ◽

Restful Service ◽

Restful Web Service ◽

Restful Web Services ◽

Software Architectural Style ◽

Restful Services ◽

Abstraction Principles

This chapter aims to present a general overview of today's dominant software architectural style for developing web services, namely REST, by comparing the core elements of this paradigm with the big web service model. The study evaluates the HTTP requests, responses, and thus, the SOAP/JSON payloads involved in consuming a big web service and a RESTful service that is developed in the ASP.NET Core Web API framework. After summarizing the REST constraints, the chapter elucidates how the example RESTful web service satisfies these constraints and lists some scenarios suited to each paradigm. The study notes the object-oriented elements that are inherent in RESTful services, specifically how polymorphism and abstraction principles can be applied to RESTful services.

Download Full-text

Resource and dependency based test case generation for RESTful Web services

Empirical Software Engineering ◽

10.1007/s10664-020-09937-1 ◽

2021 ◽

Vol 26 (4) ◽

Author(s):

Man Zhang ◽

Bogdan Marculescu ◽

Andrea Arcuri

Keyword(s):

Web Services ◽

Domain Knowledge ◽

Automated System ◽

Test Case ◽

Test Cases ◽

Evolutionary Search ◽

Sampling Strategies ◽

Mutation Operators ◽

On Line ◽

Restful Web Services

AbstractNowadays, RESTful web services are widely used for building enterprise applications. REST is not a protocol, but rather it defines a set of guidelines on how to design APIs to access and manipulate resources using HTTP over a network. In this paper, we propose an enhanced search-based method for automated system test generation for RESTful web services, by exploiting domain knowledge on the handling of HTTP resources. The proposed techniques use domain knowledge specific to RESTful web services and a set of effective templates to structure test actions (i.e., ordered sequences of HTTP calls) within an individual in the evolutionary search. The action templates are developed based on the semantics of HTTP methods and are used to manipulate the web services’ resources. In addition, we propose five novel sampling strategies with four sampling methods (i.e., resource-based sampling) for the test cases that can use one or more of these templates. The strategies are further supported with a set of new, specialized mutation operators (i.e., resource-based mutation) in the evolutionary search that take into account the use of these resources in the generated test cases. Moreover, we propose a novel dependency handling to detect possible dependencies among the resources in the tested applications. The resource-based sampling and mutations are then enhanced by exploiting the information of these detected dependencies. To evaluate our approach, we implemented it as an extension to the EvoMaster tool, and conducted an empirical study with two selected baselines on 7 open-source and 12 synthetic RESTful web services. Results show that our novel resource-based approach with dependency handling obtains a significant improvement in performance over the baselines, e.g., up to + 130.7% relative improvement (growing from + 27.9% to + 64.3%) on line coverage.

Download Full-text

Multi-criteria Web Services Selection: Balancing the Quality of Design and Quality of Service

ACM Transactions on Internet Technology ◽

10.1145/3446388 ◽

2022 ◽

Vol 22 (1) ◽

pp. 1-31

Author(s):

Marwa Daaji ◽

Ali Ouni ◽

Mohamed Mohsen Gammoudi ◽

Salah Bouktif ◽

Mohamed Wiem Mkaouer

Keyword(s):

Quality Of Service ◽

Web Services ◽

Web Service ◽

State Of The Art ◽

Service Selection ◽

Service Design ◽

Design Quality ◽

Trade Off ◽

Selection Approach

Web service composition allows developers to create applications via reusing available services that are interoperable to each other. The process of selecting relevant Web services for a composite service satisfying the developer requirements is commonly acknowledged to be hard and challenging, especially with the exponentially increasing number of available Web services on the Internet. The majority of existing approaches on Web Services Selection are merely based on the Quality of Service (QoS) as a basic criterion to guide the selection process. However, existing approaches tend to ignore the service design quality, which plays a crucial role in discovering, understanding, and reusing service functionalities. Indeed, poorly designed Web service interfaces result in service anti-patterns, which are symptoms of bad design and implementation practices. The existence of anti-pattern instances in Web service interfaces typically complicates their reuse in real-world service-based systems and may lead to several maintenance and evolution problems. To address this issue, we introduce a new approach based on the Multi-Objective and Optimization on the basis of Ratio Analysis method (MOORA) as a multi-criteria decision making (MCDM) method to select Web services based on a combination of their (1) QoS attributes and (2) QoS design. The proposed approach aims to help developers to maintain the soundness and quality of their service composite development processes. We conduct a quantitative and qualitative empirical study to evaluate our approach on a Quality of Web Service dataset. We compare our MOORA-based approach against four commonly used MCDM methods as well as a recent state-of-the-art Web service selection approach. The obtained results show that our approach outperforms state-of-the-art approaches by significantly improving the service selection quality of top- k selected services while providing the best trade-off between both service design quality and desired QoS values. Furthermore, we conducted a qualitative evaluation with developers. The obtained results provide evidence that our approach generates a good trade-off for what developers need regarding both QoS and quality of design. Our selection approach was evaluated as “relevant” from developers point of view, in improving the service selection task with an average score of 3.93, compared to an average of 2.62 for the traditional QoS-based approach.

Download Full-text

Grid Business Process

Securing Web Services ◽

10.4018/978-1-59904-639-6.ch011 ◽

2008 ◽

pp. 257-297 ◽

Cited By ~ 3

Author(s):

Asif Akram ◽

Rob Allen ◽

Sanjay Chaudhary ◽

Prateek Jain ◽

Zakir Laliwala

Keyword(s):

Web Services ◽

Web Service ◽

Business Process ◽

Use Cases ◽

Proof Of Concept ◽

Service Standards

This chapter presents a ‘Case Study’ based on the distributed market. The requirements of this Grid Business Process are more demanding than any typical business process deployed within a single organization or enterprise. Recently different specifications built on top of Web service standards have originated from the Grid paradigm to address limitations of stateless Web services. These emerging specifications are evaluated in the first part of the chapter to capture requirements of a dynamic business process i.e. Business Process Grid. In second part of the chapter, a case study with different use cases is presented to simulate various scenarios. The abstract discussion and requirements of the case study is followed by the actual implementation. The implementation is meant for the proof-of-concept rather than fully functional application.

Download Full-text

Web service matching for RESTful web services

2011 13th IEEE International Symposium on Web Systems Evolution (WSE) ◽

10.1109/wse.2011.6081829 ◽

2011 ◽

Cited By ~ 10

Author(s):

Reihaneh Rabbany Khorasgani ◽

Eleni Stroulia ◽

Osmar R. Zaiane

Keyword(s):

Web Services ◽

Web Service ◽

Service Matching ◽

Restful Web Services

Download Full-text

TOWARDS STANDARD TEST COLLECTIONS FOR THE EMPIRICAL EVALUATION OF SEMANTIC WEB SERVICE APPROACHES

International Journal of Semantic Computing ◽

10.1142/s1793351x0800052x ◽

2008 ◽

Vol 02 (03) ◽

pp. 381-402 ◽

Cited By ~ 6

Author(s):

ULRICH KÜSTER ◽

BIRGITTA KÖNIG-RIES

Keyword(s):

Web Services ◽

Semantic Web ◽

Web Service ◽

State Of The Art ◽

Empirical Evaluation ◽

Standard Test ◽

Semantic Web Services ◽

Use Case ◽

Semantic Web Service ◽

Test Collections

Semantic web services have received a significant amount of attention in the last years and many frameworks, algorithms and tools leveraging them have been proposed. Nevertheless surprisingly little effort has been put into the evaluation of the approaches so far. The main blocker of thorough evaluations is the lack of large and diverse test collections of semantic web services. In this paper we analyze requirements on such collections and shortcomings of the state-of-the-art in this respect. Our contribution to overcoming those shortcomings is OPOSSum, a portal to support the community to build the necessary standard semantic web service test collections in a collaborative way. We discuss how existing test collections have been integrated with OPOSSum, showcase the benefits of OPOSSum by an illustrative use case and outline next steps towards better standard test collections of semantic web services.

Download Full-text

A FRAMEWORK FOR ADAPTIVE AND DYNAMIC COMPOSITION OF WEB SERVICES

Journal of Interconnection Networks ◽

10.1142/s0219265905001393 ◽

2005 ◽

Vol 06 (03) ◽

pp. 209-228 ◽

Cited By ~ 1

Author(s):

QUSAY H. MAHMOUD ◽

WASSAM ZAHREDDINE

Keyword(s):

Web Services ◽

Web Service ◽

Open Problem ◽

Proof Of Concept ◽

Dynamic Composition ◽

Novel Approach ◽

Semantic Ontology ◽

Inputs And Outputs

The modularity of web services has left an open problem in composition, a scenario that involves an amalgamation of two or more web services to fulfill a request that no one web service is able to provide. This paper presents a framework for adaptive and dynamic composition of web services, enabling web services to be discovered either statically or dynamically by utilizing a semantic ontology to describe web services and their methods. This novel approach gives greater control on how web services are dynamically discovered by allowing the application developer to specify how matches are made, which goes beyond the present techniques of semantically matching inputs and outputs along with classification taxonomies. We utilize the Composite Capabilities/Preferences Profiles (CC/PP) to adapt the interface and content to be compatible with virtually any device. A proof of concept implementation has been constructed that enables users of any device to dynamically discover context-based services that will be dynamically composed to satisfy a user's request. In addition, we have designed and implemented a UDDI-like registry to support context-based adaptive composition of web services. Existing web services can be easily adapted and new web services can be effortlessly deployed.

Download Full-text

GENERATING TEST CASES OF COMPOSITE SERVICES BASED ON OWL-S AND EH-CPN

International Journal of Software Engineering and Knowledge Engineering ◽

10.1142/s0218194010004955 ◽

2010 ◽

Vol 20 (07) ◽

pp. 921-941 ◽

Cited By ~ 4

Author(s):

BIXIN LI ◽

SHUNHUI JI ◽

DONG QIU ◽

JU CAI

Keyword(s):

Web Services ◽

Web Service ◽

Complex Function ◽

Control Flow ◽

Test Sequence ◽

Test Cases ◽

Automatic Integration ◽

Flow Information ◽

Composite Services ◽

Service Reuse

In web service times, the techniques for composing services are based on service reuse and automatic integration. A new web service will be generated by composing some existing web services. These web services cooperate with each other to provide a new more complex function. It is necessary and very important to test the interaction behavior between any two web services during composition. In this paper, a kind of enhanced hierarchical color petri-net (or EH-CPN) is introduced to generate test cases for testing the interaction, where EH-CPN is transformed from OWL-S document, and both control flow and data flow information in EH-CPN are analyzed and used to generate an executable test sequence, and further test cases are created by combining the test sequence and test data in an XML file.

Download Full-text