scholarly journals An Approach of Vulnerability Testing for Third-Party Component Based on Condition and Parameter Mutation

2013 ◽  
Vol 2013 ◽  
pp. 1-11 ◽  
Author(s):  
Jinfu Chen ◽  
Jiamei Chen ◽  
Yongzhao Zhan ◽  
Weihe Chen ◽  
Rubing Huang
Keyword(s):  
Third Party ◽  
Test Case ◽  
Test Cases ◽  
Generation Algorithm ◽  
Testing Method ◽  
Mutation Operators ◽  
Generate Test Case ◽  
Vulnerability Testing ◽  
Boundary Value Method ◽  
Parameter Values

The research on component vulnerability testing is critical. In this paper, an approach of vulnerability testing is proposed based on condition mutation and parameter mutation in order to effectively detect the explicit vulnerabilities of third-party components. To start with, the Pre-condition Mutation Algorithm (PCMA) is presented to generate mutants set of the pre-condition and test cases are generated based on these mutants. Then, the Single Parameter Mutated Values (SPMV) procedure is addressed to generate parameter values based on mutation operators of parameter specification. These values are then taken as the input of the Test Case Generation Algorithm based on the Parameter Constraint (TCGPC), which is addressed to generate test case set violating the parameter constraint. The explicit vulnerabilities can be detected by the vulnerability detecting algorithm based on the test cases of condition and parameter mutation. The experiments show that our approach can detect explicit vulnerability faults of third-party components. Furthermore, the proposed approach can detect more vulnerability faults than other related approaches such as condition coverage methods, fuzzy testing method and boundary value method.

scholarly journals Resource and dependency based test case generation for RESTful Web services

2021 ◽  
Vol 26 (4) ◽  
Author(s):  
Man Zhang ◽  
Bogdan Marculescu ◽  
Andrea Arcuri
Keyword(s):  
Web Services ◽  
Domain Knowledge ◽  
Automated System ◽  
Test Case ◽  
Test Cases ◽  
Evolutionary Search ◽  
Sampling Strategies ◽  
Mutation Operators ◽  
On Line ◽  
Restful Web Services

AbstractNowadays, RESTful web services are widely used for building enterprise applications. REST is not a protocol, but rather it defines a set of guidelines on how to design APIs to access and manipulate resources using HTTP over a network. In this paper, we propose an enhanced search-based method for automated system test generation for RESTful web services, by exploiting domain knowledge on the handling of HTTP resources. The proposed techniques use domain knowledge specific to RESTful web services and a set of effective templates to structure test actions (i.e., ordered sequences of HTTP calls) within an individual in the evolutionary search. The action templates are developed based on the semantics of HTTP methods and are used to manipulate the web services’ resources. In addition, we propose five novel sampling strategies with four sampling methods (i.e., resource-based sampling) for the test cases that can use one or more of these templates. The strategies are further supported with a set of new, specialized mutation operators (i.e., resource-based mutation) in the evolutionary search that take into account the use of these resources in the generated test cases. Moreover, we propose a novel dependency handling to detect possible dependencies among the resources in the tested applications. The resource-based sampling and mutations are then enhanced by exploiting the information of these detected dependencies. To evaluate our approach, we implemented it as an extension to the EvoMaster tool, and conducted an empirical study with two selected baselines on 7 open-source and 12 synthetic RESTful web services. Results show that our novel resource-based approach with dependency handling obtains a significant improvement in performance over the baselines, e.g., up to + 130.7% relative improvement (growing from + 27.9% to + 64.3%) on line coverage.

Test-Case Mutation

2007 ◽  
pp. 157-176
Author(s):  
Macario Polo ◽  
Mario Piattini
Keyword(s):  
Object Oriented ◽  
Test Case ◽  
Test Cases ◽  
Testing Technique ◽  
Specific Mutation ◽  
Mutation Operators ◽  
Supporting Tool

This chapter presents a new testing technique called “test-case mutation.” The idea is to apply a set of specific mutation operators to test cases for object-oriented software, which produces different versions of the original test cases. Then, the results of the original test case and of its corresponding mutants are compared; if they are very similar, the technique highlights the possible presence of a fault in the class under test. The technique seems useful for testing the correctness of strongly constrained classes. The authors have implemented a supporting tool that is also described in the chapter.

Software Product Line Testing Based on Feature Model Mutation

2017 ◽  
Vol 27 (05) ◽  
pp. 817-839 ◽  
Author(s):  
Johnny Maikeo Ferreira ◽  
Silvia Regina Vergilio ◽  
Marcos Quinaia
Keyword(s):  
Software Product Line ◽  
Product Line ◽  
Experimental Results ◽  
Feature Model ◽  
Test Case ◽  
Test Cases ◽  
Mutation Operators ◽  
Software Product ◽  
Pairwise Testing ◽  
Feature Management

The Feature Model (FM) is a fundamental artifact of the Software Product Line (SPL) engineering, used to represent commonalities and variabilities, and also to derive products for testing. However, the test of all features combinations (products) is not always possible in practice. Due to the growing complexity of the applications, only a subset of products is usually selected. The selection is generally based on combinatorial testing, to test features interactions. This kind of selection does not consider different classes of faults that can be present in the FM. The application of a fault-based approach, such as mutation-based testing, can increase the probability of finding faults and the confidence that the SPL products match the requirements. Considering that, this paper introduces a mutation approach to select products for the feature testing of SPLs. The approach can be used similarly to a test criterion in the generation and assessment of test cases. It includes (i) a set of mutation operators, introduced to describe typical faults associated to the feature management and to the FM; and (ii) a testing process to apply the operators. Experimental results show the applicability of the approach. The selected test case sets are capable to reveal other kind of faults, not revealed in the pairwise testing.

A Analysis and Research on the Methods of Object Oriented Software Testing

2013 ◽  
Vol 709 ◽  
pp. 616-619
Author(s):  
Jing Chen
Keyword(s):  
Genetic Algorithm ◽  
Genetic Algorithms ◽  
Test Data ◽  
Object Oriented ◽  
Automatic Generation ◽  
Test Case Generation ◽  
Test Case ◽  
Test Cases ◽  
Path Coverage ◽  
Parameter Values

This paper proposes a genetic algorithm-based method to generate test cases. This method provides information for test case generation using state machine diagrams. Its feature is realizing automation through fewer generated test cases. In terms of automatic generation of test data based on path coverage, the goal is to build a function that can excellently assess the generated test data and guide the genetic algorithms to find the targeting parameter values.

scholarly journals Tool for Generating Behavior-Driven Development Test-Cases

2020 ◽  
Vol 6 (1) ◽  
pp. 27
Author(s):  
Indra Kharisma Raharjana ◽  
Fadel Harris ◽  
Army Justitia
Keyword(s):  
Web Application ◽  
Web Applications ◽  
Test Case ◽  
Test Cases ◽  
Use Case ◽  
Case Scenario ◽  
Case File ◽  
Entry Level ◽  
Generate Test Case ◽  
Agile Software

Background: Testing using Behavior-Driven Development (BDD) techniques is one of the practices of Agile software development. This technique composes a test-case based on a use case scenario, for web application acceptance tests.Objective:  In this study, we developed a tool to generate test case codes from BDD scenario definitions to help and facilitate practitioners to conduct testing.Methods: The generated test case code is made according to the codeception framework format so that it can be directly executed by the tester. The procedure is performed as follows:  map the correlation of the language used in BDD (gherkin language) and the code syntax of the test code in the codeception framework, designed the GUIs in such a way that users can easily transform the Use Case Scenario, built the tool so that it can generate test cases codes. Evaluation is done by gathering respondents; ask to run the application and gathering feedback from respondents.Results: This tool can generate a codeception test-case file based on the BDD scenario. Generated test cases can be directly used on codeception tools. The results of the evaluation show that the tools can help entry-level programmers in developing automated tests.Conclusion: The tool can help user especially entry-level programmers to generate BDD test-case and make easy for the users for testing the web applications.

Usage notes

1994 ◽  
Author(s):  
Douglas Schenck ◽  
Peter Wilson
Keyword(s):  
Formal Specification ◽  
Object Oriented ◽  
Data Type ◽  
Test Case ◽  
Test Cases ◽  
Formal Definition ◽  
Actual Parameter ◽  
Parameter Values ◽  
Individual Objects

Now we discuss some of the potential uses of the EXPRESS-I language. In Object-Oriented terms, an EXPRESS entity would be called a class, and an instance of a class is termed an object. One object may reference another object. EXPRESS, though, distinguishes between entities and types (i.e., the enumeration, select and the defined data type) as entities may be subtyped whereas types cannot be. EXPRESS-I treats entity instances as objects in the OO sense. It also allows types to be treated as objects in that they can be instantiated and referenced. Alternatively, type values may be embedded in entity instances. The simplest use of EXPRESS-I is as a paper exercise in displaying examples of EXPRESS declarations that are populated with data. The language allows the display of entity instances as referenceable objects. Types instances may also be displayed as referenceable objects, or they may appear as unreferenceable values within other objects' values. Examples in this book show both forms of type instantiation. Values of explicit entity attributes are required. The values of derived or inverse attributes need not be displayed, except as exemplars, because as noted, these are essentially calculable from the values of the explicit attributes. Examples of EXPRESS schemas can also be displayed, as well as individual objects. The EXPRESS-I model construct is provided to enable the display of multiple schemas. Typically, a model would be used when two or more EXPRESS schemas interact with each other. Note that EXPRESS itself does not support such a construct. Note: We do not discuss models in this book. The test case construct is provided to assist in the formal specification of test cases against the implementation of an EXPRESS schema. EXPRESS itself does not provide an equivalent construct. For a test case, a base set of EXPRESS-I objects must be defined which will be the objects (and their supporting data) to be tested. The values of these objects may be in the form of parameters, whose formal definition are given in an enclosing context. A series of test cases may then be defined on the context, by providing actual parameter values.

scholarly journals Test Case Recording using JavaScript for Automation Testing

2021 ◽  
Vol 10 (1) ◽  
pp. 153-157
Author(s):  
T Kishan Singh* ◽  
Pavithra H.
Keyword(s):  
Test Case ◽  
Test Cases ◽  
Light Weight ◽  
Test Automation ◽  
Testing Method ◽  
Recording Process ◽  
Web Testing ◽  
Automation Testing

Test automation is the usage of software to monitor the execution of experiments and the comparison of actual results with expected results, apart from the software being evaluated. In a formalized web testing method already in place, test automation may automatize certain routine but required tasks and carry out extra testing which can be troublesome to try and perform manually. There is a need to simplify the test case recording process as most of the methods used at present requires the testers to generate scripts using any coding language. Hence, a light weight script less model is developed which uses JavaScript to record mouse and keyboard actions. Selenium framework is used to induce the JavaScript in the browser. Therefore, this paper focuses on developing a lightweight script less model for recording test cases on browsers.

scholarly journals Performance of Enhanced Multiple-Searching Genetic Algorithm for Test Case Generation in Software Testing

Mathematics ◽  
2021 ◽  
Vol 9 (15) ◽  
pp. 1779
Author(s):  
Wanida Khamprapai ◽  
Cheng-Fa Tsai ◽  
Paohsi Wang ◽  
Chi-En Tsai
Keyword(s):  
Genetic Algorithm ◽  
Software Testing ◽  
Random Search ◽  
Automatic Generation ◽  
Superior Performance ◽  
Test Case Generation ◽  
Test Case ◽  
Test Cases ◽  
Network Systems ◽  
Routing Problem

Test case generation is an important process in software testing. However, manual generation of test cases is a time-consuming process. Automation can considerably reduce the time required to create adequate test cases for software testing. Genetic algorithms (GAs) are considered to be effective in this regard. The multiple-searching genetic algorithm (MSGA) uses a modified version of the GA to solve the multicast routing problem in network systems. MSGA can be improved to make it suitable for generating test cases. In this paper, a new algorithm called the enhanced multiple-searching genetic algorithm (EMSGA), which involves a few additional processes for selecting the best chromosomes in the GA process, is proposed. The performance of EMSGA was evaluated through comparison with seven different search-based techniques, including random search. All algorithms were implemented in EvoSuite, which is a tool for automatic generation of test cases. The experimental results showed that EMSGA increased the efficiency of testing when compared with conventional algorithms and could detect more faults. Because of its superior performance compared with that of existing algorithms, EMSGA can enable seamless automation of software testing, thereby facilitating the development of different software packages.

scholarly journals Automated Search-Based Robustness Testing for Autonomous Vehicle Software

2016 ◽  
Vol 2016 ◽  
pp. 1-15 ◽  
Author(s):  
Kevin M. Betts ◽  
Mikel D. Petty
Keyword(s):  
Monte Carlo ◽  
Performance Metrics ◽  
Initial Conditions ◽  
Autonomous Vehicle ◽  
Vehicle Control ◽  
Test Case ◽  
Test Cases ◽  
Control Software ◽  
Robustness Testing ◽  
Testing Techniques

Autonomous systems must successfully operate in complex time-varying spatial environments even when dealing with system faults that may occur during a mission. Consequently, evaluating the robustness, or ability to operate correctly under unexpected conditions, of autonomous vehicle control software is an increasingly important issue in software testing. New methods to automatically generate test cases for robustness testing of autonomous vehicle control software in closed-loop simulation are needed. Search-based testing techniques were used to automatically generate test cases, consisting of initial conditions and fault sequences, intended to challenge the control software more than test cases generated using current methods. Two different search-based testing methods, genetic algorithms and surrogate-based optimization, were used to generate test cases for a simulated unmanned aerial vehicle attempting to fly through an entryway. The effectiveness of the search-based methods in generating challenging test cases was compared to both a truth reference (full combinatorial testing) and the method most commonly used today (Monte Carlo testing). The search-based testing techniques demonstrated better performance than Monte Carlo testing for both of the test case generation performance metrics: (1) finding the single most challenging test case and (2) finding the set of fifty test cases with the highest mean degree of challenge.

scholarly journals PRIORITIZATION OF COMBINATORIAL TEST CASES BY INCREMENTAL INTERACTION COVERAGE

2013 ◽  
Vol 23 (10) ◽  
pp. 1427-1457 ◽  
Author(s):  
RUBING HUANG ◽  
XIAODONG XIE ◽  
DAVE TOWEY ◽  
TSONG YUEH CHEN ◽  
YANSHENG LU ◽  
...  
Keyword(s):  
Test Case ◽  
Test Cases ◽  
New Strategy ◽  
Testing Cost ◽  
Test Prioritization ◽  
Interaction Testing ◽  
Parameter Interactions ◽  
Combinatorial Interaction Testing ◽  
Alternative Assumption ◽  
Better Than

Combinatorial interaction testing is a well-recognized testing method, and has been widely applied in practice, often with the assumption that all test cases in a combinatorial test suite have the same fault detection capability. However, when testing resources are limited, an alternative assumption may be that some test cases are more likely to reveal failure, thus making the order of executing the test cases critical. To improve testing cost-effectiveness, prioritization of combinatorial test cases is employed. The most popular approach is based on interaction coverage, which prioritizes combinatorial test cases by repeatedly choosing an unexecuted test case that covers the largest number of uncovered parameter value combinations of a given strength (level of interaction among parameters). However, this approach suffers from some drawbacks. Based on previous observations that the majority of faults in practical systems can usually be triggered with parameter interactions of small strengths, we propose a new strategy of prioritizing combinatorial test cases by incrementally adjusting the strength values. Experimental results show that our method performs better than the random prioritization technique and the technique of prioritizing combinatorial test suites according to test case generation order, and has better performance than the interaction-coverage-based test prioritization technique in most cases.

Sign in / Sign up

Export Citation Format

Share Document