发布求助
文献互助 智能选刊 最新文献

2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST)最新文献

筛选
英文 中文
Supporting the Transition to an Agile Test Matrix 支持向敏捷测试矩阵的过渡
2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST) Pub Date : 2015-04-13 DOI: 10.1109/ICST.2015.7102632
Robert Korosec, Roman Pfarrhofer
{"title":"Supporting the Transition to an Agile Test Matrix","authors":"Robert Korosec, Roman Pfarrhofer","doi":"10.1109/ICST.2015.7102632","DOIUrl":"https://doi.org/10.1109/ICST.2015.7102632","url":null,"abstract":"The transition of AVL's software development unit towards lean and agile practices on team and enterprise level (implementing the scaled agile framework SAFe) requires a change in testing role, set and practices. We describe the changes of the testing strategy in reference to the agile test matrix - moving the focus of testing from system acceptance tests towards functional and unit tests. Furthermore, a supporting automated testing procedure was adopted to enable the splitting of tasks between different, globally distributed teams. With a test distribution tool, we are optimizing test execution time and test resource usage to meet the needs of the short agile cadence. The lessons learned so far during this ongoing project of tool implementation are shared. We conclude with an outlook on a research project that examines ways of systematic testing of nonfunctional requirements.","PeriodicalId":401414,"journal":{"name":"2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114360505","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Generating Succinct Test Cases Using Don't Care Analysis 使用不关心分析生成简洁的测试用例
2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST) Pub Date : 2015-04-13 DOI: 10.1109/ICST.2015.7102590
Cuong Nguyen, H. Yoshida, M. Prasad, Indradeep Ghosh, Koushik Sen
{"title":"Generating Succinct Test Cases Using Don't Care Analysis","authors":"Cuong Nguyen, H. Yoshida, M. Prasad, Indradeep Ghosh, Koushik Sen","doi":"10.1109/ICST.2015.7102590","DOIUrl":"https://doi.org/10.1109/ICST.2015.7102590","url":null,"abstract":"We study the problem of reducing test cases generated by bit vector based symbolic execution test generators. In particular, we first consider a guileless test case generation approach that generates assignment statements for each symbolic scalars, array and structure elements and object fields. We show that test cases generated by this approach can be significantly verbose. We then propose a method for making the generated test cases more succinct using a novel analysis entitled don't care analysis. Don't care analysis identifies assignment statements that can be safely removed from the test cases without affecting the overall code coverage. Our algorithm is based on binary and delta-debugging search. Because it exploits the knowledge of the internal SAT solver, it is effective and efficient in practice. To our knowledge, this is the first fully automatic approach that reduces the sizes of test cases generated using symbolic execution. We implement our test case reduction technique for the KLEE test generation tool and evaluate on 295 programs and functions. Our results are encouraging: in average, the reduced test cases are 50 times smaller than the test cases generated by the guileless test case generator. In addition, since our don't care analysis is tightly integrated into the test case generation tool, its overhead to the overall test generation process is negligible.","PeriodicalId":401414,"journal":{"name":"2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126376682","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Reformulating Branch Coverage as a Many-Objective Optimization Problem 将分支覆盖重新表述为一个多目标优化问题
2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST) Pub Date : 2015-04-13 DOI: 10.1109/ICST.2015.7102604
Annibale Panichella, Fitsum Meshesha Kifetew, P. Tonella
{"title":"Reformulating Branch Coverage as a Many-Objective Optimization Problem","authors":"Annibale Panichella, Fitsum Meshesha Kifetew, P. Tonella","doi":"10.1109/ICST.2015.7102604","DOIUrl":"https://doi.org/10.1109/ICST.2015.7102604","url":null,"abstract":"Test data generation has been extensively investigated as a search problem, where the search goal is to maximize the number of covered program elements (e.g., branches). Recently, the whole suite approach, which combines the fitness functions of single branches into an aggregate, test suite-level fitness, has been demonstrated to be superior to the traditional single-branch at a time approach. In this paper, we propose to consider branch coverage directly as a many-objective optimization problem, instead of aggregating multiple objectives into a single value, as in the whole suite approach. Since programs may have hundreds of branches (objectives), traditional many-objective algorithms that are designed for numerical optimization problems with less than 15 objectives are not applicable. Hence, we introduce a novel highly scalable many-objective genetic algorithm, called MOSA (Many-Objective Sorting Algorithm), suitably defined for the many- objective branch coverage problem. Results achieved on 64 Java classes indicate that the proposed many-objective algorithm is significantly more effective and more efficient than the whole suite approach. In particular, effectiveness (coverage) was significantly improved in 66% of the subjects and efficiency (search budget consumed) was improved in 62% of the subjects on which effectiveness remains the same.","PeriodicalId":401414,"journal":{"name":"2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134639432","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 144
Behind an Application Firewall, Are We Safe from SQL Injection Attacks? 在应用程序防火墙后面,我们是否安全免受SQL注入攻击?
2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST) Pub Date : 2015-04-13 DOI: 10.1109/ICST.2015.7102581
Dennis Appelt, Duy Cu Nguyen, L. Briand
{"title":"Behind an Application Firewall, Are We Safe from SQL Injection Attacks?","authors":"Dennis Appelt, Duy Cu Nguyen, L. Briand","doi":"10.1109/ICST.2015.7102581","DOIUrl":"https://doi.org/10.1109/ICST.2015.7102581","url":null,"abstract":"Web application firewalls are an indispensable layer to protect online systems from attacks. However, the fast pace at which new kinds of attacks appear and their sophistication require that firewalls be updated and tested regularly as otherwise they will be circumvented. In this paper, we focus our research on web application firewalls and SQL injection attacks. We present a machine learning-based testing approach to detect holes in firewalls that let SQL injection attacks bypass. At the beginning, the approach can automatically generate diverse attack payloads, which can be seeded into inputs of web- based applications, and then submit them to a system that is protected by a firewall. Incrementally learning from the tests that are blocked or passed by the firewall, our approach can then select tests that exhibit characteristics associated with bypassing the firewall and mutate them to efficiently generate new bypassing attacks. In the race against cyber attacks, time is vital. Being able to learn and anticipate more attacks that can circumvent a firewall in a timely manner is very important in order to quickly fix or fine-tune the firewall. We developed a tool that implements the approach and evaluated it on ModSecurity, a widely used application firewall. The results we obtained suggest a good performance and efficiency in detecting holes in the firewall that could let SQLi attacks go undetected.","PeriodicalId":401414,"journal":{"name":"2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115249891","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 40
Test Suite Quality Assessment Using Model Inference Techniques 使用模型推理技术的测试套件质量评估
2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST) Pub Date : 2015-04-13 DOI: 10.1109/ICST.2015.7102617
Hermann Felbinger
{"title":"Test Suite Quality Assessment Using Model Inference Techniques","authors":"Hermann Felbinger","doi":"10.1109/ICST.2015.7102617","DOIUrl":"https://doi.org/10.1109/ICST.2015.7102617","url":null,"abstract":"To state whether a System Under Test is sufficiently tested requires an assessment of the test suite quality. Existing methods to assess the quality of a test suite either are based on the structure of an implementation or determine the quality using mutation score. In this paper we introduce a method, which is based on inductive inference to assess the quality of a test suite and propose a method to augment a test suite depending on the quality assessment result. In this paper we provide a short glimpse on our objectives and show preliminary results of model inference of a test suite.","PeriodicalId":401414,"journal":{"name":"2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116488354","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Model-Based Mutation Testing of Synchronous and Asynchronous Real-Time Systems 同步和异步实时系统的基于模型的突变测试
2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST) Pub Date : 2015-04-13 DOI: 10.1109/ICST.2015.7102615
Florian Lorber
{"title":"Model-Based Mutation Testing of Synchronous and Asynchronous Real-Time Systems","authors":"Florian Lorber","doi":"10.1109/ICST.2015.7102615","DOIUrl":"https://doi.org/10.1109/ICST.2015.7102615","url":null,"abstract":"A lot of systems nowadays, especially in safety-critical areas, have to comply to very strict real-time requirements. Deviation from the specified time behavior can lead to severe faults. Thus the components need to be thoroughly tested to ensure a high quality standard. Model-based testing is a popular technology for automatic and systematic test-case generation, where a system-under-test is tested for conformance with a model that specifies its intended behavior. Model-based mutation testing is a specific fault-oriented variant of model- based testing. In this variant of testing, the test case generation is guided by a mutant, an intentionally altered version of the original model that specifies a common modeling error, to generate a specific test case capable of identifying that error. In the presented thesis we investigate ways to apply model-based mutation testing to real-time applications. The plan is to investigate two specification languages: timed automata and timed contracts. We already developed an algorithm and an implementation for testing deterministic timed automata and a theory and implementation for untimed contracts. In the last year of the thesis we will concentrate on determinizing timed automata restricted to the bounded case, supporting the test-case generation from networks of timed automata and adding real-time support to our contract-based testing tool. The final step of the thesis will be the evaluation on industrial case studies.","PeriodicalId":401414,"journal":{"name":"2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123163968","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Combining Algebraic and Domain Testing to Design Adequate Test Cases for Signal Processing Algorithms 结合代数和域测试设计足够的测试用例信号处理算法
2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST) Pub Date : 2015-04-13 DOI: 10.1109/ICST.2015.7102583
T. Huuhtanen, Juha Itkonen, C. Lassenius
{"title":"Combining Algebraic and Domain Testing to Design Adequate Test Cases for Signal Processing Algorithms","authors":"T. Huuhtanen, Juha Itkonen, C. Lassenius","doi":"10.1109/ICST.2015.7102583","DOIUrl":"https://doi.org/10.1109/ICST.2015.7102583","url":null,"abstract":"Signal processing software is characterized by a heavy emphasis on arithmetic calculations and the lack of complicated control structures, placing specific constraints on which testing techniques are applicable and how signal processing software can be efficiently tested. In this paper, we analyze the unique characteristics of signal processing software from the testing viewpoint and propose applied techniques for tackling the verification challenges of such software. We propose a testing method for the signal processing context and provide examples of its application to an FIR and a second order IIR filter. This method extends the applicability of algebraic testing and domain testing methods to signal processing software. The developed method applies to linear systems and can be further extended to take nonlinearities in the tested system into account.","PeriodicalId":401414,"journal":{"name":"2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131100273","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Test Generation from Business Rules 从业务规则生成测试
2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST) Pub Date : 2015-04-13 DOI: 10.1109/ICST.2015.7102608
S. Jensen, Suresh Thummalapenta, S. Sinha, S. Chandra
{"title":"Test Generation from Business Rules","authors":"S. Jensen, Suresh Thummalapenta, S. Sinha, S. Chandra","doi":"10.1109/ICST.2015.7102608","DOIUrl":"https://doi.org/10.1109/ICST.2015.7102608","url":null,"abstract":"Enterprise applications are difficult to test because their intended functionality is either not described precisely enough or described in cumbersome business rules. It takes a lot of effort on the part of a test architect to understand all the business rules and design tests that \"cover\" them, i.e., exercise all their constituent scenarios. Part of the problem is that it takes a complicated set up sequence to drive an application to a state in which a business rule can even fire. In this paper, we present a business rule modeling language that can be used to capture functional specification of an enterprise system. The language makes it possible to build tool support for rule authoring, so that obvious deficiencies in rules can be detected mechanically. Most importantly, we show how to mechanically generate test sequences--i.e., test steps and test data--needed to exercise these business rules. To this end, we translate the rules into logical formulae and use constraint solving to generate test sequences. One of our contributions is to overcome scalability issues in this process, and we do this by using a novel algorithm for organizing search through the space of candidate sequences to discover covering sequences. Our results on three case studies show the promise of our approach.","PeriodicalId":401414,"journal":{"name":"2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST)","volume":"18 6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117243510","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Security Threat Identification and Testing 安全威胁识别和测试
2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST) Pub Date : 2015-04-13 DOI: 10.1109/ICST.2015.7102630
R. Carbone, L. Compagna, Annibale Panichella, Serena Elisa Ponta
{"title":"Security Threat Identification and Testing","authors":"R. Carbone, L. Compagna, Annibale Panichella, Serena Elisa Ponta","doi":"10.1109/ICST.2015.7102630","DOIUrl":"https://doi.org/10.1109/ICST.2015.7102630","url":null,"abstract":"Business applications are more and more collaborative (cross-domains, cross-devices, service composition). Security shall focus on the overall application scenario including the interplay between its entities/devices/services, not only on the isolated systems within it. In this paper we propose the Security Threat Identification And TEsting (STIATE) toolkit to support development teams toward security assessment of their under-development applications focusing on subtle security logic flaws that may go undetected by using current industrial technology. At design-time, STIATE supports the development teams toward threat modeling and analysis by identifying automatically potential threats (via model checking and mutation techniques) on top of sequence diagrams enriched with security annotations (including WHAT-IF conditions). At run-time, STIATE supports the development teams toward testing by exploiting the identified threats to automatically generate and execute test cases on the up and running application. We demonstrate the usage of the STIATE toolkit on an application scenario employing the SAML Single Sign-On multi-party protocol, a well-known industrial security standard largely studied in previous literature.","PeriodicalId":401414,"journal":{"name":"2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122194003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Show Me New Counterexamples: A Path-Based Approach 向我展示新的反例:基于路径的方法
2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST) Pub Date : 2015-04-13 DOI: 10.1109/ICST.2015.7102606
Kalou Cabrera Castillos, H. Waeselynck, V. Wiels
{"title":"Show Me New Counterexamples: A Path-Based Approach","authors":"Kalou Cabrera Castillos, H. Waeselynck, V. Wiels","doi":"10.1109/ICST.2015.7102606","DOIUrl":"https://doi.org/10.1109/ICST.2015.7102606","url":null,"abstract":"We consider lightweight usage of model-checking for the debugging of Simulink models. A problem is that model-checkers typically return only one counterexample, which may slow down the debugging process. We propose an approach and a tool to produce several counterexamples, exemplifying different property violation patterns for a given version of the design. The approach uses data collected during the replay of the counterexamples to synthesize queries for the model-checker, so that it finds counterexamples that activate new paths. The approach is applied to an academic example and an industrial model from the automotive domain.","PeriodicalId":401414,"journal":{"name":"2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115516171","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信