Preemptive regression testing of workflow-based web services

published_or_final_versio

Data flow testing of service choreography

This work is supported in part by the General Research Fund of the Research Grants Council of Hong Kong (project nos. 717506 and 717308).ESEC/FSE (Conference)Service computing has increasingly been adopted by the industry, developing business applications by means of orchestration and choreography. Choreography specifies how services collaborate with one another by defining, say, the message exchange, rather than via the process flow as in the case of orchestration. Messages sent from one service to another may require the use of different XPaths to manipulate or extract message contents. Mismatches in XML manipulations through XPaths (such as to relate incoming and outgoing messages in choreography specifications) may result in failures. In this paper, we propose to associate XPath Rewriting Graphs (XRGs), a structure that relates XPath and XML schema, with actions of choreography applications that are skeletally modeled as labeled transition systems. We develop the notion of XRG patterns to capture how different XRGs are related even though they may refer to different XML schemas or their tags. By applying XRG patterns, we successfully identify new data flow associations in choreography applications and develop new data flow testing criteria. Finally, we report an empirical case study that evaluates our techniques. The result shows our techniques are promising in detecting failures in choreography applications. Copyright 2009 ACM.postprin

Utilizing Output in Web Application Server-Side Testing

This thesis investigates the utilization of web application output in enhancing automated server-side code testing. The server-side code is the main driving force of a web application generating client-side code, maintaining the state and communicating with back-end resources. The output observed in those elements provides a valuable resource that can potentially enhance the efficiency and effectiveness of automated testing. The thesis aims to explore the use of this output in test data generation, test sequence regeneration, augmentation and test case selection. This thesis also addresses the web-specific challenges faced when applying search based test data generation algorithms to web applications and dataflow analysis of state variables to test sequence regeneration. The thesis presents three tools and four empirical studies to implement and evaluate the proposed approaches: SWAT (Search based Web Application Tester) is a first application of search based test data generation algorithms for web applications. It uses values dynamically mined from the intermediate and the client-side output to enhance the search based algorithm. SART (State Aware Regeneration Tool) uses dataflow analysis of state variables, session state and database tables, and their values to regenerate new sequences from existing sequences. SWAT-U (SWAT-Uniqueness) augments test suites with test cases that produce outputs not observed in the original test suite’s output. Finally, the thesis presents an empirical study of the correlation between new output based test selection criteria and fault detection and structural coverage. The results confirm that using the output does indeed enhance the effectiveness and efficiency of search based test data generation and enhances test suites’ effectiveness for test sequence regeneration and augmentation. The results also report that output uniqueness criteria are strongly correlated with both fault detection and structural coverage and are complementary to structural coverage

Higher Order Mutation Testing

Mutation testing is a fault-based software testing technique that has been studied widely for over three decades. To date, work in this field has focused largely on first order mutants because it is believed that higher order mutation testing is too computationally expensive to be practical. This thesis argues that some higher order mutants are potentially better able to simulate real world faults and to reveal insights into programming bugs than the restricted class of first order mutants. This thesis proposes a higher order mutation testing paradigm which combines valuable higher order mutants and non-trivial first order mutants together for mutation testing. To overcome the exponential increase in the number of higher order mutants a search process that seeks fit mutants (both first and higher order) from the space of all possible mutants is proposed. A fault-based higher order mutant classification scheme is introduced. Based on different types of fault interactions, this approach classifies higher order mutants into four categories: expected, worsening, fault masking and fault shifting. A search-based approach is then proposed for locating subsuming and strongly subsuming higher order mutants. These mutants are a subset of fault mask and fault shift classes of higher order mutants that are more difficult to kill than their constituent first order mutants. Finally, a hybrid test data generation approach is introduced, which combines the dynamic symbolic execution and search based software testing approaches to generate strongly adequate test data to kill first and higher order mutants

Combining SOA and BPM Technologies for Cross-System Process Automation

This paper summarizes the results of an industry case study that introduced a cross-system business process automation solution based on a combination of SOA and BPM standard technologies (i.e., BPMN, BPEL, WSDL). Besides discussing major weaknesses of the existing, custom-built, solution and comparing them against experiences with the developed prototype, the paper presents a course of action for transforming the current solution into the proposed solution. This includes a general approach, consisting of four distinct steps, as well as specific action items that are to be performed for every step. The discussion also covers language and tool support and challenges arising from the transformation

Certifying Software Component Performance Specifications

In component-based software engineering, performance prediction approaches support the design of business information systems on the architectural level. They are based on behavior specifications of components. This work presents a round-trip approach for using, assessing, and certifying the accuracy of parameterized, probabilistic, deterministic, and concurrent performance specifications. Its applicability and effectiveness are demonstrated using the CoCoME benchmark

An Empirical Study of the Use of Frankl-Weyuker Data Flow Testing Criteria to Test BPEL Web Services

Programs using service-oriented architecture (SOA) often feature ultra-late binding among components. These components have well-defined interfaces and are known as web services. Messages between every pair of web services dually conform to the output interface of a sender and the input interface of a receiver. Unit testing of web services should not only test the logic of web services, but also assure the correctness of the web services during input, manipulation, and output of messages. There is, however, little software test-ing research in this area. In this paper, we study the unit testing problem to assure components written in orchestration languages, WS-BPEL in particular. We report an empirical study of the effectiveness of the Frankl-Weyuker data flow test-ing criteria (particularly the all-uses criterion) on WS- BPEL subject programs. Our study shows that conventional data flow testing criteria can be much less effective in revealing faults in interface artifacts (WSDL documents) and message manipulations (XPath queries) than revealing faults in BPEL artifacts

Model Checking and Model-Based Testing : Improving Their Feasibility by Lazy Techniques, Parallelization, and Other Optimizations

This thesis focuses on the lightweight formal method of model-based testing for checking safety properties, and derives a new and more feasible approach. For liveness properties, dynamic testing is impossible, so feasibility is increased by specializing on an important class of properties, livelock freedom, and deriving a more feasible model checking algorithm for it. All mentioned improvements are substantiated by experiments

Qualitätssicherung von Modelltransformationen - Über das dynamische Testen programmierter Graphersetzungssysteme

Modelle und Metamodelle repräsentieren Kernkonzepte der modellgetriebenen Softwareentwicklung (MDSD). Programme, die Modelle (unter Bezugnahme auf ihre Metamodelle) manipulieren oder ineinander überführen, werden als Modelltransformationen (MTs) bezeichnet und bilden ein weiteres Kernkonzept. Für dieses klar umrissene Aufgabenfeld wurden und werden speziell angepasste, domänenspezifische Transformationssprachen entwickelt und eingesetzt. Aufgrund der Bedeutung von MTs für das MDSD-Paradigma ist deren Korrektheit essentiell und eine gründliche Qualitätssicherung somit angeraten. Entsprechende Ansätze sind allerdings rar. In der Praxis erweisen sich die vornehmlich erforschten formalen Verifikationsansätze häufig als ungeeignet, da sie oft zu komplex oder zu teuer sind. Des Weiteren skalieren sie schlecht in Abhängigkeit zur Größe der betrachteten MT oder sind auf Abstraktionen bezogen auf die Details konkreter Implementierungen angewiesen. Demgegenüber haben testende Verfahren diese Nachteile nicht. Allerdings lassen sich etablierte Testverfahren für traditionelle Programmiersprachen aufgrund der Andersartigkeit der MT-Sprachen nicht oder nur sehr eingeschränkt wiederverwenden. Zudem sind angepasste Testverfahren grundsätzlich wünschenswert, da sie typische Eigenschaften von MTs berücksichtigen können. Zurzeit existieren hierzu überwiegend funktionsbasierte (Black-Box-)Verfahren. Das Ziel dieser Arbeit besteht in der Entwicklung eines strukturbasierten (White-Box-)Testansatzes für eine spezielle Klasse von Modelltransformationen, den sog. programmierten Graphtransformationen. Dafür ist anhand einer konkreten Vertreterin dieser Sprachen ein strukturelles Überdeckungskonzept zu entwickeln, um so den Testaufwand begrenzen oder die Güte der Tests bewerten zu können. Auch müssen Aspekte der Anwendbarkeit sowie der Leistungsfähigkeit der resultierenden Kriterien untersucht werden. Hierzu wird ein auf Graphmustern aufbauendes Testüberdeckungskriterium in der Theorie entwickelt und im Kontext des eMoflon-Werkzeugs für die dort genutzte Story- Driven-Modeling-Sprache (SDM) praktisch umgesetzt. Als Basis für eine Wiederverwendung des etablierten Ansatzes der Mutationsanalyse zur Leistungsabschätzung des Kriteriums hinsichtlich der Fähigkeiten zur Fehlererkennung werden Mutationen zur synthetischen Einbringung von Fehlern identifiziert und in Form eines Mutationstestrahmenwerks realisiert. Letzteres ermöglicht es, Zusammenhänge zwischen dem Überdeckungskonzept und der Mutationsadäquatheit zu untersuchen. Im Rahmen einer umfangreichen Evaluation wird anhand zweier nichttrivialer Modelltransformationen die Anwendbarkeit und die Leistungsfähigkeit des Ansatzes in der Praxis untersucht und eine Abgrenzung gegenüber einer quellcodebasierten Testüberdeckung durchgeführt. Es zeigt sich, dass das entwickelte Überdeckungskonzept praktisch umsetzbar ist und zu einer brauchbaren Überdeckungsmetrik führt. Die Visualisierbarkeit einzelner Überdeckungsanforderungen ist der grafischen Programmierung bei Graphtransformationen besonders nahe, so dass u. a. die Konstruktion sinnvoller Tests erleichtert wird. Die Mutationsanalyse stützt die These, dass die im Hinblick auf Steigerungen der Überdeckungsmaße optimierten Testmengen mehr Fehler erkennen als vor der Optimierung. Vergleiche mit quellcodebasierten Überdeckungskriterien weisen auf die Existenz entsprechender Korrelationen hin. Die Experimente belegen, dass die vorgestellte Überdeckung klassischen, codebasierten Kriterien vielfach überlegen ist und sich so insbesondere auch für das Testen von durch einen Interpreter ausgeführte Transformationen anbietet