A Review on Web Application Testing and its Current Research Directions

Testing is an important part of every software development process on which companies devote considerable time and effort. The burgeoning web applications and their proliferating economic significance in the society made the area of web application testing an area of acute importance. The web applications generally tend to take faster and quicker release cycles making their testing very challenging. The main issues in testing are cost efficiency and bug detection efficiency. Coverage-based   testing is the process of ensuring exercise of specific program elements. Coverage measurement helps determine the “thoroughness” of testing achieved. An avalanche of tools, techniques, frameworks came into existence to ascertain the quality of web applications.  A comparative study of some of the prominent tools, techniques and models for web application testing is presented. This work highlights the current research directions of some of the web application testing techniques

Supporting Early-Safety Analysis of IoT Systems by Exploiting Testing Techniques

IoT systems complexity and susceptibility to failures pose significant challenges in ensuring their reliable operation Failures can be internally generated or caused by external factors impacting both the systems correctness and its surrounding environment To investigate these complexities various modeling approaches have been proposed to raise the level of abstraction facilitating automation and analysis FailureLogic Analysis FLA is a technique that helps predict potential failure scenarios by defining how a components failure logic behaves and spreads throughout the system However manually specifying FLA rules can be arduous and errorprone leading to incomplete or inaccurate specifications In this paper we propose adopting testing methodologies to improve the completeness and correctness of these rules How failures may propagate within an IoT system can be observed by systematically injecting failures while running test cases to collect evidence useful to add complete and refine FLA rule

Ideal test for android testing: Preliminary work

This paper proposes a hybrid method combining well-known holistic test and mutation testing in software testing for Graphical User Interface (GUI) testing of an android application. Moreover, this hybrid method satisfies requirements of ideal testing that is well known and important in software testing. Presence and absence of GUI based faults are tested within this work experimentally and comparatively in the scale of given or constructed model. First step of the method is modeling the given GUI of android application by Finite State Machine (FSM) and then converting this FSM to Regular Expression (RE). Then, test sequences are generated from a context table that is obtained analysis of the RE model. This process defines first part of the Holistic Testing namely positive testing. In second part called negative testing, the test sequence generation procedure is applied mutants of the FSM obtained after applying selected mutation operators. The generated test sequences from original and mutant models are executed on mutant and original android applications respectively. Test sequences are filtered by using pre-defined selection criteria for both positive and negative testing to achieve ideal test suites that are satisfying requirements of the ideal testing.Bu çalışmanın amacı yazılım testi alanında yaygın olarak kullanılan Bütünsel Test (Holistic Test) ve Mutasyon Testi (Mutation Testing) yöntemlerinin kullanılarak model tabanlı melez bir yöntemin Android uygulamalarının Grafiksel Kullanıcı Arayüz (GKA) testi için öne sürülmesidir. Ayrıca bu melez yöntem test alanında bilinirliği yüksek İdeal Test’in (Ideal Test) gereksinimlerini sağladığı için ayrı bir öneme sahiptir. Öne sürülen melez yöntem sayesinde sistem içindeki kullanıcı arayüz merkezli hataların model ölçeğinde varlığı veya yokluğu, karşılaştırmalı ve deneysel çalışmalar çerçevesinde test edilmiştir. Yöntemin ilk adımı olarak verilen uygulamanın kullanıcı arayüzü bir Sonlu Durum Makinası (SDM) ile modellenmekte ve ardından bu SDM bir Düzenli İfade’ye (Dİ) dönüştürülmektedir. Ardından elde edilen Dİ analizden geçirilerek bağlam tabloları ile ifade edilmekte ve bu tablolar vasıtası ile test dizileri üretilmektedir. Bu işlem pozitif testi tanımlamaktadır. Negatif test için ise aynı işlem SDM’lerden elde edilen mutantlara uygulanmakta ve test dizileri elde edilmektedir. Negatif ve pozitif test için elde edilen test dizileri karşılıklı olarak kod tabalı mutasyonla elde edilen mutantlara ve hatasız sisteme uygulanmaktadır. Test sonuçları tanımlanacak olan test seçim kriterlerine göre bir süzgeçten geçirilmekte ve hem pozitif hemde negatif test için süzgeçten geçirilen test kümeleri elde edilmektedir. Bu işlem sonund

Using memetic algorithm for robustness testing of contract-based software models

Graph Transformation System (GTS) can formally specify the behavioral aspects of complex systems through graph-based contracts. Test suite generation under normal conditions from GTS specifications is a task well-suited to evolutionary algorithms such as Genetic and Particle Swarm Optimization (PSO) metaheuristics. However, testing the vulnerabilities of a system under unexpected events such as invalid inputs is essential. Furthermore, the mentioned global search algorithms tend to make big jumps in the system’s state-space that are not concentrated on particular test goals. In this paper, we extend the HGAPSO approach into a cost-aware Memetic Algorithm (MA) by making small local changes through a proposed local search operator to optimize coverage score and testing costs. Moreover, we test GTS specifications not only under normal events but also under unexpected situations. So, three coverage-based testing strategies are investigated, including normal testing, robustness testing, and a hybrid strategy. The effectiveness of the proposed test generation algorithm and the testing strategies are evaluated through a type of mutation analysis at the model-level. Our experimental results show that (1) the hybrid testing strategy outperforms normal and robustness testing strategies in terms of fault-detection capability, (2) the robustness testing is the most cost-efficient strategy, and (3) the proposed MA with the hybrid testing strategy outperforms the state-of-the-art global search algorithms

Agile model-driven re-engineering

In this paper we describe an Agile model-driven engineering (MDE) approach, AMDRE, for the re-engineering of legacy systems. The objective is to support the reuse of business-critical functionality from such systems and the porting of legacy code to modernised platforms, together with technical debt reduction to improve the system maintainability and extend its useful life. AMDRE uses a lightweight MDE process which involves the automated abstraction of software systems to UML specifications and the interactive application of refactoring and rearchitecting transformations to remove quality flaws and architectural flaws. We demonstrate the approach on Visual Basic, COBOL and Python legacy codes, including a finance industry case. Significant quality improvements are achieved, and translation accuracy over 80\% is demonstrated. In comparison to other MDE re-engineering approaches, AMDRE does not require high MDE skills and should be usable by mainstream software practitioners

Automata Language Equivalence vs. Simulations for Model-based Mutant Equivalence: An Empirical Evaluation

International audienceMutation analysis is a popular technique to assess the effectiveness of test suites with respect to their fault-finding abilities. It relies on the mutation score, which indicates how many mutants are revealed by a test suite. Yet, there are mutants whose behaviour is equivalent to the original system, wasting analysis resources and preventing the satisfaction of the full (100%) mutation score. For finite behavioural models, the Equivalent Mutant Problem (EMP) can be addressed through language equivalence of non-deterministic finite automata, which is a well-studied, yet computationally expensive, problem in automata theory. In this paper, we report on our assessment of a state-of-the-art exact language equivalence tool to handle the EMP against 12 models of size up to 15,000 states on 4710 mutants. We introduce random and mutation-biased simulation heuristics as baselines for comparison. Results show that the exact approach is often more than ten times faster in the weak mutation scenario. For strong mutation, our biased simulations are faster for models larger than 300 states. They can be up to 1,000 times faster while limiting the error of misclassifying non-equivalent mutants as equivalent to 8% on average. We therefore conclude that the approaches can be combined for improved efficiency

Quantitative metrics for mutation testing

Program mutation is the process of generating versions of a base program by applying elementary syntactic modifications; this technique has been used in program testing in a variety of applications, most notably to assess the quality of a test data set. A good test set will discover the difference between the original program and mutant except if the mutant is semantically equivalent to the original program, despite being syntactically distinct. Equivalent mutants are a major nuisance in the practice of mutation testing, because they introduce a significant amount of bias and uncertainty in the analysis of test results; indeed, mutants are useful only to the extent that they define distinct functions from the base program. Yet, despite several decades of research, the identification of equivalent mutants remains a tedious, inefficient, ineffective and error prone process. The approach that is adopted in this dissertation is to turn away from the goal of identifying individual mutants which are semantically equivalent to the base program, in favor of an approach that merely focuses on estimating their number. To this effect, the following question is considered: what makes a base program P prone to produce equivalent mutants? The position taken in this work is that what makes a program prone to generate equivalent mutants is the same property that makes a program fault tolerant, since fault tolerance is by definition the ability to maintain correct behavior despite the presence and sensitization of faults; whether these faults stem from poor design or from mutation operators does not matter. Hence if we could only quantify the redundancy of a program, we should be able to use the redundancy metrics to estimate the ratio of equivalent mutants (REM for short) of a program. Using redundancy metrics that were previously defined to reflect the state redundancy of a program, its functional redundancy, its non injectivity and its non-determinacy, this dissertation makes the following contributions: The design and implementation of a Java compiler, using compiler generation technology, to analyze Java code and compute its redundancy metrics. An empirical study on standard mutation testing benchmarks to analyze the statistical relationships between the REM of a program and its redundancy metrics. The derivation of regression models to estimate the REM of a program from its compiler generated redundancy metrics, for a variety of mutation policies. The use of the REM to address a number of mutation related issues, including: estimating the level of redundancy between non-equivalent mutants; redefining the mutation score of a test data set to take into account the possibility that mutants may be semantically equivalent to each other; using the REM to derive a minimal set of mutants without having to analyze all the pairs of mutants for equivalence. The main conclusions of this work are the following: The REM plays a very important role in the mutation analysis of a program, as it gives many useful insights into the properties of its mutants. All the attributes that can be computed from the REM of a program are very sensitive to the exact value of the REM; Hence the REM must be estimated with great precision. Consequently, the focus of future research is to revisit the Java compiler and enhance the precision of its estimation of redundancy metrics, and to revisit the regression models accordingly

Model-based mutant equivalence detection using automata language equivalence and simulations

Mutation analysis is a popular technique for assessing the strength of test suites. It relies on the mutation score, which indicates their fault-revealing potential. Yet, there are mutants whose behaviour is equivalent to the original system, wasting analysis resources and preventing the satisfaction of a 100% mutation score. For finite behavioural models, the Equivalent Mutant Problem (EMP) can be transformed to the language equivalence problem of non-deterministic finite automata for which many solutions exist. However, these solutions are quite expensive, making computation unbearable when used for tackling the EMP. In this paper, we report on our assessment of a state-of-the-art exact language equivalence tool and two heuristics we proposed. We used 12 models, composed of (up to) 15,000 states, and 4710 mutants. We introduce a random and a mutation-biased simulation heuristics, used as baselines for comparison. Our results show that the exact approach is often more than ten times faster in the weak mutation scenario. For strong mutation, our biased simulations can be up to 1000 times faster for models larger than 300 states, while limiting the error of misclassifying non-equivalent mutants as equivalent to 8% on average. We therefore conclude that the approaches can be combined for improved efficiency

Web services choreography testing using semantic service description

Web services have become popular due to their ability to integrate with and to interoperate heterogeneous applications. Several web services can be combined into a single application to meet the needs of users. In the course of web services selection, a web candidate service needs to conform to the behaviour of its client, and one way of ensuring this conformity is by testing the interaction between the web service and its user. The existing web services test approaches mainly focus on syntax-based web services description, whilst the semantic-based solutions mostly address composite process flow testing. The aim of this research is to provide an automated testing approach to support service selection during automatic web services composition using Web Service Modeling Ontology (WSMO). The research work began with understanding and analysing the existing test generation approaches for web services. Second, the weaknesses of the existing approaches were identified and addressed by utilizing the choreography transition rules of WSMO in an effort to generate a Finite State Machine (FSM). The FSM was then used to generate the working test cases. Third, a technique to generate an FSM from Abstract State Machine (ASM) was adapted to be used with WSMO. This thesis finally proposed a new testing model called the Choreography to Finite State Machine (C2FSM) to support the service selection of an automatic web service composition. It proposed new algorithms to automatically generate the test cases from the semantic description (WSMO choreography description). The proposed approach was then evaluated using the Amazon E-Commerce Web Service WSMO description. The quality of the test cases generated using the proposed approach was measured by assessing their mutation adequacy score. A total of 115 mutants were created based on 7 mutant operators. A mutation adequacy score of 0.713 was obtained. The experimental validation demonstrated a significant result in the sense that C2FSM provided an efficient and feasible solution. The result of this research could assist the service consumer agents in verifying the behaviour of the Web service in selecting appropriate services for web service composition

Cost-effective model-based test case generation and prioritization for software product line

In Software Product Line (SPL), testing is used to manage core assets that comprised variability and commonality in effective ways due to large sizes of products that continue to be developed. SPL testing requires a technique that is capable to manage SPL core assets. Model-based Testing (MBT) is a promising technique that offers automation and reusability in test cases generation. However, there are difficulties to ensure testing in MBT can achieve good test cases generation results based on cost (size of test suite, total execution time) and effectiveness (coverage criteria, fault detection rate) measures. This is due to lack of trade-off between cost and effectiveness in test cases generated in MBT for SPL. This study aims to increase quality of test cases based on cost and effectiveness by using generation and prioritization approaches for MBT in SPL. This study focuses on three parts to enhance quality of test cases. First, test model development based on traceability link. In order to improve test cases quality, this study focused on implementation of hybrid-based and hyper-heuristic based techniques to generate test cases. This is followed by Test Cases Prioritization (TCP) technique that is based on dissimilarity-based technique with string distance. These test cases generation and prioritization approaches are evaluated by using two benchmarks - one test object and one real object. The results are compared with other prominent approaches. The mapping approach showed 10.27% and 32.39% f-measure improvement against existing approach on e-shop object, respectively. For test cases generation using hybrid-based approach, the proposed approach outperformed existing approaches with 11.66% coverage, 17.78% average execution time, and 45.98% average size of test suite on vending machine object. The hyper-heuristic based approach NSGA-II-LHH outperformed other proposed low-level heuristic approaches with 12.00% improvement on coverage, 46.66% average execution time and 42.54% average size of test suite. Furthermore, evaluation of TCP approaches showed fault detection improvement of 21.60%, 10.40% and 12.20% and total execution time improvement of 48.00%, 22.70% and 31.80% in comparison with three existing approaches. The results revealed that proposed model transformations, test cases generation and prioritization approaches significantly improve cost and effectiveness measure in MBT for SPL