An exploration of statistical models for automated test case generation

Sant, Jessica; Souter, Amie L.; Greenwald, Lloyd

doi:10.1145/1083246.1083256

Cited by 32 publications

(43 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To cope with these issues a usage-based framework is suggested. Usage-based testing has successfully been applied to other event driven software, like Web applications [4,12,14] and to a lesser degree also GUI testing [2]. The testing framework is based upon the integration of three mechanism and the resulting synergy effects: 1) GUI usage monitoring; 2) replaying of usage logs; 3) stochastical usage models.…”

Section: Future Workmentioning

confidence: 99%

Improved Bug Reporting and Reproduction through Non-intrusive GUI Usage Monitoring and Automated Replaying

Herbold

Grabowski

Waack

et al. 2011

2011 IEEE Fourth International Conference on Software Testing, Verification and Validation Workshops

View full text Add to dashboard Cite

Most software systems are operated using a Graphical User Interface (GUI). Therefore, bugs are often triggered by user interaction with the software's GUI. Hence, accurate and reliable GUI usage information is an important tool for bug fixing, as the reproduction of a bug is the first important step towards fixing it. To support bug reproduction, a generic, easy to integrate, non-intrusive GUI usage monitoring mechanism is introduced in this paper. As supplement for the monitoring, a method for automatically replaying the monitored usage logs is provided. The feasibility of both is demonstrated through proof-of-concept implementations. A case-study shows that the monitoring mechanism can be integrated into large-scale software products without significant effort and that the logs are replayable. Additionally, a usage-based end-to-end GUI testing approach is outlined, in which the monitoring and replaying play major roles.

show abstract

Section: Future Workmentioning

confidence: 99%

Improved Bug Reporting and Reproduction through Non-intrusive GUI Usage Monitoring and Automated Replaying

Herbold

Grabowski

Waack

et al. 2011

2011 IEEE Fourth International Conference on Software Testing, Verification and Validation Workshops

View full text Add to dashboard Cite

show abstract

“…Since web application make extensive use of databases, this technique could be used together with our wam-se-based test-input generation to achieve additional coverage on parts of the code that are dependent on responses to SQL queries. A final group of techniques [7,8,16,20,21] use captured user session data and logs to model a web application and generate realistic test cases. These approaches are not able to provide any guarantees of completeness since they are limited to analyzing only parts of the application interaction they have observed.…”

Section: Related Workmentioning

confidence: 99%

Precise interface identification to improve testing and analysis of web applications

Halfond

Anand

Orso

2009

Proceedings of the Eighteenth International Symposium on Software Testing and Analysis

View full text Add to dashboard Cite

As web applications become more widespread, sophisticated, and complex, automated quality assurance techniques for such applications have grown in importance. Accurate interface identification is fundamental for many of these techniques, as the components of a web application communicate extensively via implicitly-defined interfaces to generate customized and dynamic content. However, current techniques for identifying web application interfaces can be incomplete or imprecise, which hinders the effectiveness of quality assurance techniques. To address these limitations, we present a new approach for identifying web application interfaces that is based on a specialized form of symbolic execution. In our empirical evaluation, we show that the set of interfaces identified by our approach is more accurate than those identified by other approaches. We also show that this increased accuracy leads to improvements in several important quality assurance techniques for web applications: test-input generation, penetration testing, and invocation verification.

show abstract

“…This function also sets two hidden input fields in the form: "userAction" is set to "provideAddress," and "login" is set to the user-chosen login. When the user submits this form, the condition at line 14 is true, so the servlet retrieves the address and login fields (lines [15][16] and updates the entry in the database with the supplied information (lines [17][18][19]. At this point, the registration is done.…”

Section: Motivating Examplementioning

confidence: 99%

“…Early techniques relied on developer-provided specifications [1,15,18], which does not fit well into the usage scenario of penetration testing, where oftentimes the vulnerabilities are found in IVs that are unknown or untested by the developers. Several techniques [6,7,16,19] use session data and user logs to identify relevant information about the monitored web applications. These techniques have limitations similar to those associated with web crawlers, as they can only analyze parts of a web application that have been visited.…”

Section: Related Workmentioning

confidence: 99%