The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Because debugging is notoriously time-consuming and laborious, fault localization becomes a major activity in software testing researches. This paper proposes a novel fault localization approach which utilizes intersection of control-flow based execution traces. It reports all program points, which are executed in every failed test case, as suspect of bugs and ranks them based on the frequency they...
Test-suite augmentation for evolving software -- the process of augmenting a test suite to adequately test software changes -- is necessary for any program that undergoes modifications as part of its development and maintenance cycles. Recently, we presented a new technique for test-suite augmentation based on leveraging the propagation conditions for the effects of changes. Although empirical studies...
Embedded systems are becoming increasingly ubiquitous, controlling a wide variety of popular and safety-critical devices. Effective testing techniques could improve the dependability of these systems. In prior work we presented an approach for testing embedded systems, focusing on embedded system applications and the tasks that comprise them. In this work we focus on a second but equally important...
Uncaught exceptions, and in particular null pointer exceptions (NPEs), constitute a major cause of crashes for software systems. Although tools for the static identification of potential NPEs exist, there is need for proper approaches able to identify system execution scenarios causing NPEs. This paper proposes a search-based test data generation approach aimed at automatically identify NPEs. The...
Nowadays, one of the most effective ways to identify software vulnerabilities by testing is the use of fuzzing, whereby the robustness of software is tested against invalid inputs that play on implementation limits or data boundaries. A high number of random combinations of such inputs are sent to the system through its interfaces. Although fuzzing is a fast technique which detects real errors, its...
Coverage analysis has been playing an important role in testing traditional single threaded applications. As the number of multicore hardware being used increases, the number of multithreaded applications grows as well. In multi-threaded environment, traditional code coverage models cannot really cover the nondeterministic behavior of simultaneously running threads. The concept of synchronization...
Symbolic techniques have been shown to be very effective in path-based test generation, however, they fail to scale to large programs due to the exponential number of paths to be explored. In this paper, we focus on tackling this path explosion problem and propose search strategies to achieve quick branch coverage under symbolic execution, while exploring only a fraction of paths in the program. We...
Mutation based testing has been considered in many experiments as the most efficacious in terms of revealed faults, but also the most expensive, considering the number of executions. Other problem is that the test data are generally derived from the programs and do not ensure the discovering of faults usually revealed with test data generated from the specification, such as missing paths, which are...
Dataflow testing of programs ensures the execution of data dependencies between locations in the code (1) where variables are assigned values, and (2) where these definitions are used. Such data dependencies are called Def-Use Associations (DUAs). In an aspect-oriented (AO) program, aspects and classes interact in several ways, such as (1) through parameters passed from advised methods in a class...
Generating the test inputs, that have high code coverage while minimizing the number of test inputs, is a practical but difficult problem. The application of symbolic execution in combination with SMT solvers gives a promising way to solve it. Recently, there have been several tools that help generating the test inputs for C programs, but their abilities are still limited, depending on the particular...
Testing Service Oriented Architecture applications is a challenging task due to the high dynamism, the low coupling and the low testability of services. Web services, a popular implementation of services, are usually provided as black box and using testing techniques based on implementation is limited. This paper presents an approach to support the use of the structural testing technique on web service...
An orchestrator in a Web Service system is a locally deployed piece of software used both to allow users to interact with the system and to communicate with remote components (Web Services) in order to fulfill a goal. We propose a symbolic model based approach to test orchestrators in the context of the systems they pilot. Our approach only takes as input a model of the orchestrator and no models...
Mutation testing has been used to assess and improve the quality of test inputs. Generating test inputs to achieve high mutant-killing ratios is important in mutation testing. However, existing test-generation techniques do not provide effective support for killing mutants in mutation testing. In this paper, we propose a general test-generation approach, called PexMutator, for mutation testing using...
Test coverage criteria including boundary-value and logical coverage such as Modified Condition/Decision Coverage (MC/DC) have been increasingly used in safety-critical or mission-critical domains, complementing those more popularly used structural coverage criteria such as block or branch coverage. However, existing automated test-generation approaches often target at block or branch coverage for...
Today's fast paced world of ever changing Commercial-Of-The-Shelf (COTS) hardware and software architectures creates a quandary in that the end-user must be cognizant of these effects on their own legacy based system when embracing a new design. The advantages of moving to a newer and sleeker system surely outweigh the complexities of attempting to maintain an older system especially when obsolescence...
GUI testing is an important and difficult issue. One of the difficulties in GUI testing is that the input domain of a non-trivial GUI application is extremely large or infinite. It is necessary to introduce some coverage criteria to help people select test cases from the input domain of the GUI applications. In this paper, we propose an event handler-based coverage criterion for GUI testing. It requires...
Metamorphic testing is an effective technique for testing systems that do not have test oracles, for which it is practically impossible to know the correct output of an arbitrary test input. In metamorphic testing, instead of checking the correctness of a test output, the satisfaction of metamorphic relation among test outputs is checked. If a violation of the metamorphic relation is found, the system...
Evolutionary testing has been researched and promising results have been presented. However, evolutionary testing has remained predominately a research-based activity not practiced within industry. Although attempts have been made, such as Daimler's Evolutionary Structural Test (EST) prototype, until now, no such tool has been suitable for industrial adoption. The European project EvoTest (IST-33472)...
Building comprehensive test suites for web applications poses new challenges in software testing. Coverage criteria used for traditional systems to assess the quality of test cases are simply not sufficient for complex dynamic applications. As a result, faults in web applications can often be traced to insufficient testing coverage of the complex interactions between the components. This paper presents...
Many software security vulnerabilities only reveal themselves under certain conditions, i.e., particular configurations of the software together with its particular run-time environment. One approach to detecting these vulnerabilities is fuzz testing, which feeds a range of randomly modified inputs to a software application while monitoring it for failures. However, typical fuzz testing makes no guarantees...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.