A Static Analysis Approach for Automatically Generating Test

A Static Analysis Approach for Automatically Generating Test Cases for Web Applications Presented by: Beverly Leung Fahim Rahman 1

Introduction to Web Applications • Web applications are: – interactive systems which run on one or more web servers – dynamic in behavior (customized responses for the user and interact with databases and/or enterprise servers) – heterogeneous in representation – used by businesses in a variety of major market areas (information management, online banking and shopping) *Source: Halfond, W et al. “Improving Test Case Generation for Web Applications Using Automated Interface Discovery” • As a result, thorough testing of web • applications is becoming increasingly important Testing methodologies that are used for traditional software testing are insufficient 2

Static Analysis Approach to Testing • Analyze source code without execution • Extract interfaces which include – input parameters and domain information – User navigation map which has all possible URLs from source code • Create navigation graph – set of paths for which test cases are generated 3

Example – Student Information Management System (SIMS) • An application that can support data associated with a college class • Three views with different services: – Administrator – Professor – Student 4

Example – SIMS • Login page asks for ID, password, user type – Source code validates for proper input parameters – If invalid, error handling message • Illustrates how web apps have a need for specific parameter types in order to properly test 5

Example – SIMS Login Code Fragment 1 <jsp: use. Bean id="test" scope="session" class="Test. Bean"/> 2 <% 3 int user_id = Interger. parse. Int(request. get. Parameter("user. Id")); 4 String password = request. get. Parameter("user. Passwd"); 5 String user_type = request. get. Parameter("user. Type"); 6 boolean ispass= test. verify(user_id, user_type, password); 7 if (ispass) { 8 if(user_type. equals(“student”)){ 9 %> 10 Student: <jsp: get. Property name="test" property="user. Name"/> 11 login success! 12 <a href="student_first_page. jsp">Click here to continue</a> 13 <% } 14 else if(user_type. equals(“professor”)){ 15 %> 16 Professor: <jsp: get. Property name="test" property="user. Name"/> 17 login success! 18 <a href="professor_first_page. jsp">Click here to continue</a> 19 <% } 20 else{ 21 %> 22 Administrator: <jsp: get. Property name="test" property="user. Name"/> 23 login success! 24 <a href="administrator_first_page. jsp">Click here to continue</a> 25 <% } 26 } 27 else { 28 %> 29 <jsp: forward page="error. jsp" flush="true"></jsp: forward> 30 <%} 31 %> 6

Example – SIMS Definitions • Control Flow Graph of a page – G = (V, E) where G is a directed graph, V are nodes and E are edges connecting the nodes. – node = one statement – edge = possible flow of control between two statements 7

Example – SIMS Definitions • x, y are nodes and x ≠ y • Post dominate – x “post dominates” y if every path from y to exit node contains x • Control dependent – x is “control dependent” on y … – if there exists y 1 and y 2 as successors of y – x post dominates y 1 but not y 2 8

Example – SIMS Definitions • Transition node (t-node) = node in the CFG • • which may lead to a transition from one page to another Transition path (t-path) = a path which starts from the begin node and ends at a t-node Transition Flow Graph = set of nodes and edges which show dependency, usage, and definition of parameters 9

Example – SIMS Sample Transition Flow Graph for the login page 10

Example – SIMS Static Analysis Approach • Identify all T-nodes • T-paths are identified using Depth First Search • Loops that are executed n times should be • • analyzed n times. If number of executions depends on variable, traverse loop only once T-paths are then executed as part of the control flow graph. Irrelevant paths are eliminated using a path slicing technique which is based on whether or not a target node can be reached 11

Example – SIMS Static Analysis Approach • Automated interface discovery algorithm is used to extract input parameter and domain information through analyzed source code • Each path slice is “symbolically executed” which uses symbolic values and input variables as opposed to concrete values 12

Example – SIMS Web Navigation Graph • constructed from source code as a directed graph where vertices = webpages and directed edges = transition between pages • May include input parameters and path conditions associated with transition • Paths from this graph can be used as a basis for test scenarios 13

Example – SIMS Generating Test Cases • Web Navigation Graph and Interfaces are used to generate test cases • Test Case = a path through the web navigation graph that has input values which satisfy path conditions • These input values are chosen based on the domain information found using the automated interface discovery algorithm 14

Conclusions • The static approach benefits automatic generation of test cases by providing: – more accurate interfaces of web application – More appropriate input parameter values for web forms – Better targeting by using domain information of input parameters to provide appropriate or inappropriate parameter values 15

References • Minghui Wang et al. “A Static Analysis Approach for Automatic • • Generating Test Cases for Web Applications, ” 2008 International Conference on Computer Science and Software Engineering William G. J. Halfond and Alessandro Orso, “Improving test case generation for Web applications using automated interface discovery”, ESEC/FSE’ 07 Sep. 3 -7, 2007, pp. 145 -154 Bin Zhu et al. “Testing a Web Application Involving Web Browser Interaction, ” 2009 10 th ACIS International Conference on Software Engineering, Artificial Intelligences, Networking and Parallel/Distributed Computing 16