Software Testing Group Faultbased Combinatorial Testing of Web
Software Testing Group Fault-based Combinatorial Testing of Web Services Georgia Southern University, North Carolina State University (D)REU Interns 2009 Presented by: Bellanov Apilli, Lydia Richardson, & Cory Alexander
Outline Motivation Problem Solution Background & Examples Current Testing Techniques Fault-Based Combinatorial Testing Conclusion References
Motivation The Internet houses diverse web applications, including: ◦ Banking ◦ Networking ◦ Auctioning Web applications are commonly deployed as web services ◦ Web services allow for great flexibility
Motivation Problem Web services can be very complex in structure ◦ Constantly updated ◦ Addition of new features ◦ Removal of features ◦ Updating features ◦ Difficult to assure quality
Solution Web service testing ◦ ◦ ◦ Exhaustive testing Fault-based testing Combinatorial testing Validation Framework (i. Tac-Qos) Fault-Based combinatorial testing
Web Application Example Usernames passwords Web Access to applications: ◦ Are applications accessed via a web browser over a network ◦ Receive input and produce output Multiple web applications make up a web service ◦ Having multiple applications makes web services flexible Individual applications are updated as opposed to updating one large application ◦ Web applications from different sources interact as a web service
Web Service Wrapping Web services are built upon SOAP (Simple Object Access Protocol) SOAP wraps inputs and outputs, converting them into input and output messages. Message formats utilize XML Messages are recognized by other ◦ Allows the transfer of data in XML over the Internet ◦ Enables diverse applications to interact Different languages Different operating systems
WSDL (Web Service Description Language File) & UDDI (Universal Discovery and Integration) WSDL defines the operands required for communication with another web service ◦ Specifies methods web services use when communicated with other web services UDDI specifications store information about web services, enabling them to interact ◦ Location – where the service is deployed ◦ Requirements - predefined rule sets (i. e. ,
Web Service Example The user provides input and receives output ◦ Only aspects visible to the user Number of web applications in the service is unknown to the user, and maybe even to testers Client Accessing a Web Service
CURRENT TESTING TECHNIQUES
Exhaustive Testing: ◦ Suggests testing for every combination of inputs ◦ May be impossible in testing all of a certain input (i. e. , names) ◦ May be too costly or time consuming to test for all inputs. Considering complexity in web services, exhaustive approaches may be infeasible
Combinatorial Testing Test inputs are generated considering interactions between input parameters Minimizes the number of tests by focusing on a certain number of interactions (i. e. , 2 way) 2 -way interaction Name Birthday Interests Cory 1/1/2009 boxing Lydia 2/2/2009 golf Bellanov 6/6/2009 sports
Fault-Based Testing Fault-Based techniques have been applied as a means of testing web services. ◦ Data perturbation Messages modified based on predefined rules Modified messages are sent to determine correct behavior Requires access to WSDL file information ◦ Detection of a fault implies that it cannot exist within the web service ◦ Limited to white-box cases, where source
Validation Framework (i. Tac-Qos) i. Tac Tests and Certifies Quality of Services: ◦ Web services are registered, deployed, and evaluated on a server ◦ Requires models of web services to generate tests Models may not always be available
FAULT-BASED COMBINATORIAL TESTING
Web Service Emulation: i. Trust: an application that helps patients keep up with their medical history ◦ Prescription information ◦ Office visits ◦ Etc. Role-based health care system Through WSDL, we deploy i. Trust as a web service
Testing Framework Monitor: monitors network traffic to and from the requesting machine Requester: accesses the i. Trust system Traffic: generates random traffic, emulating the Internet. i. Trust: location of i. Trust, deployed as web service
Software Operating System(s): ◦ Ubuntu Operating System ◦ Microsoft Windows XP Web Service related software: ◦ Glass. Fish – web application/service server ◦ Apache Tomcat - implmentation of Java Servlet and Java. Server Page technologies (JSP) ◦ Traffic – generates random network traffic
Fault-based Combinatorial Testing We combine fault-based and combinatorial testing techniques in order to expose faults in web services A fault is introduced in an i. Trust feature (i. e. , falsifying input validation code) Test cases, specific to the feature, are generated Using a test oracle, where expected outputs for inputs are stored, we compare output from both faulty and non-faulty versions of the feature.
Conclusion Web services continuously grow in complexity throughout their lifetime ◦ Web service testing is required to assure quality i. Trust handles very sensitive information, thus quality must be ensured Combinatorial testing of web services may be in its infancy ◦ By combining both fault-based and combinatorial testing techniques, our approach may be better able to assess and evaluate web services
References [1] M. Gudgin, M. Hadley, N. Mendelsohn, J. Moreau, H. Nielsen, A. Karmarkar, and Y. Lafon. Soap version 1. 2. http: //www. w 3. org/TR/soap 12 -part 1/, 2007. [2] D. Kuhn, D. Wallace, and A. G. Jr. Software fault interactions and implications for software testing. IEEE Transactions on Software Engineering, 30: 418– 421, 2004. [3] C. Mao. Performing combinatorial testing on web service-based software. In IEEE International Conference on Computer Science and Software Engineering, pages 755– 758, Nanchang, China, 2008. IEEE Computer Society [4] J. Offutt and W. Xu. Generating test cases for web services using data perturbation. SIGSOFT Softw. Eng. Notes, 29(5): 1– 10, 2004.
References [5] V. Pretre, F. Bouquet, and C. Lang. Automating uml models merge for web services testing. In ii. WAS ’ 08: Proceedings of the 10 th International Conference on Information Integration and Web-based Applications & Services, pages 55– 62, New York, NY, USA, 2008. ACM [6] N. C. S. U. Real. Search Research Group. itrust: Role-based healthcare v 7. 0. 1 n. http: //agile. csc. ncsu. edu/i. Trust/wiki/doku. php, 2008. [7] O. U. specification TC. Uddi version 3. 0. 2. http: //uddi. org/pubs/uddi_v 3. htm, 2005 [8] W. Vogels. Web services are not distributed objects, 7: 59– 66, 2003.
- Slides: 22