1 / 22

Software Testing Group

Software Testing Group. Fault-based Combinatorial Testing of Web Services. Georgia Southern University, North Carolina State University (D)REU Interns 2009. Presented by: Bellanov Apilli, Lydia Richardson, & Cory Alexander. Outline. Motivation Problem Solution Background & Examples

birchk
Download Presentation

Software Testing Group

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Software Testing Group Fault-based Combinatorial Testing of Web Services Georgia Southern University, North Carolina State University (D)REU Interns 2009 Presented by: Bellanov Apilli, Lydia Richardson, & Cory Alexander

  2. Outline • Motivation • Problem • Solution • Background & Examples • Current Testing Techniques • Fault-Based Combinatorial Testing • Conclusion • References

  3. Motivation • The Internet houses diverse web applications, including: • Banking • Networking • Auctioning • Web applications are commonly deployed as web services • Web services allow for great flexibility

  4. Motivation Problem • Web services can be very complex in structure • Constantly updated • Addition of new features • Removal of features • Updating features • Difficult to assure quality

  5. Solution Solution • Web service testing • Exhaustive testing • Fault-based testing • Combinatorial testing • Validation Framework (iTac-Qos) • Fault-Based combinatorial testing

  6. Web Application Example • Web applications: • Are applications accessed via a web browser over a network • Receive input and produce output • Multiple web applications make up a web service • Having multiple applications makes web services flexible • Individual applications are updated as opposed to updating one large application • Web applications from different sources interact as a web service Usernames passwords Access to application

  7. Web Service Wrapping • Web services are built upon SOAP (Simple Object Access Protocol) • Allows the transfer of data in XML over the Internet • Enables diverse applications to interact • Different languages • Different operating systems • SOAP wraps inputs and outputs, converting them into input and output messages. • Message formats utilize XML • Messages are recognized by other web services

  8. WSDL (Web Service Description Language File) & UDDI (Universal Discovery and Integration) • WSDL defines the operands required for communication with another web service • Specifies methods web services use when communicated with other web services • UDDI specifications store information about web services, enabling them to interact • Location – where the service is deployed • Requirements - predefined rule sets (i.e., knowledge of certain inputs)

  9. Web Service Example • The user provides input and receives output • Only aspects visible to the user • Number of web applications in the service is unknown to the user, and maybe even to testers Client Accessing a Web Service

  10. Current Testing techniques

  11. Exhaustive Testing • Exhaustive Testing: • Suggests testing for every combination of inputs • May be impossible in testing all of a certain input (i.e., names) • May be too costly or time consuming to test for all inputs. • Considering complexity in web services, exhaustive approaches may be infeasible

  12. Combinatorial Testing • Test inputs are generated considering interactions between input parameters • Minimizes the number of tests by focusing on a certain number of interactions (i.e., 2-way) 2-way interaction 2-way interaction

  13. Fault-Based Testing • Fault-Based techniques have been applied as a means of testing web services. • Data perturbation • Messages modified based on predefined rules • Modified messages are sent to determine correct behavior • Requires access to WSDL file information • Detection of a fault implies that it cannot exist within the web service • Limited to white-box cases, where source code is available

  14. Validation Framework (iTac-Qos) • iTac Tests and Certifies Quality of Services: • Web services are registered, deployed, and evaluated on a server • Requires models of web services to generate tests • Models may not always be available

  15. Fault-based combinatorial testing

  16. Web Service Emulation: iTrust • iTrust: an application that helps patients keep up with their medical history • Prescription information • Office visits • Etc. • Role-based health care system • Through WSDL, we deploy iTrust as a web service

  17. Testing Framework • Monitor: monitors network traffic to and from the requesting machine • Requester: accesses the iTrust system • Traffic: generates random traffic, emulating the Internet. • iTrust: location of iTrust, deployed as web service

  18. Software • Operating System(s): • Ubuntu Operating System • Microsoft Windows XP • Web Service related software: • GlassFish – web application/service server • Apache Tomcat - implmentation of Java Servlet and JavaServer Page technologies (JSP) • Traffic – generates random network traffic

  19. Fault-based Combinatorial Testing • We combine fault-based and combinatorial testing techniques in order to expose faults in web services • A fault is introduced in an iTrust feature (i.e., falsifying input validation code) • Test cases, specific to the feature, are generated • Using a test oracle, where expected outputs for inputs are stored, we compare output from both faulty and non-faulty versions of the feature.

  20. Conclusion • Web services continuously grow in complexity throughout their lifetime • Web service testing is required to assure quality • iTrust handles very sensitive information, thus quality must be ensured • Combinatorial testing of web services may be in its infancy • By combining both fault-based and combinatorial testing techniques, our approach may be better able to assess and evaluate web services

  21. References [1] M. Gudgin, M. Hadley, N. Mendelsohn, J. Moreau, H. Nielsen, A. Karmarkar, and Y. Lafon. Soap version 1.2. http://www.w3.org/TR/soap12-part1/, 2007. [2] D. Kuhn, D. Wallace, and A. G. Jr. Software fault interactions and implications for software testing. IEEE Transactions on Software Engineering, 30:418–421, 2004. [3] C. Mao. Performing combinatorial testing on web service-based software. In IEEE International Conference on Computer Science and Software Engineering, pages 755–758, Nanchang, China, 2008. IEEE Computer Society [4] J. Offutt and W. Xu. Generating test cases for web services using data perturbation. SIGSOFT Softw. Eng. Notes, 29(5):1–10, 2004.

  22. References [5] V. Pretre, F. Bouquet, and C. Lang. Automating uml models merge for web services testing. In iiWAS ’08: Proceedings of the 10th International Conference on Information Integration and Web-based Applications & Services, pages 55–62, New York, NY, USA, 2008. ACM [6] N. C. S. U. RealSearch Research Group. itrust: Role-based healthcare v7.0.1n. http: //agile.csc.ncsu.edu/iTrust/wiki/doku.php, 2008. [7] O. U. specification TC. Uddi version 3.0.2. http://uddi.org/pubs/uddi_v3.htm, 2005 [8] W. Vogels. Web services are not distributed objects. Web services are not distributed objects, 7:59–66, 2003.

More Related