Deriving Test Data for Web Applications from User Session Logs

Slides:

Advertisements

Similar presentations

Data Flow Coverage. Reading assignment L. A. Clarke, A. Podgurski, D. J. Richardson and Steven J. Zeil, "A Formal Evaluation of Data Flow Path Selection.

Advertisements

Testing and Quality Assurance

November 5, 2007 ACM WEASEL Tech Efficient Time-Aware Prioritization with Knapsack Solvers Sara Alspaugh Kristen R. Walcott Mary Lou Soffa University of.

Of 23 Generating Automated Tests from Behavioral Models Jeff Offutt (Research with Dr. Nan Li, currently with MediData Solutions) Software Engineering.

Prioritizing User-session-based Test Cases for Web Applications Testing Sreedevi Sampath, Renne C. Bryce, Gokulanand Viswanath, Vani Kandimalla, A.Gunes.

Hiperspace Lab University of Delaware Antony, Sara, Mike, Ben, Dave, Sreedevi, Emily, and Lori.

SE 450 Software Processes & Product Metrics Reliability: An Introduction.

An Experimental Evaluation on Reliability Features of N-Version Programming Xia Cai, Michael R. Lyu and Mladen A. Vouk ISSRE’2005.

User-session based Testing of Web Applications. Two Papers l A Scalable Approach to User-session based Testing of Web Applications through Concept Analysis.

© Copyright , Blue Martini Software. San Mateo California, USA 1 1 Integrating E-Commerce and Data Mining: Architecture and Challenges Llew Mason.

Composing a Framework to Automate Testing of Operational Web-Based Software Reham Alhejiali, Chris Cederstrom, Ranjitha Kashyap.

State coverage: an empirical analysis based on a user study Dries Vanoverberghe, Emma Eyckmans, and Frank Piessens.

Test coverage Tor Stålhane. What is test coverage Let c denote the unit type that is considered – e.g. requirements or statements. We then have C c =

Lucent Technologies – Proprietary Use pursuant to company instruction Learning Sequential Models for Detecting Anomalous Protocol Usage (work in progress)

AMOST Experimental Comparison of Code-Based and Model-Based Test Prioritization Bogdan Korel Computer Science Department Illinois Institute of Technology.

Introduction to Software Testing Chapter 2.3 Graph Coverage for Source Code Paul Ammann & Jeff Offutt

©2010 John Wiley and Sons Chapter 12 Research Methods in Human-Computer Interaction Chapter 12- Automated Data Collection.

WebVizOr: A Fault Detection Visualization Tool for Web Applications Goal: Illustrate and evaluate the uses of WebVizOr, a new tool to aid web application.

Introduction to Software Testing Chapter 8.1 Building Testing Tools –Instrumentation Paul Ammann & Jeff Offutt

Software Metrics and Reliability. Definitions According to ANSI, “ Software Reliability is defined as the probability of failure – free software operation.

Paul Ammann & Jeff Offutt

Comparing model-based and dynamic event-extraction based GUI testing techniques : An empirical study Gigon Bae, Gregg Rothermel, Doo-Hwan Bae The Journal.

Improvements in Skill of CPC Outlooks Ed O’Lenic and Ken Pelman, NOAA-NWS-Climate Prediction Center 33rd Climate Diagnostics and Prediction Workshop, October.

2007 MIT BAE Systems Fall Conference: October Software Reliability Methods and Experience Dave Dwyer USA – E&IS baesystems.com.

1 Phase Testing. Janice Regan, For each group of units Overview of Implementation phase Create Class Skeletons Define Implementation Plan (+ determine.

Main Title Slide Software Reliability Estimates/ Projections, Cumulative & Instantaneous - Dave Dwyer With help from: Ann Marie Neufelder, John D. Musa,

Introduction to Performance Testing Performance testing is the process of determining the speed or effectiveness of a computer, network, software program.

Towards Defining and Exploiting Similarities in Web Application Use Cases through User Session Analysis Sreedevi Sampath, University of Delaware Amie Souter,

A PRELIMINARY EMPIRICAL ASSESSMENT OF SIMILARITY FOR COMBINATORIAL INTERACTION TESTING OF SOFTWARE PRODUCT LINES Stefan Fischer Roberto E. Lopez-Herrejon.

Testing Integral part of the software development process.

1 Visual Computing Institute | Prof. Dr. Torsten W. Kuhlen Virtual Reality & Immersive Visualization Till Petersen-Krauß | GUI Testing | GUI.

Experience Report: System Log Analysis for Anomaly Detection

Usability Overview Upsorn Praphamontripong CS

PREPARED BY G.VIJAYA KUMAR ASST.PROFESSOR

COTS testing Torbjørn Skramstad.

Paul Ammann & Jeff Offutt

Software Metrics and Reliability

Regression Testing with its types

Using Mutation Analysis to Test Web Applications

Generating Automated Tests from Behavior Models

Security SIG in MTS 05th November 2013 DEG/MTS RISK-BASED SECURITY TESTING Fraunhofer FOKUS.

Paul Ammann & Jeff Offutt

Matthias Schrepfer Matthias Kunze Gunnar Obst Juliane Siegeris

Software Reliability Definition: The probability of failure-free operation of the software for a specified period of time in a specified environment.

Web Software Model CS 4640 Programming Languages for Web Applications

The Atomic Section Model

Web Engineering.

Design Metrics Software Engineering Fall 2003

Design Metrics Software Engineering Fall 2003

COTS testing Tor Stålhane.

Design and Maintenance of Web Applications in J2EE

Chapter 12: Automated data collection methods

Introduction to Software Testing Chapter 2 Model-Driven Test Design

Using Servlet Contexts to Deploy Servlets

Systematic Software Testing Techniques: Combinatorial Testing

Software Engineering Experimentation

Fabiano Ferrari Software Engineering Federal University of São Carlos

Sergiy Vilkomir January 20, 2012

Evaluating Transaction System Performance

Introduction to Servlets

Test coverage Tor Stålhane.

Scope and State Handling in Java Server Pages

Review for Final Exam Spring 2018

George Mason University

State Handling CS 4640 Programming Languages for Web Applications

[Based in part on SWE 432 and SWE 632 materials by Jeff Offutt, GMU]

Paul Ammann & Jeff Offutt

Error Handling in Java Servlets

State Handling CS 4640 Programming Languages for Web Applications

Review for Final Exam Spring 2017

Presentation transcript:

Deriving Test Data for Web Applications from User Session Logs Jeff Offutt SWE 737 Advanced Software Testing

User-Session Testing User session : A collection of user requests in the form of URL and name-value pairs Stored in logs on the server The name-value pairs are stored in logs on the server User sessions to tests : Each logged request is turned into an HTTP request Automated with a tool like HTTPUnit or Selenium SWE 737 © Jeff Offutt

User-Session Testing Example An efficient way to generate tests Empirical studies have found success in finding faults SWE 737 © Jeff Offutt

Issues and Problems Hard to scale with large numbers of user sessions Tends to create “happy path tests,” not exceptional or unusual cases SWE 737 © Jeff Offutt

1. Prioritizing Large Numbers of Tests Researchers have tried to put tests in priority order according to various criteria Semantic differences between programs Coverage of test requirements Fault exposure potential Likelihood of a fault occurring Length (or size) of tests SWE 737 © Jeff Offutt

Criteria by Sampath et al. Length-Based Base Request Long to Short (Req-LtoS) Base Request Short to Long (Req-StoL) Parameter Value Long to Short (PV-LtoS) Parameter Value Short to Long (PV-StoL) Frequency-Based Most Frequently Accessed Sequence (MFAS) All Accessed Sequences (AAS) Parameter Value Coverage Unique Coverage of Parameter Values (1-way) 2-way Parameter-Value Interaction Coverage (2-way) SWE 737 © Jeff Offutt

Length-Based Prioritization Order by the number of HTTP base requests in a test case Length of a test case is the number of base requests the test case contains (counting duplicates) Descending order of length (Req-LtoS) Ascending order of length (Req-StoL) SWE 737 © Jeff Offutt

Length-Based Prioritization Order tests by the number of parameters PV-LtoS: Longest parameter list to shortest PV-StoL: Shortest parameter list to longest SWE 737 © Jeff Offutt

Frequency-Based Prioritization Order the pages (JSPs and Servlets) in terms of how many times they are accessed Prioritize tests that cover pages that are more frequently accessed (1-way) Also order pages that are used in sequences of length 2 (pairs, 2-way) SWE 737 © Jeff Offutt

Parameter Value Coverage Prioritization Unique Coverage of Parameter Values (1-way) Select the next test that maximizes the number of parameter-value pairs that have NOT been used Example (blue is new PV pairs): SWE 737 © Jeff Offutt

Parameter Value Coverage Prioritization Parameter-Value Interaction Coverage (2-way) Select the next test that maximizes the number of 2-way parameter-value interactions between pages that occur in some test SWE 737 © Jeff Offutt

Experimental Evaluation (Sampath 2008) Basis for evaluation: Fault detection rate Average percent of faults detected Execution time of the test suite Subject applications: Book—e-commerce bookstore CPM—create grader accounts for TA Masplas—web app for regional workshop SWE 737 © Jeff Offutt

Evaluation Metrics Rate of fault detection Finding the most faults in the first 10% of tests executed Percent tests needed to find all faults Average percentage of faults detected By all tests SWE 737 © Jeff Offutt

Types of Faults Seeded Data Store—faults that exercise code interacting with data Logical—code logic errors in control flow Form-based Appearance—change in perceiving user’s view of the page Links—change of hyperlink locations SWE 737 © Jeff Offutt

Results Summary Book CPM Masplas Finding the most faults in 10% of tests 1-way parameter value interaction All accessed sequences (AAS) Base request long to short (Req-LtoS) Find all the faults with fewest tests 1-way and most frequently accessed sequence (MFAS) 2-way parameter value interaction SWE 737 © Jeff Offutt

Conclusions Study did not determine which is best. Probably depends on the app. Almost everything was better than random SWE 737 © Jeff Offutt

2. Testing Exceptional and Unusual Situations Literature identified two problems (reference [1], Sampath 2008) Scalability Tests focus on “happy paths” I couldn’t find any publications that address the happy path problem SWE 737 © Jeff Offutt

References Prioritizing User-session-based Test Cases for Web Applications Testing, Sreedevi Sampath, Renée Bryce, Gokulanand Viswanath, Vani Kandimalla, and Güneş Koru, First International Conference on Software Testing, Verification, and Validation, April 2008 Automated Replay and Failure Detection for Web Applications, Sara Sprenkle, Emily Gibson, Sreedevi Sampath, and Lori Pollock, International Conference of Automated Software Engineering, November 2005 Web Application Testing with Customized Test Requirements—An Experimental Comparison Study, Sreedevi Sampath, Sara Sprenkle, Emily Gibson, and Lori Pollock, International Symposium on Software Reliability Engineering, November 2006 Applying Concept Analysis to User-Session-Based Testing of Web Applications, Sreedevi Sampath, Sara Sprenkle, Emily Gibson, Lori Pollock, and A. S. Greenwald, IEEE Transactions on Software Engineering, 33(10):643-658, October 2007 SWE 737 © Jeff Offutt