Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Unique Aspects of Web Applications

Published byMerryl Norris Modified over 6 years ago

Similar presentations

Presentation on theme: "Introduction to Unique Aspects of Web Applications"— Presentation transcript:

1 Introduction to Unique Aspects of Web Applications
Jeff Offutt SWE 737 Advanced Software Testing

2 Motivation and example failures
OUTLINE Motivation and example failures SWE 737 © Jeff Offutt

3 Software is a Skin that Surrounds Our Civilization
Quote due to Dr. Mark Harman SWE 737 © Jeff Offutt

4 Costly Software Failures
“The Economic Impacts of Inadequate Infrastructure for Software Testing” Inadequate software testing costs the US alone between $22 and $59 billion USD annually Better testing could cut this amount in half 2006 : Amazon’s BOGO offer became a double discount 2007 : Symantec says that most security vulnerabilities are now due to faulty software And more than half are in web applications Huge losses due to web application failures Financial services : $6.5 million per hour (just in USA!) Credit card sales applications : $2.4 million per hour (in USA) World-wide monetary loss due to poor software is staggering SWE 737 © Jeff Offutt

5 Cost Of Late Testing 60 50 40 30 20 10 Requirements Design
Fault origin (%) Fault detection (%) Unit cost (X) 28-Oct-2010, at GTAC, added the animation to demonstrate increasing the number of faults found early, thereby decreasing the number of faults found late, and finally saving money. Lots of it! This animation is fairly complicated … must practice first!! Requirements Design Prog / Unit Test Integration Test System Test Production Software Engineering Institute; Carnegie Mellon University; Handbook CMU/SEI-96-HB-002 SWE 737 © Jeff Offutt

6 Yikes, did they take my money or not?
Example Failure 1 Yikes, did they take my money or not? July 2013 © J Offutt

7 Why should I trust you enough to try again?
Example Failure 2 Why should I trust you enough to try again? SWE 737 © Jeff Offutt

8 Oh yeah?? I’m definitely pushing BACK !
Example Failure 3 Oh yeah?? I’m definitely pushing BACK ! SWE 737 © Jeff Offutt

9 Unique aspects of web applications
OUTLINE Unique aspects of web applications SWE 737 © Jeff Offutt

10 Software Deployment Methods
Bundled : On your computer when you buy it Shrink-wrapped : Bought at a store on a CD Downloaded from company’s website or OSS site Contract : Single customer Embedded : Installed on an electronic device Web application : On the web through a URL Component-based Concurrent / distributed Users access same version on the server Can be updated at any time (fast update cycle) User interactive SWE 737 © Jeff Offutt

11 Server Side Processing
HTTP Request data Web server UI implemented in a browser Container engine Program components Client Server HTML HTTP Response SWE 737 © Jeff Offutt

12 Web Software Container Engine
Web App 1 Web App 2 C2a C1a C2b C1b C2d C1c C2c Shared memory Shared memory Shared memory SWE 737 © Jeff Offutt

13 Tracking State Information
The initial versions of the web suffered from a lack of state: HTML Form Data Info HTML Page Server If you wanted multiple screens, there was no way for data to be accumulated or stored D1 D1+D2+D3 Form1 Form2 Form3 Server Form4 D1+D2 D1+D2+D3+D4 July 2013 © J Offutt

14 Session Tracking Web applications must maintain user states
This is called session tracking July 2013 © J Offutt

15 HTTP is connectionless
Session Tracking (2) Session: A series of related interactions between a client and a web server (similar to a use case) Session tracking refers to keeping data between multiple HTTP requests This problem is essential to maintaining state, which we understand quite well in the context of traditional procedural programming and object-oriented programming The Web brings in unique constraints HTTP is connectionless Distributed July 2013 © J Offutt

16 Issues with Programming Web Apps
Control flow State management and variable scope SWE 737 © Jeff Offutt

17 Traditional Control Flow
Method / function calls Decisions – if, while, for, repeat-until, switch, … Static includes – other code pulled in before compiling OO languages Some dynamic binding via polymorphism Client / Server Message passing SWE 737 © Jeff Offutt

18 Web App Control Flow Same as traditional – Software on server and client Message passing : Synchronous – Client to server via HTTP Asynchronous – Client to server via Ajax Event handling – on the client Forward – Transfers control from one server component to another, no return Redirect – Ask client to send request elsewhere Operational transitions – URL rewriting, back, forward, … Dynamic include – Control passes to another component, then returns, no parameters Dynamic binding – Reflection allows new components SWE 737 © Jeff Offutt

19 Ramifications The traditional control flow graph does not model essential parts of web app execution ! UML diagrams do not model many of these Most developers learn the syntax, but not the concepts behind these new control connections Lots of poorly designed software … and lots and lots of poorly understood software faults ! SWE 737 © Jeff Offutt

20 State Management and Variable Scope
HTTP is stateless Connections between clients and web servers are not maintained Each request is independent Control flow repeatedly goes through the client How can the software keep track of multiple requests from the same user ? Container engines maintain session data SWE 737 © Jeff Offutt

21 Sessions—Big Picture Web Server Client 1 Client 2 Time Time HTTP Request HTTP Request HTTP Response Session ID = 0347 HTTP Response Session ID = 4403 Server returns a new unique session ID when the request has none HTTP Request HTTP Request Session ID = 0347 Session ID = 4403 HTTP Response HTTP Response HTTP Request Session ID = 0347 HTTP Request Session ID = 4403 HTTP Response HTTP Response SWE 737 © Jeff Offutt

22 Sessions—Big Picture Web Server Client 1 Client 2 Time Time HTTP Request HTTP Request HTTP Response Session ID = 0347 HTTP Response Session ID = 4403 HTTP Request HTTP Request Session ID = 0347 Client stores the ID and sends it to the server in subsequent requests Session ID = 4403 HTTP Response HTTP Response HTTP Request Session ID = 0347 HTTP Request Session ID = 4403 Server recognizes these requests as being from a different client. Server recognizes all the requests as being from the same client. This defines a session. HTTP Response HTTP Response SWE 737 © Jeff Offutt

23 Sharing Data : Session Object
One program component can store a value in the session object Another component can retrieve, use, and modify the value Depends on the container engine: Software components run as threads, not processes Container engine stays resident and can keep shared memory Different programs can share data through the context object SWE 737 © Jeff Offutt

24 Sharing Data with Scope (JSP)
application session request page forward request Client 1 request request page forward Client 2 request page SWE 737 © Jeff Offutt

25 Control Flow and State Summary
Managing state and control flow is fundamental to any program These are the most unique aspects of designing and programming web applications Software vendors are creating new frameworks all the time Most introduce additional state handling techniques Many professional web developers make fundamental mistakes with state and control ! State management is the most common source of software faults in web applications SWE 737 © Jeff Offutt

26 Conclusions The Web provides a new way to deploy software
The new technologies means that old testing techniques do not work very well New tools and techniques are being developed Most are still in the research stage Most companies test web software very badly SWE 737 © Jeff Offutt

27 References Modeling Presentation Layers of Web Applications for Testing, Jeff Offutt and Ye Wu, Springer’s Software and Systems Modeling, 9(2), April 2010 Applying Mutation Testing to Web Applications, Upsorn Praphamontripong and Jeff Offutt. Sixth Workshop on Mutation Analysis (Mutation 2010), April 2010, Paris, France Testing Web Applications by Modeling with FSMs, Anneliese Andrews, Jeff Offutt and Roger Alexander, Springer’s Software Systems and Modeling, 4(3): , July 2005 Quality Attributes of Web Software Applications, Jeff Offutt, IEEE Software: Special Issue on Software Engineering of Internet Software, March/April 2002 SWE 737 © Jeff Offutt

Download ppt "Introduction to Unique Aspects of Web Applications"

Similar presentations

Cutting Edge Research in Engineering of Web Applications Part 2 What is Different about Engineering Web Apps? Jeff Offutt Professor of Software Engineering.

Cutting Edge Research in Engineering of Web Applications Part 2 What is Different about Engineering Web Apps? Jeff Offutt Professor of Software Engineering.
Introduction to Software Testing Chapter 9.3 Challenges in Testing Software Test Criteria and the Future of Testing Paul Ammann & Jeff Offutt

Introduction to Software Testing Chapter 9.3 Challenges in Testing Software Test Criteria and the Future of Testing Paul Ammann & Jeff Offutt
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
269200 Web Programming Language Dr. Ken Cosh Week 1 (Introduction)

Web Programming Language Dr. Ken Cosh Week 1 (Introduction)
WebQuilt and Mobile Devices: A Web Usability Testing and Analysis Tool for the Mobile Internet Tara Matthews Seattle University April 5, 2001 Faculty Mentor:

WebQuilt and Mobile Devices: A Web Usability Testing and Analysis Tool for the Mobile Internet Tara Matthews Seattle University April 5, 2001 Faculty Mentor:
Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.

Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.
Sys Prog & Scripting - HW Univ1 Systems Programming & Scripting Lecture 15: PHP Introduction.

Sys Prog & Scripting - HW Univ1 Systems Programming & Scripting Lecture 15: PHP Introduction.
INTRODUCTION TO WEB DATABASE PROGRAMMING

INTRODUCTION TO WEB DATABASE PROGRAMMING
FALL 2005CSI 4118 – UNIVERSITY OF OTTAWA1 Part 4 Web technologies: HTTP, CGI, PHP,Java applets)

FALL 2005CSI 4118 – UNIVERSITY OF OTTAWA1 Part 4 Web technologies: HTTP, CGI, PHP,Java applets)
Architecture Of ASP.NET. What is ASP?  Server-side scripting technology.  Files containing HTML and scripting code.  Access via HTTP requests.  Scripting.

Architecture Of ASP.NET. What is ASP?  Server-side scripting technology.  Files containing HTML and scripting code.  Access via HTTP requests.  Scripting.
ABSTRACT Zirous Inc. is a growing company and they need a new way to track who their employees working on various different projects. To solve the issue.

ABSTRACT Zirous Inc. is a growing company and they need a new way to track who their employees working on various different projects. To solve the issue.
Testing Dynamic Aspects of Web Applications Jeff Offutt Professor, Software Engineering George Mason University Fairfax, VA USA

Testing Dynamic Aspects of Web Applications Jeff Offutt Professor, Software Engineering George Mason University Fairfax, VA USA
Chapter 16 The World Wide Web. 16-2 Chapter Goals Compare and contrast the Internet and the World Wide Web Describe general Web processing Describe several.

Chapter 16 The World Wide Web Chapter Goals Compare and contrast the Internet and the World Wide Web Describe general Web processing Describe several.
About Dynamic Sites (Front End / Back End Implementations) by Janssen & Associates Affordable Website Solutions for Individuals and Small Businesses.

About Dynamic Sites (Front End / Back End Implementations) by Janssen & Associates Affordable Website Solutions for Individuals and Small Businesses.
IT533 Lectures Session Management in ASP.NET. Session Tracking 2 Personalization Personalization makes it possible for e-businesses to communicate effectively.

IT533 Lectures Session Management in ASP.NET. Session Tracking 2 Personalization Personalization makes it possible for e-businesses to communicate effectively.
Quality Attributes of Web Software Applications – Jeff Offutt By Julia Erdman SE 510 October 8, 2003.

Quality Attributes of Web Software Applications – Jeff Offutt By Julia Erdman SE 510 October 8, 2003.
Advanced Web Forms with Databases Programming Right from the Start with Visual Basic.NET 1/e 13.

Advanced Web Forms with Databases Programming Right from the Start with Visual Basic.NET 1/e 13.
11/16/2012ISC329 Isabelle Bichindaritz1 Web Database Application Development.

11/16/2012ISC329 Isabelle Bichindaritz1 Web Database Application Development.
J2EE Structure & Definitions Catie Welsh CSE 432

J2EE Structure & Definitions Catie Welsh CSE 432
DEV-5: Introduction to WebSpeed ® Stephen Ferguson Sr. Training Program Manager.

DEV-5: Introduction to WebSpeed ® Stephen Ferguson Sr. Training Program Manager.

Similar presentations

Ads by Google