2018
Autores
de Araújo, PJM; Paiva, ACR;
Publicação
Proceedings of the 6th International Conference on Model-Driven Engineering and Software Development, MODELSWARD 2018, Funchal, Madeira - Portugal, January 22-24, 2018.
Abstract
This paper presents a Pattern Based Testing approach for testing security aspects of the applications under test (AUT). It describes the two security patterns which are the focus of this work (“Account Lockout” and “Authentication Enforcer”) and the test strategies implemented to check if the applications are vulnerable or not regarding these patterns. The PBST (Pattern Based Security Testing) overall approach has two phases: exploration (to identify the web pages of the application under test) and testing (to execute the test strategies developed in order to detect vulnerabilities). An experiment is presented to validate the approach over five public web applications. The goal is to assess the behavior of the tool when varying the upper limit of pages to visit and assess its capacity to find real vulnerabilities. The results are promising. Indeed, it was possible to check that the vulnerabilities detected corresponded to real security problems. Copyright
2018
Autores
da Silva, AR; Paiva, ACR; da Silva, VER;
Publicação
Proceedings of the 6th International Conference on Model-Driven Engineering and Software Development, MODELSWARD 2018, Funchal, Madeira - Portugal, January 22-24, 2018.
Abstract
This paper introduces the TSL language (short name for “Test Specification Language”) that intends to improve the test specification of information systems in a systematic, rigorous and consistent way. TSL specifications are produced from close requirement specifications expressed in the RSL language (Requirements Specification Language). Both RSL and TSL support human-readable executable specifications closer to natural language than models usually used in model-based testing approaches. TSL includes several constructs logically arranged into views according to multiple testing engineering strategies, commonly found in the information systems domain, such as: data entity tests and state machine tests, all of them produced from equivalent requirement specification in RSL. A case study is also presented to illustrate the proposed approach.
2018
Autores
Paiva, ACR; Flores, NH; Faria, JP; Marques, JMG;
Publicação
The 9th International Conference on Ambient Systems, Networks and Technologies (ANT 2018) / The 8th International Conference on Sustainable Energy Information Technology (SEIT 2018) / Affiliated Workshops, May 8-11, 2018, Porto, Portugal
Abstract
Business Process Testing is the act of validating that end-to-end transactions through enterprise systems continue to work correctly as the underlying packaged applications evolve. End-to-end automatic business process validation can be a challenging task, but an important way to check that business rules continue to work properly and that problems are detected and corrected as soon as possible. This paper presents the design of a test automation platform, ETAP-Pro, to test end-to-end business processes that aims to overcome some challenges in validating business processes. © 2018 The Authors. Published by Elsevier B.V.
2018
Autores
Dias, JP; Couto, F; Paiva, ACR; Ferreira, HS;
Publicação
2018 IEEE 11TH INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION WORKSHOPS (ICSTW)
Abstract
Systems are error-prone. Big systems have lots of errors. The Internet-of-Things poses us one of the biggest and widespread systems, where errors directly impact people's lives. Testing and validating is how one deals with errors; but testing and validating a planetary-scale, heterogeneous, and ever-growing ecosystem has its own challenges and idiosyncrasies. As of today, the solutions available for testing these systems are insufficient and fragmentary. In this paper we provide an overview on test approaches, tools and methodologies for the Internet-of-Things, its software and its devices. Our conclusion is that we are still lagging behind on the best practices and lessons learned from the Software Engineering community in the past decades.
2018
Autores
Morgado, IC; Paiva, ACR;
Publicação
SOFTWARE QUALITY JOURNAL
Abstract
This paper presents a tool (iMPAcT) that automates testing of mobile applications based on the presence of recurring behaviour, UI Patterns. It combines reverse engineering, pattern matching and testing. The reverse engineering process is responsible for crawling the application, i.e. analysing the state of the application and interacting with it by firing events. The pattern matching tries to identify the presence of UI patterns based on a catalogue of patterns. When a UI Pattern from the catalogue is detected, a test strategy is applied (testing). These test strategies are called UI Test Patterns. These three phases work in an iterative way: the patterns are identified and tested between firing of events, i.e. the process alternates between exploring the application and testing the UI Patterns. The process is dynamic and fully automatic not requiring any previous knowledge about the application under test. This paper presents the results of an experiment studying the reliability of the results obtained by iMPAcT. The experiment involved 25 applications found on Google Play Store and concludes that iMPAcT is successful in identifying failures in the tested patterns and that the degree of certainty of an identified failure being an actual failure is high.
2018
Autores
Silva, P; Paiva, ACR; Restivo, A; Garcia, JE;
Publicação
2018 11TH INTERNATIONAL CONFERENCE ON THE QUALITY OF INFORMATION AND COMMUNICATIONS TECHNOLOGY (QUATIC)
Abstract
Nowadays, web applications play an important role in our society and in the business world. Many companies earn a large part of their revenues through web applications that provide support services that must be maintained and improved over time. Most of these services operate on a large scale and are in constant change due to the environment in which they operate and due to the rapid technological evolution as we strive to improve our everyday lives. Due to this constantly changing environment, it is difficult to estimate the impact of changes; to maintain the software requirements documents updated; and to build and maintain a test suit for regression testing. Regression tests must be updated continually in order to test the current behavior after requested changes are implemented. REQAnalytics is a tool that aims to solve these problems. This paper presents REQAnalytics and an extension to generate test cases from the usage of a SaaS platform in order to diminish the effort in building and maintaining regression tests that are useful to check if the SaaS platform remains working as expected.
The access to the final selection minute is only available to applicants.
Please check the confirmation e-mail of your application to obtain the access code.