| 421 | William Bill Langdon and Mark Harman and Yue Jia
Multi Objective Mutation Testing With Genetic Programming
Proceedings of the Genetic and Evolutionary Computation Conference 2009 (GECCO'09)Montr\'eal, Canada, 8-12 July 2009. |
|
| | Abstract: Mutation testing is a powerful software engineering technique for fault finding. It works by injecting known faults (mutations) into software and seeing if the test suite finds them. It remains very expensive and the few valuable traditional mutants that resemble real faults are mixed in with many others that denote unrealistic faults. The expense and lack of realism inhibit industrial uptake of mutation testing. Genetic programming searches the space of complex faults to find realistic higher order mutants. Despite the much larger search space, we have found mutants composed of multiple changes to the C source code that challenge the tester and which cannot be represented in the first order space. |
| | @INPROCEEDINGS{LangdonHJ09,
author = {William Bill Langdon and Mark Harman and Yue Jia},
title = {Multi Objective Mutation Testing With Genetic Programming},
booktitle = {Proceedings of the Genetic and Evolutionary Computation Conference 2009 (GECCO'09)},
year = {2009},
address = {Montr\'eal, Canada},
month = {8-12 July},
pages = {}
} |
| 422 | William Bill Langdon and Mark Harman and Yue Jia
Multi Objective Higher Order Mutation Testing With Genetic Programming
Proceedings of the 4th Testing: Academic and Industrial Conference - Practice and Research (TAIC PART'09)Windsor, UK, 4-6 September 2009. |
|
| | Abstract: Mutation testing is a powerful software engineering technique for fault finding. It works by injecting known faults (mutations) into software and seeing if the test suite finds them. It remains very expensive and the few valuable traditional mutants that resemble real faults are mixed in with many others that denote unrealistic faults. The expense and lack of realism inhibit industrial uptake of mutation testing. Genetic programming searches the space of complex faults to find realistic higher order mutants. Despite the much larger search space, we have found mutants composed of multiple changes to the C source code that challenge the tester and which cannot be represented in the first order space. |
| | @INPROCEEDINGS{LangdonHJ09a,
author = {William Bill Langdon and Mark Harman and Yue Jia},
title = {Multi Objective Higher Order Mutation Testing With Genetic Programming},
booktitle = {Proceedings of the 4th Testing: Academic and Industrial Conference - Practice and Research (TAIC PART'09)},
year = {2009},
address = {Windsor, UK},
month = {4-6 September},
pages = {}
} |
| 423 | Akbar Siami Namin and James H. Andrews
The influence of size and coverage on test suite effectiveness
Proceedings of the Eighteenth International Symposium on Software Testing and Analysis, {ISSTA} 2009, Chicago, IL, USA, July 19-23, 2009, 2009. |
|
| | Abstract: Available soon... |
| | @INPROCEEDINGS{NaminA09,
author = {Akbar Siami Namin and James H. Andrews},
title = {The influence of size and coverage on test suite effectiveness},
booktitle = {Proceedings of the Eighteenth International Symposium on Software Testing and Analysis, {ISSTA} 2009, Chicago, IL, USA, July 19-23, 2009},
year = {2009},
address = {},
month = {},
pages = {57--68}
} |
| 424 | Yue Jia and Mark Harman
Higher Order Mutation Testing
Information {\&} Software Technology, 51(10), 2009. |
|
| | Abstract: Available soon... |
| | @ARTICLE{JiaH09,
author = {Yue Jia and Mark Harman},
title = {Higher Order Mutation Testing},
journal = {Information {\&} Software Technology},
year = {2009},
month = {},
volume = {51},
number = {10},
pages = {1379--1393}
} |
| 425 | Jin-hua Li and Geng-xin Dai and Huan-huan Li
Mutation Analysisi for Testing Finite State Machines
Proceedings of the 2nd International Symposium on Electronic Commerce and Security (ISECS'09)Nanchang China, May 2009. |
|
| | Abstract: utation analysis is a program testing method which seeds a fault in a program and tries to identify it with test data, thus promoting the test efficiency. The paper investigates the application of mutation analysis in model-based testing for the modeling language of finite state machines (FSM). We describe a set of mutation operators for FSM based on the fault category; present an algorithm of selecting a test suite for the mutation testing of system models in FSM. In an experiment, other five methods of test suites generating and selecting for FSM are chosen to compare with the mutation testing method. The experiment shows that in respect of faults detecting in FSM, the mutation testing is more effective and efficient than the other FSM testing methods including D-method, W-method and T-method. |
| | @INPROCEEDINGS{LiDL09,
author = {Jin-hua Li and Geng-xin Dai and Huan-huan Li},
title = {Mutation Analysisi for Testing Finite State Machines},
booktitle = {Proceedings of the 2nd International Symposium on Electronic Commerce and Security (ISECS'09)},
year = {2009},
address = {Nanchang China},
month = {May},
pages = {22–24}
} |
| 426 | Fanping Zeng and Minghui Chen and Kaitao Yin and Xufa Wang
Research on Buffer Overflow Test Based on Invariant
Proceedings of the 9th International Conference on Computer and Information TechnologyXiamen, China, 11-14 October 2009. |
|
| | Abstract: Buffer overflow (BOF) is one of the major vulnerabilities that lead to non-secure software. Testing an implementation for BOF vulnerabilities is challenging as the underlying reasons of buffer overflow vary widely. This paper presents a novel method for BOF test for ANSI C language, which uses program instrumentation and mutation test technology to test the BOF vulnerabilities, on the basis of analyzing the invariants for BOF vulnerabilities. The implementation shows that it can check the attack of BOF vulnerabilities adequately and accurately, in the circumstances of no large losses in performance. |
| | @INPROCEEDINGS{ZengCYW09,
author = {Fanping Zeng and Minghui Chen and Kaitao Yin and Xufa Wang},
title = {Research on Buffer Overflow Test Based on Invariant},
booktitle = {Proceedings of the 9th International Conference on Computer and Information Technology},
year = {2009},
address = {Xiamen, China},
month = {11-14 October},
pages = {234–238}
} |
| 427 | Nan Li and Upsorn Praphamontripong and A. Jefferson Offutt
An Experimental Comparison of Four Unit Test Criteria: Mutation, Edge-Pair, All-uses and Prime Path Coverage
Proceedings of the 4th International Workshop on Mutation Analysis (MUTATION'09)Denver, Colorado, 1-4 April 2009. |
|
| | Abstract: With recent increased expectations for quality, and the growth of agile processes and test driven development, developers are expected to do more and more effective unittesting. Yet, our knowledge of when to use the variousunit level test criteria is incomplete. The paper presentsresults from a comparison of four unit level software testing criteria. Mutation testing, prime path coverage, edgepair coverage, and all-uses testing were compared on twobases: the number of seeded faults found and the numberof tests needed to satisfy the criteria. The comparisonused a collection of Java classes taken from varioussources and hand-seeded faults. Tests were designed andgenerated mostly by hand with help from tools that computetest requirements and muJava. The findings are that mutationtests detected more faults and the other three criteriawere very similar. The paper also presents a secondarymeasure, a cost benefit ratio, computed as the number oftests needed to detect each fault. Surprisingly, mutation required the fewest number of tests. The paper also discusses some specific faults that were not found and presents analysis for why not. |
| | @INPROCEEDINGS{LiPO09,
author = {Nan Li and Upsorn Praphamontripong and A. Jefferson Offutt},
title = {An Experimental Comparison of Four Unit Test Criteria: Mutation, Edge-Pair, All-uses and Prime Path Coverage},
booktitle = {Proceedings of the 4th International Workshop on Mutation Analysis (MUTATION'09)},
year = {2009},
address = {Denver, Colorado},
month = {1-4 April},
pages = {220-229}
} |
| 428 | Shaimaa Ali and James H. Andrews and Tamilselvi Dhandapani and Wantao Wang
Evaluating the Accuracy of Fault Localization Techniques
{ASE} 2009, 24th {IEEE/ACM} International Conference on Automated Software Engineering, Auckland, New Zealand, November 16-20, 2009, 2009. |
|
| | Abstract: Available soon... |
| | @INPROCEEDINGS{ali_ASE_09,
author = {Shaimaa Ali and James H. Andrews and Tamilselvi Dhandapani and Wantao Wang},
title = {Evaluating the Accuracy of Fault Localization Techniques},
booktitle = {{ASE} 2009, 24th {IEEE/ACM} International Conference on Automated Software Engineering, Auckland, New Zealand, November 16-20, 2009},
year = {2009},
address = {},
month = {},
pages = {76--87}
} |
| 429 | C{\'{e}}sar Andr{\'{e}}s and Mercedes G. Merayo and Carlos Molinero
Advantages of Mutation in Passive Testing: An Empirical Study
Second International Conference on Software Testing Verification and Validation, {ICST} 2009, Denver, Colorado, USA, April 1-4, 2009, Workshops Proceedings, 2009. |
|
| | Abstract: Available soon... |
| | @INPROCEEDINGS{andres_ICSTW_09,
author = {C{\'{e}}sar Andr{\'{e}}s and Mercedes G. Merayo and Carlos Molinero},
title = {Advantages of Mutation in Passive Testing: An Empirical Study},
booktitle = {Second International Conference on Software Testing Verification and Validation, {ICST} 2009, Denver, Colorado, USA, April 1-4, 2009, Workshops Proceedings},
year = {2009},
address = {},
month = {},
pages = {230--239}
} |
| 430 | Christian Murphy and Kuang Shen and Gail E. Kaiser
Automatic system testing of programs without test oracles
Proceedings of the Eighteenth International Symposium on Software Testing and Analysis, {ISSTA} 2009, Chicago, IL, USA, July 19-23, 2009, 2009. |
|
| | Abstract: Available soon... |
| | @INPROCEEDINGS{murphy_ISSTA_09,
author = {Christian Murphy and Kuang Shen and Gail E. Kaiser},
title = {Automatic system testing of programs without test oracles},
booktitle = {Proceedings of the Eighteenth International Symposium on Software Testing and Analysis, {ISSTA} 2009, Chicago, IL, USA, July 19-23, 2009},
year = {2009},
address = {},
month = {},
pages = {189--200}
} |
| 431 | Aritra Bandyopadhyay and Sudipto Ghosh
Test Input Generation Using {UML} Sequence and State Machines Models
Second International Conference on Software Testing Verification and Validation, {ICST} 2009, Denver, Colorado, USA, April 1-4, 2009, 2009. |
|
| | Abstract: Available soon... |
| | @INPROCEEDINGS{bandyopadhyay_ICST_09,
author = {Aritra Bandyopadhyay and Sudipto Ghosh},
title = {Test Input Generation Using {UML} Sequence and State Machines Models},
booktitle = {Second International Conference on Software Testing Verification and Validation, {ICST} 2009, Denver, Colorado, USA, April 1-4, 2009},
year = {2009},
address = {},
month = {},
pages = {121--130}
} |
| 432 | Yu-Seung Ma and Yong-Rae Kwon and Sang-Woon Kim
Statistical Investigation on Class Mutation Operators
ETRI Journal, 31(), 2009. |
|
| | Abstract: Available soon... |
| | @ARTICLE{MaKK09,
author = {Yu-Seung Ma and Yong-Rae Kwon and Sang-Woon Kim},
title = {Statistical Investigation on Class Mutation Operators},
journal = {ETRI Journal},
year = {2009},
month = {},
volume = {31},
number = {},
pages = {140–150}
} |
| 433 | Tao Xie and Nikolai Tillmann and Jonathan de Halleux and Wolfram Schulte
Mutation Analysis of Parameterized Unit Tests
Proceedings of the 4th International Workshop on Mutation Analysis (MUTATION'09)Denver, Colorado, 1-4 April 2009. |
|
| | Abstract: Recently parameterized unit testing has emerged as a promising and effective methodology to allow the separation of (1) specifying external, black-box behavior (e.g., assumptions and assertions) by developers and (2) generating and selecting internal, white-box test inputs (i.e., high-code-covering test inputs) by tools. A parameterized unit test (PUT) is simply a test method that takes parameters, specifies assumptions on the parameters, calls the code under test, and specifies assertions. The test effectiveness of PUTs highly depends on the way that they are written by developers. For example, if stronger assumptions are specified, only a smaller scope of test inputs than intended are generated by tools, leading to false negatives in terms of fault detection. If weaker assertions are specified, erroneous states induced by the test execution do not necessarily cause assertion violations, leading to false negatives. Detecting these false negatives is challenging since the insufficiently written PUTs would just pass. In this paper, we propose a novel mutation analysis approach for analyzing PUTs written by developers and identifying likely locations in PUTs for improvement. The proposed approach is a first step towards helping developers write better PUTs in practice. |
| | @INPROCEEDINGS{XieTHS09,
author = {Tao Xie and Nikolai Tillmann and Jonathan de Halleux and Wolfram Schulte},
title = {Mutation Analysis of Parameterized Unit Tests},
booktitle = {Proceedings of the 4th International Workshop on Mutation Analysis (MUTATION'09)},
year = {2009},
address = {Denver, Colorado},
month = {1-4 April},
pages = {177-181}
} |
| 434 | Ammar Masood and Rafae Bhatti and Arif Ghafoor and Aditya Mathur
Scalable and Effective Test Generation for Role-Based Access Control Systems
IEEE Transactions of Software Engineering, 35(5), May 2009. |
|
| | Abstract: Conformance testing procedures for generating tests from the finite state model representation of Role-Based Access Control (RBAC) policies are proposed and evaluated. A test suite generated using one of these procedures has excellent fault detection ability but is astronomically large. Two approaches to reduce the size of the generated test suite were investigated. One is based on a set of six heuristics and the other directly generates a test suite from the finite state model using random selection of paths in the policy model. Empirical studies revealed that the second approach to test suite generation, combined with one or more heuristics, is most effective in the detection of both first-order mutation and malicious faults and generates a significantly smaller test suite than the one generated directly from the finite state models. |
| | @ARTICLE{MasoodBGM09,
author = {Ammar Masood and Rafae Bhatti and Arif Ghafoor and Aditya Mathur},
title = {Scalable and Effective Test Generation for Role-Based Access Control Systems},
journal = {IEEE Transactions of Software Engineering},
year = {2009},
month = {May},
volume = {35},
number = {5},
pages = {654–668}
} |
| 435 | Tejeddine Mouelhi and Benoit Baudry and Yves Le Traon
Transforming and Selecting Functional Test Cases for Security Policy Testing
Proceedings of the 2nd International Conference on Software Testing, Verification and ValidationDenver, Colorado, 1-4 April 2009. |
|
| | Abstract: We present a model-based approach to testing access control requirements. By using combinatorial testing, we first automatically generate test cases from and without access control policies—i.e., the model—and assess the effectiveness of the test suites by means of mutation testing. We also compare them to purely random tests. For some of the investigated strategies, non-random tests kill considerably more mutants thanthe same number of random tests. Since we rely on policies only, no information on the application is required at this stage. As a consequence, our methodology applies to arbitrary implementations of the policy decision points. |
| | @INPROCEEDINGS{MouelhFBL09,
author = {Tejeddine Mouelhi and Benoit Baudry and Yves Le Traon},
title = {Transforming and Selecting Functional Test Cases for Security Policy Testing},
booktitle = {Proceedings of the 2nd International Conference on Software Testing, Verification and Validation},
year = {2009},
address = {Denver, Colorado},
month = {1-4 April},
pages = {171–180}
} |
| 436 | Shuang Wang and A. Jefferson Offutt
Comparison of Unit-Level Automated Test Generation Tools
Proceedings of the 4th International Workshop on Mutation Analysis (MUTATION'09)Denver, Colorado, 1-4 April 2009. |
|
| | Abstract: Data from projects worldwide show that many software projects fail and most are completed late or over budget. Unit testing is a simple but effective technique to improve software in terms of quality, flexibility, and time-to-market. A key idea of unit testing is that each piece of code needs its own tests and the best person to design those tests is the developer who wrote the software. However, generating tests for each unit by hand is very expensive, possibly prohibitively so. Automatic test data generation is essential to support unit testing and as unit testing is achieving more attention, developers have a greater need for automated unit test data generation tools. However, developers have very little information about which tools are effective. This experiment compared three well-known public-accessible unit test data generation tools, JCrasher, TestGen4j, and JUB. We applied them to Java classes and evaluated them based on their mutation scores. As a comparison, we created two additional sets of tests for each class. One test set contained random values and the other contained values to satisfy edge coverage. Results showed that the automatic test data generation tools generated tests with almost the same mutation scores as the random tests. |
| | @INPROCEEDINGS{WangO09,
author = {Shuang Wang and A. Jefferson Offutt},
title = {Comparison of Unit-Level Automated Test Generation Tools},
booktitle = {Proceedings of the 4th International Workshop on Mutation Analysis (MUTATION'09)},
year = {2009},
address = {Denver, Colorado},
month = {1-4 April},
pages = {210-219}
} |
| 437 | Tisi, Massimo and Jouault, Fr{\'e}d{\'e}ric and Fraternali, Piero and Ceri, Stefano and B{\'e}zivin, Jean
On the Use of Higher-Order Model Transformations
Model Driven Architecture - Foundations and Applications: 5th European Conference, ECMDA-FA 2009, Enschede, The Netherlands, June 23-26, 2009. Proceedings, 2009. |
|
| | Abstract: Available soon... |
| | @INPROCEEDINGS{tisi_HOM_09,
author = {Tisi, Massimo and Jouault, Fr{\'e}d{\'e}ric and Fraternali, Piero and Ceri, Stefano and B{\'e}zivin, Jean},
title = {On the Use of Higher-Order Model Transformations},
booktitle = {Model Driven Architecture - Foundations and Applications: 5th European Conference, ECMDA-FA 2009, Enschede, The Netherlands, June 23-26, 2009. Proceedings},
year = {2009},
address = {},
month = {},
pages = {18--33}
} |
| 438 | Hossain Shahriar and Mohammad Zulkernine
Mutation-Based Testing of Format String Bugs
Proceedings of the 11th IEEE High Assurance Systems Engineering Symposium (HASE'08)Nanjing, China, 3-5 Dec 2008. |
|
| | Abstract: Format string bugs (FSBs) make an implementation vulnerable to numerous types of malicious attacks. Testing an implementation against FSBs can avoid consequences due to exploits of FSBs such as denial of services, corruption of application states, etc. Obtaining an adequate test data set is essential for testing of FSBs. An adequate test data set contains effective test cases that can reveal FSBs. Unfortunately, traditional techniques do not address the issue of adequate testing of an application for FSB. Moreover, the application of source code mutation has not been applied for testing FSB. In this work, we apply the idea of mutation-based testing technique to generate an adequate test data set for testing FSBs. Our work addresses FSBs related to ANSI C libraries. We propose eight mutation operators to force the generation of adequate test dataset. A prototype mutation-based testing tool named MUFORMAT is developed to generate mutants automatically and perform mutation analysis. The proposed operators are validated by using four open source programs having FSBs. The results indicate that the proposed operators are effective for testing FSBs. |
| | @INPROCEEDINGS{ShahriarZ08b,
author = {Hossain Shahriar and Mohammad Zulkernine},
title = {Mutation-Based Testing of Format String Bugs},
booktitle = {Proceedings of the 11th IEEE High Assurance Systems Engineering Symposium (HASE'08)},
year = {2008},
address = {Nanjing, China},
month = {3-5 Dec},
pages = {229-238}
} |
| 439 | Hossain Shahriar and Mohammad Zulkernine
Mutation-Based Testing of Buffer Overflow Vulnerabilities
Proceedings of the 2nd Annual IEEE International Workshop on Security in Software Engineering28 July -1 August, Turku, Finland 2008. |
|
| | Abstract: Buffer overflow (BOF) is one of the major vulnerabilities that leads to non-secure software.Testing an implementation for BOF vulnerabilities is challenging as the underlying reasons of buffer overflow vary widely. Moreover, the existing vulnerability testing approaches do not address the issue of generating adequate test data sets for testing BOF vulnerabilities. In this work, we apply the idea of mutation-based testing technique to generate adequate test data set for BOF vulnerabilities. Our work addresses those BOF vulnerabilities, which are related to an implementation language and its associated libraries. We apply the concept for ANSI Clanguage and its associated libraries. We propose 12 mutation operators to force the generation of adequate test data set for BOF vulnerabilities. The proposed operators are validated by using four open source programs. The results indicate that the proposed operators are effective for testing BOF vulnerabilities. |
| | @INPROCEEDINGS{ShahriarZ08a,
author = {Hossain Shahriar and Mohammad Zulkernine},
title = {Mutation-Based Testing of Buffer Overflow Vulnerabilities},
booktitle = {Proceedings of the 2nd Annual IEEE International Workshop on Security in Software Engineering},
year = {2008},
address = {28 July -1 August},
month = {Turku, Finland},
pages = {979-984}
} |
| 440 | Nicola Bombieri and Franco Fummi and Graziano Pravadelli
A Mutation Model for the SystemC TLM2.0 Communication Interfaces
Proceedings of the Conference on Design, Automation and Test in Europe (DATE'08)Munich, Germany, 10-14 March 2008. |
|
| | Abstract: Mutation analysis is a widely-adopted strategy in software testing with two main purposes: measuring the quality of test suites, and identifying redundant code in programs. Similar approaches are applied in hardware verification and testing too, especially at RTL or gate level, where mutants are generally referred as faults, and mutation analysis is performed by means of fault modeling and fault simulation. However, in modern embedded systems there is a close integration between HW and SW parts, and verification strategies should be applied early in the design flow. This requires the definition of new mutation analysis-based strategies that work at system level, where HW and SW functionalities are not partitioned yet. In this context, the paper proposes a mutation model for perturbing transaction level modeling (TLM) SystemC descriptions. In particular, the main constructs provided by the SystemC TLM 2.0 library have been analyzed, and a set of mutants is proposed to perturb the primitives related to the TLM communication interfaces. |
| | @INPROCEEDINGS{BombieriFP08,
author = {Nicola Bombieri and Franco Fummi and Graziano Pravadelli},
title = {A Mutation Model for the SystemC TLM2.0 Communication Interfaces},
booktitle = {Proceedings of the Conference on Design, Automation and Test in Europe (DATE'08)},
year = {2008},
address = {Munich, Germany},
month = {10-14 March},
pages = {396-401}
} |
