| 491 | Yves Le Traon and Tejeddine Mouelhi and Benoit Baudry
Testing Security Policies: Going Beyond Functional Testing
The 18th IEEE International Symposium on Software ReliabilityTrollh\"attan, Sweden, 5-9 November 2007. |
|
| | Abstract: While important efforts are dedicated to system functional testing, very few works study how to test specifically security mechanisms, implementing a security policy. This paper introduces security policy testing as a specific target for testing. We propose two strategies for producing security policy test cases, depending if they are built in complement of existing functional test cases or independently from them. Indeed, any security policy is strongly connected to system functionality: testing functions includes exercising many security mechanisms. However, testing functionality does not intend at putting to the test security aspects. We thus propose test selection criteria to produce tests from a security policy. To quantify the effectiveness of a set of test cases to detect security policy flaws, we adapt mutation analysis and define security policy mutation operators. A library case study, a 3-tiers architecture, is used to obtain experimental trends. Results confirm that security must become a specific target of testing to reach a satisfying level of confidence in security mechanisms. |
| | @INPROCEEDINGS{TraonMB07,
author = {Yves Le Traon and Tejeddine Mouelhi and Benoit Baudry},
title = {Testing Security Policies: Going Beyond Functional Testing},
booktitle = {The 18th IEEE International Symposium on Software Reliability},
year = {2007},
address = {Trollh\"attan, Sweden},
month = {5-9 November},
pages = {93-102}
} |
| 492 | Mark Trakhtenbrot
New Mutations for Evaluation of Specification and Implementation Levels of Adequacy in Testing of Statecharts Models
Proceedings of the 3rd Workshop on Mutation Analysis (MUTATION'07)Windsor, UK, 10-14 September 2007. |
|
| | Abstract: In model-based development of embedded real-time systems, statecharts are widely used for formal specification of their behavior, providing a sound basis for test generation and for detection of faults early in the development process. The paper presents a variety of new mutations for adequacy evaluation of tests used in validation of statecharts-based models. These mutations focus on key features of statecharts used in modeling of embedded systems: hierarchy, orthogonality and time expressions. We distinguish between two levels of tests adequacy. In the first, test results are expected to strictly follow the statecharts semantics. The second one takes into account possible deviations from this semantics based on typical implementation oriented decisions, e.g. mapping of orthogonal components into separate tasks executed concurrently. The considered mutations address both types of adequacy. In particular, we consider interleaving enforcing mutations, for testing of alternatives to the canonical "maximum parallelism" execution of statecharts. |
| | @INPROCEEDINGS{Trakhtenbrot07,
author = {Mark Trakhtenbrot},
title = {New Mutations for Evaluation of Specification and Implementation Levels of Adequacy in Testing of Statecharts Models},
booktitle = {Proceedings of the 3rd Workshop on Mutation Analysis (MUTATION'07)},
year = {2007},
address = {Windsor, UK},
month = {10-14 September},
pages = {151-160}
} |
| 493 | Anna Derezi\'nska
Advanced mutation operators applicable in C\# programs
Software Engineering Techniques: Design for Quality, 2007. |
|
| | Abstract: This paper is devoted to advanced mutation operators for C# source code. They deal with object-oriented (OO mutations) and other complex features of the code. They require structural information about a code, unlike the standard mutations. Applicability of OO operators in C# is compared with those for other OO languages. Operators for specific features of C# language are also proposed. The detailed specification of operators can be provided in terms of pre- and post-conditions of a program transformation. Based on the operators’ specification, the generation of mutated C# programs can be automated. |
| | @INPROCEEDINGS{Derezinska07a,
author = {Anna Derezi\'nska},
title = {Advanced mutation operators applicable in C\# programs},
booktitle = {Software Engineering Techniques: Design for Quality},
year = {2007},
address = {},
month = {},
pages = {283-288}
} |
| 494 | Pete May and Jon Timmis and Keith Mander
Immune and Evolutionary Approaches to Software Mutation Testing
Proceedings of the 6th International Conference on Artificial Immune Systems (ICARIS'07)Santos, Brazil, August 2007. |
|
| | Abstract: Available soon... |
| | @INPROCEEDINGS{MayTK07,
author = {Pete May and Jon Timmis and Keith Mander},
title = {Immune and Evolutionary Approaches to Software Mutation Testing},
booktitle = {Proceedings of the 6th International Conference on Artificial Immune Systems (ICARIS'07)},
year = {2007},
address = {Santos, Brazil},
month = {August},
pages = {336-347}
} |
| 495 | Akbar Siami Namin and James H. Andrews
On Sufficiency of Mutants
Proceedings of the 29th International Conference on Software Engineering (ICSE COMPANION'07)Minneapolis, Minnesota, 20-26 May 2007. |
|
| | Abstract: Mutation is the practice of automatically generating possibly faulty variants of a program, for the purpose of assessing the adequacy of a test suite or comparing testing techniques. The cost of mutation often makes its application infeasible. The cost of mutation is usually assessed in terms of the number of mutants, and consequently the number of "mutation operators" that produce them. We address this problem by finding a smaller subset of mutation operators, called "sufficient", that can model the behaviour of the full set. To do this, we provide an experimental procedure and adapt statistical techniques proposed for variable reduction, model selection and nonlinear regression. Our preliminary results reveal interesting information about mutation operators. |
| | @INPROCEEDINGS{NaminA07,
author = {Akbar Siami Namin and James H. Andrews},
title = {On Sufficiency of Mutants},
booktitle = {Proceedings of the 29th International Conference on Software Engineering (ICSE COMPANION'07)},
year = {2007},
address = {Minneapolis, Minnesota},
month = {20-26 May},
pages = {73-74}
} |
| 496 | Peter S. May
Test Data Generation: Two Evolutionary Approaches to Mutation Testing
University of Kent, Canterbury, Kent, 2007.Unknown- |
|
| | Abstract: Available soon... |
| | @PHDTHESIS{May07,
author = {Peter S. May},
title = {Test Data Generation: Two Evolutionary Approaches to Mutation Testing},
school = {University of Kent},
year = {2007},
type = {phdthesis},
address = {Canterbury, Kent},
month = {},
} |
| 497 | Robert M. Hierons and Mercedes G. Merayo
Mutation Testing from Probabilistic Finite State Machines
Proceedings of the 3rd Workshop on Mutation Analysis (MUTATION'07)Windsor, UK, 10-14 September 2007. |
|
| | Abstract: Mutation testing traditionally involves mutating a program in order to produce a set of mutants and using these mutants in order to either estimate the effectiveness of a test suite or to drive test generation. Recently, however, this approach has been applied to specifications such as those written as finite state machines. This paper extends mutation testing to finite state machine models in which transitions have associated probabilities. The paper describes several ways of mutating a probabilistic finite state machine (PFSM) and shows how test sequences that distinguish between a PFSM and its mutants can be generated. Testing then involves applying each test sequence multiple times, observing the resultant output sequences and using results from statistical sampling theory in order to compare the observed frequency of each output sequence with that expected. |
| | @INPROCEEDINGS{HieronsM07,
author = {Robert M. Hierons and Mercedes G. Merayo},
title = {Mutation Testing from Probabilistic Finite State Machines},
booktitle = {Proceedings of the 3rd Workshop on Mutation Analysis (MUTATION'07)},
year = {2007},
address = {Windsor, UK},
month = {10-14 September},
pages = {141-150}
} |
| 498 | Javier Tuya and Maria Jose Suarez Cabal and Claudio de la Riva
Mutating Database Queries
Information and Software Technology, 49(4), April 2007. |
|
| | Abstract: A set of mutation operators for SQL queries that retrieve information from a database is developed and tested against a set of queries drawn from the NIST SQL Conformance Test Suite. The mutation operators cover a wide spectrum of SQL features, including the handling of null values. Additional experiments are performed to explore whether the cost of executing mutants can be reduced using selective mutation or the test suite size can be reduced by using an appropriate ordering of the mutants. The SQL mutation approach can be helpful in assessing the adequacy of database test cases and their development, and as a tool for systematically injecting faults in order to compare different database testing techniques. |
| | @ARTICLE{TuyaSR07,
author = {Javier Tuya and Maria Jose Suarez Cabal and Claudio de la Riva},
title = {Mutating Database Queries},
journal = {Information and Software Technology},
year = {2007},
month = {April},
volume = {49},
number = {4},
pages = {398-417}
} |
| 499 | Saswat Anand and Corina S. Pasareanu and Willem Visser
{JPF-SE:} {A} Symbolic Execution Extension to Java PathFinder
Tools and Algorithms for the Construction and Analysis of Systems, 13th International Conference, {TACAS} 2007, Held as Part of the Joint European Conferences on Theory and Practice of Software, {ETAPS} 2007 Braga, Portugal, March 24 - April 1, 2007, Proceedings, 2007. |
|
| | Abstract: Available soon... |
| | @INPROCEEDINGS{AnandPV07,
author = {Saswat Anand and Corina S. Pasareanu and Willem Visser},
title = {{JPF-SE:} {A} Symbolic Execution Extension to Java PathFinder},
booktitle = {Tools and Algorithms for the Construction and Analysis of Systems, 13th International Conference, {TACAS} 2007, Held as Part of the Joint European Conferences on Theory and Practice of Software, {ETAPS} 2007 Braga, Portugal, March 24 - April 1, 2007, Proceedings},
year = {2007},
address = {},
month = {},
pages = {134--138}
} |
| 500 | Youssef Serrestou and Vincent Beroulle and Chantal Robach
Impact of Hardware Emulation on the Verification Quality Improvement
Proceedings of the IFIP WG 10.5 International Conference on Very Large Scale Integration of System-on-Chip (VLSI-SoC'07)Atlanta, GA, 15-17 October 2007. |
|
| | Abstract: Software simulation remains the most used method for VHDL RTL functional verification. The functional verification process essentially consists of two parts. The first one is the functional qualification; the second one is the qualification- driven stimuli generation. Currently, the qualification and the generation tasks are iterative processes based on VHDL simulation which is dramatically time consuming. The simulation time increases with the circuits’ size and the required level of quality. In our previous works, we have proposed some approaches based on the mutation testing technique to evaluate and to improve functional validation quality. Now, to reduce this simulation time, we propose in this paper a new approach based on FPGA emulation. So, an hardware-software platform called “Meta-Mutant Testbench” is used to emulate mutants. Experimental results for some ITC’99 benchmark circuits show that our mutation emulator is about 20 times faster than classical software simulators; this speedup increases with the circuits’ size. |
| | @INPROCEEDINGS{SerrestouBR07a,
author = {Youssef Serrestou and Vincent Beroulle and Chantal Robach},
title = {Impact of Hardware Emulation on the Verification Quality Improvement},
booktitle = {Proceedings of the IFIP WG 10.5 International Conference on Very Large Scale Integration of System-on-Chip (VLSI-SoC'07)},
year = {2007},
address = {Atlanta, GA},
month = {15-17 October},
pages = {218-223}
} |
