Abstract
With web applications in high demand, one cannot underestimate the importance of their quality assurance process. Web applications are open event-driven systems that take sequences of user events and produce changes in the user interface or the underlying application. Web applications are difficult to test because the set of possible sequences of user inputs allowed by the interface of a web application can be very large. Software model checking techniques can be effective for validating such applications but they only work for closed systems. In this paper, we present an approach for closing web applications with a driver that contains two parts: (1) the application-specific Page Transition Graph (PTG), which encodes the application’s possible pages, user and server events, their corresponding event-handlers, and user data and (2) the application-independent PTG-based driver, which generates test sequences that can be executed with analysis tools such as Java PathFinder (JPF). The first part can be automatically extracted from the implementation of a web application and the second part is written once and reused across multiple web applications belonging to the same framework. We implemented our approach in a driver generator that automatically extracts PTG models from implementation of JSP-based web applications, checks the extracted PTGs for navigation inconsistencies, and enables JPF analysis. We evaluated our approach on ten open-source and industrial web applications and present the detected errors.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Andrews, A.A., Offutt, J., Alexander, R.T.: Testing web applications by modeling with fsms. Software and Systems Modeling 4, 326–345 (2005)
Brat, G., Havelund, K., Park, S., Visser, W.: Java PathFinder – a second generation of a Java model-checker. In: Proceedings of the Workshop on Advances in Verification (July 2000)
Deutsch, A., Sui, L., Vianu, V., Zhou, D.: A system for specification and verification of interactive, data-driven web applications. In: SIGMOD 2006: Proceedings of the 2006 ACM SIGMOD International Conference on Management of Data, pp. 772–774. ACM, New York (2006)
Ghosh, I., Rajan, S., Shannon, D., Khurshid, S.: Efficient symbolic execution of strings for validating web applications. In: Proceedings of the International Workshop on Defects in Large Software Systems (July 2009)
Halfond, W.G., Anand, S., Orso, A.: Precise interface identification to improve testing and analysis of web applications. In: ISSTA 2009: Proceedings of the Eighteenth International Symposium on Software Testing and Analysis, pp. 285–296. ACM, New York (2009)
Halfond, W.G.J., Orso, A.: Improving test case generation for web applications using automated interface discovery. In: ESEC-FSE 2007: Proceedings of the the 6th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on The Foundations of Software Engineering, pp. 145–154. ACM, New York (2007)
Hallé, S., Ettema, T., Bunch, C., Bultan, T.: Eliminating navigation errors in web applications via model checking and runtime enforcement of navigation state machines. In: ASE, pp. 235–244 (2010)
Haydar, M.: Formal framework for automated analysis and verification of web-based applications. In: ASE 2004: Proceedings of the 19th IEEE International Conference on Automated software Engineering, pp. 410–413. IEEE Computer Society, Washington, DC, USA (2004)
Kubo, A., Washizaki, H., Fukazawa, Y.: Automatic extraction and verification of page transitions in a web application. In: APSEC 2007: Proceedings of the 14th Asia-Pacific Software Engineering Conference, pp. 350–357. IEEE Computer Society, Washington, DC, USA (2007)
Licata, D.R., Krishnamurthi, S.: Verifying interactive web programs. In: Proceedings of the 19th IEEE International Conference on Automated Software Engineering, pp. 164–173. IEEE Computer Society, Washington, DC, USA (2004)
Memon, A., Banerjee, I., Nagarajan, A.: Gui ripping: Reverse engineering of graphical user interfaces for testing. In: WCRE 2003: Proceedings of the 10th Working Conference on Reverse Engineering, p. 260. IEEE Computer Society, Washington, DC, USA (2003)
Rajan, S.P., Tkachuk, O., Prasad, M.R., Ghosh, I., Goel, N., Uehara, T.: Weave: Web applications validation environment. In: ICSE Companion. Software Engineering in Practice, vol. 2, pp. 101–111 (2009)
Ricca, F., Tonella, P.: Analysis and testing of web applications. In: ICSE 2001: Proceedings of the 23rd International Conference on Software Engineering, pp. 25–34. IEEE Computer Society Press, Washington, DC, USA (2001)
Yuen, S., Kato, K., Kato, D., Agusa, K.: Web automata: A behavioral model of web applications based on the mvc model. Information and Media Technologies 1(1), 66–79 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tkachuk, O., Rajan, S. (2011). Automated Driver Generation for Analysis of Web Applications. In: Giannakopoulou, D., Orejas, F. (eds) Fundamental Approaches to Software Engineering. FASE 2011. Lecture Notes in Computer Science, vol 6603. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-19811-3_23
Download citation
DOI: https://doi.org/10.1007/978-3-642-19811-3_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-19810-6
Online ISBN: 978-3-642-19811-3
eBook Packages: Computer ScienceComputer Science (R0)