A formal model representing the navigation behavior of a Web application as the Kripke structure is proposed and an approach that applies model checking to test case generation is presented. The Object Relation Diagra...A formal model representing the navigation behavior of a Web application as the Kripke structure is proposed and an approach that applies model checking to test case generation is presented. The Object Relation Diagram as the object model is employed to describe the object structure of a Web application design and can be translated into the behavior model. A key problem of model checking-based test generation for a Web application is how to construct a set of trap properties that intend to cause the violations of model checking against the behavior model and output of counterexamples used to construct the test sequences. We give an algorithm that derives trap properties from the object model with respect to node and edge coverage criteria.展开更多
In order to improve the efficiency of regression testing in web application,the control flow graph and the greedy algorithm are adopted.This paper considers a web page as a basic unit and introduces a test case select...In order to improve the efficiency of regression testing in web application,the control flow graph and the greedy algorithm are adopted.This paper considers a web page as a basic unit and introduces a test case selection method for web application regression testing based on the control flow graph.This method is safe enough to the test case selection.On the base of features of request sequence in web application,the minimization technique and the priority of test cases are taken into consideration in the process of execution of test cases in regression testing for web application.The improved greedy algorithm is also raised resulting in optimization of execution of test cases.The experiments indicate that the number of test cases which need to be retested is reduced,and the efficiency of execution of test cases is also improved.展开更多
Forms enhance both the dynamic and interactive abilities of Web applications and the system complexity. And it is especially important to test forms completely and thoroughly. Therefore, this paper discusses how to ca...Forms enhance both the dynamic and interactive abilities of Web applications and the system complexity. And it is especially important to test forms completely and thoroughly. Therefore, this paper discusses how to carry out the form testing by different methods in the related testing phases. Namely, at first, automatically abstracting forms in the Web pages by parsing the HTML documents; then, ohtai ning the testing data with a certain strategies, such as by requirement specifications, by mining users' hefore input informarion or by recording meehanism; and next executing the testing actions automatically due to the well formed test cases; finally, a case study is given to illustrate the convenient and effective of these methods.展开更多
Web application fingerprint recognition is an effective security technology designed to identify and classify web applications,thereby enhancing the detection of potential threats and attacks.Traditional fingerprint r...Web application fingerprint recognition is an effective security technology designed to identify and classify web applications,thereby enhancing the detection of potential threats and attacks.Traditional fingerprint recognition methods,which rely on preannotated feature matching,face inherent limitations due to the ever-evolving nature and diverse landscape of web applications.In response to these challenges,this work proposes an innovative web application fingerprint recognition method founded on clustering techniques.The method involves extensive data collection from the Tranco List,employing adjusted feature selection built upon Wappalyzer and noise reduction through truncated SVD dimensionality reduction.The core of the methodology lies in the application of the unsupervised OPTICS clustering algorithm,eliminating the need for preannotated labels.By transforming web applications into feature vectors and leveraging clustering algorithms,our approach accurately categorizes diverse web applications,providing comprehensive and precise fingerprint recognition.The experimental results,which are obtained on a dataset featuring various web application types,affirm the efficacy of the method,demonstrating its ability to achieve high accuracy and broad coverage.This novel approach not only distinguishes between different web application types effectively but also demonstrates superiority in terms of classification accuracy and coverage,offering a robust solution to the challenges of web application fingerprint recognition.展开更多
Building an abstract model of the web application is the chief task of software test based on model, which is an efficient way for testing the web application. One problem with current web application test technologie...Building an abstract model of the web application is the chief task of software test based on model, which is an efficient way for testing the web application. One problem with current web application test technologies is the lack of tools for modeling the whole web software, especially the lack of support for describing web application from the view of action and function. This paper is concerned with providing the support for development and test of the web application. The presented novel model, named component-based and tree-oriented web application development model (CBTOWADM), abstracts the web application as a tree based on its system function and business process. CBTOWADM not only simplifies the design and development of the web application, but also acts as the model middleware for software test. The basic model definition, the system framework and the application in software test of CBTOWADM is described.展开更多
In order to analyze and test the component-based web application and decide when to stop the testing process, the concept of coverage criteria and test requirement reduction approach are proposed. First, four adequacy...In order to analyze and test the component-based web application and decide when to stop the testing process, the concept of coverage criteria and test requirement reduction approach are proposed. First, four adequacy criteria are defined and subsumption relationships among them are proved. Then, a translation algorithm is presented to transfer the test model into a web application decision-to-decision graph(WADDGraph)which is used to reduce testing requirements. Finally, different sets of test requirements can be generated from WADDGraph by analyzing subsumption and equivalence relationships among edges based on different coverage criteria, and testers can select different test requirements according to different testing environments. The case study indicates that coverage criteria follow linear subsumption relationships in real web applications. Test requirements can be reduced more than 55% on average based on different coverage criteria and the size of test requirements increases with the increase in the complexity of the coverage criteria.展开更多
This study presents a methodology to evaluate and prevent security vulnerabilities issues for web applications.The analysis process is based on the use of techniques and tools that allow to perform security assessment...This study presents a methodology to evaluate and prevent security vulnerabilities issues for web applications.The analysis process is based on the use of techniques and tools that allow to perform security assessments of white box and black box,to carry out the security validation of a web application in an agile and precise way.The objective of the methodology is to take advantage of the synergies of semi-automatic static and dynamic security analysis tools and manual checks.Each one of the phases contemplated in the methodology is supported by security analysis tools of different degrees of coverage,so that the results generated in one phase are used as feed for the following phases in order to get an optimized global security analysis result.The methodology can be used as part of other more general methodologies that do not cover how to use static and dynamic analysis tools in the implementation and testing phases of a Secure Software Development Life Cycle(SSDLC).A practical application of the methodology to analyze the security of a real web application demonstrates its effectiveness by obtaining a better optimized vulnerability detection result against the true and false positive metrics.Dynamic analysis with manual checking is used to audit the results,24.6 per cent of security vulnerabilities reported by the static analysis has been checked and it allows to study which vulnerabilities can be directly exploited externally.This phase is very important because it permits that each reported vulnerability can be checked by a dynamic second tool to confirm whether a vulnerability is true or false positive and it allows to study which vulnerabilities can be directly exploited externally.Dynamic analysis finds six(6)additional critical vulnerabilities.Access control analysis finds other five(5)important vulnerabilities such as Insufficient Protected Passwords or Weak Password Policy and Excessive Authentication Attacks,two vulnerabilities that permit brute force attacks.展开更多
As power systems become larger and more complicated, power system simulation analysis requires more flexibility and faster performance. BPA is simulation software that is widely used in China and thus official power s...As power systems become larger and more complicated, power system simulation analysis requires more flexibility and faster performance. BPA is simulation software that is widely used in China and thus official power system data are in BPA format. However, BPA's flexibility and performance cannot meet the requirement of ultra-large-scale power system. PSSE supports user-def'med models and can handle large scale power system with up to 150,000 buses. From that perspective, PSSE is much suitable for future network analysis. To take advantages of both BPA and PSSE, it is required to build a simulation platform which is able to combine PSS^E with BPA to meet the requirements of large-scale power system simulation in the future. In this paper, PSS^E and BPA have been integrated into the power system simulation platform to perform power system study together. As data format and models are different between BPA and PSSE, the focus is developing a converter that can convert BPA data to PSSE data and creating dynamic models in PSSE based on the dynamic models in BPA. Simulation results show the accuracy of PSSE user-defined models and high availability of PSSE Web application.展开更多
Security weaknesses in web applications deployed in cloud architectures can seriously affect its data confidentiality and integrity.The construction of the procedure utilized in the static analysis tools of source cod...Security weaknesses in web applications deployed in cloud architectures can seriously affect its data confidentiality and integrity.The construction of the procedure utilized in the static analysis tools of source code security differs and therefore each tool finds a different number of each weakness type for which it is designed.To utilize the possible synergies different static analysis tools may process,this work uses a new method to combine several source codes aiming to investigate how to increase the performance of security weakness detection while reducing the number of false positives.Specifically,five static analysis tools will be combined with the designed method to study their behavior using an updated benchmark for OWASP Top Ten Security Weaknesses(OWASP TTSW).The method selects specific metrics to rank the tools for different criticality levels of web applications considering different weights in the ratios.The findings show that simply including more tools in a combination is not synonymous with better results;it depends on the specific tools included in the combination due to their different designs and techniques.展开更多
JavaScript has become one of the most widely used languages for Web development.Its dynamic and event-driven features make it challenging to ensure the correctness of Web applications written in JavaScript.A variety o...JavaScript has become one of the most widely used languages for Web development.Its dynamic and event-driven features make it challenging to ensure the correctness of Web applications written in JavaScript.A variety of dynamic analysis techniques have been proposed which are,however,limited in either coverage or scalability.In this paper,we propose a simple,yet effective,model-based automated testing approach to achieve a high code-coverage within the time budget via testing with longer event sequences.We implement our approach as an open-source tool LJS,and perform extensive experiments on 21 publicly available benchmarks.On average,LJS is able to achieve 86.5%line coverage in 10 minutes.Compared with JSDEP,a state-of-the-art breadth-first search based automated testing tool enriched with partial order reduction,the coverage of LJS is 11%-19%higher than that of JSDEP on real-world large Web applications.Our empirical findings support that proper longer test sequences can achieve a higher code coverage in JavaScript Web application testing.展开更多
Recently, testing techniques based on dynamic exploration, which try to automatically exercise every possible user interface element, have been extensively used to facilitate fully testing web applications. Most of su...Recently, testing techniques based on dynamic exploration, which try to automatically exercise every possible user interface element, have been extensively used to facilitate fully testing web applications. Most of such testing tools are however not effective in reaching dynamic pages induced by form interactions due to their emphasis on handling client-side scripting. In this paper, we present a combinatorial strategy to achieve a full form test and build an automated test model. We propose an algorithm called pairwise testing with constraints (PTC) to iraplement the strategy. Our PTC algorithm uses pairwise coverage and handles the issues of semantic constraints and illegal values. We have implemented a prototype tool ComjaxTest and conducted an empirical study on five web applications. Experimental results indicate that our PTC algorithm generates less form test cases while achieving a higher coverage of dynamic pages than the general pairwise testing algorithm. Additionally, our ComjaxTest generates a relatively complete test model and then detects more faults in a reasonable amount of time, as compared with other existing tools based on dynamic exploration.展开更多
This paper presents a reference methodology for process orchestration that accelerates the development of Large Language Model (LLM) applications by integrating knowledge bases, API access, and deep web retrieval. By ...This paper presents a reference methodology for process orchestration that accelerates the development of Large Language Model (LLM) applications by integrating knowledge bases, API access, and deep web retrieval. By incorporating structured knowledge, the methodology enhances LLMs’ reasoning abilities, enabling more accurate and efficient handling of complex tasks. Integration with open APIs allows LLMs to access external services and real-time data, expanding their functionality and application range. Through real-world case studies, we demonstrate that this approach significantly improves the efficiency and adaptability of LLM-based applications, especially for time-sensitive tasks. Our methodology provides practical guidelines for developers to rapidly create robust and adaptable LLM applications capable of navigating dynamic information environments and performing effectively across diverse tasks.展开更多
Most of the behavior models with respect to Web applications focus on sequencing of events,without regard for the changes of parameters or elements and the relationship between trigger conditions of events and Web pag...Most of the behavior models with respect to Web applications focus on sequencing of events,without regard for the changes of parameters or elements and the relationship between trigger conditions of events and Web pages.As a result,these models are not sufficient to effectively represent the dynamic behavior of the Web2.0 application.Therefore,in this paper,to appropriately describe the dynamic behavior of the client side of Web applications,we define a novel Client-side Behavior Model(CBM)for Web applications and present a user behavior trace-based modeling method to automatically generate and optimize CBMs.To verify the effectiveness of our method,we conduct a series of experiments on six Web applications according to three types of user behavior traces.The experimental results show that our modeling method can construct CBMs automatically and effectively,and the CBMs built are more precise to represent the dynamic behavior of Web applications.展开更多
As the increasing popularity and complexity of Web applications and the emergence of their new characteristics, the testing and maintenance of large, complex Web applications are becoming more complex and difficult. W...As the increasing popularity and complexity of Web applications and the emergence of their new characteristics, the testing and maintenance of large, complex Web applications are becoming more complex and difficult. Web applications generally contain lots of pages and are used by enormous users. Statistical testing is an effective way of ensuring their quality. Web usage can be accurately described by Markov chain which has been proved to be an ideal model for software statistical testing. The results of unit testing can be utilized in the latter stages, which is an important strategy for bottom-to-top integration testing, and the other improvement of extended Markov chain model (EMM) is to present the error type vector which is treated as a part of page node. this paper also proposes the algorithm for generating test cases of usage paths. Finally, optional usage reliability evaluation methods and an incremental usability regression testing model for testing and evaluation are presented. Key words statistical testing - evaluation for Web usability - extended Markov chain model (EMM) - Web log mining - reliability evaluation CLC number TP311. 5 Foundation item: Supported by the National Defence Research Project (No. 41315. 9. 2) and National Science and Technology Plan (2001BA102A04-02-03)Biography: MAO Cheng-ying (1978-), male, Ph.D. candidate, research direction: software testing. Research direction: advanced database system, software testing, component technology and data mining.展开更多
Software engineering's lifecycle models havc proven to be very important for traditional software development. However, can these models be applied to the development of Web-based applications as well? In recent yea...Software engineering's lifecycle models havc proven to be very important for traditional software development. However, can these models be applied to the development of Web-based applications as well? In recent years, Web-based applications have become more and more complicated and a lot of efforts have been placed on introducing new technologies such as J2EE, PhP, and .NET, etc., which have been universally accepted as the development technologies for Web-based applications. However, there is no universally accepted process model for the development of Web-based applications. Moreover, shaping the process model for small medium-sized enterprises (SMEs), which have limited resources, has been relatively neglected. Based on our previous work, this paper presents an expanded lifecycle process model for the development of Web-based applications in SMEs. It consists of three sets of processes, i.e., requirement processes, development processes, and evolution processes. Particularly, the post-delivery evolution processes are important to SMEs to develop and maintain quality web applications with limited resources and time.展开更多
The paper proposes a conference control model between a web server and a telecom application server,referred to as the Conference Directed Graph(CDG) ,and describes an asynchronous communication mechanism between them...The paper proposes a conference control model between a web server and a telecom application server,referred to as the Conference Directed Graph(CDG) ,and describes an asynchronous communication mechanism between them. The Corba Interface Definition Language(IDL) interfaces are defined,and a message sequence chart is illustrated. This web conference control model provides conference users with a new approach to manage and control a conference and the participants. The performance of the system prototype is analyzed and verified in the 863 project named "The Multi-media and Mobile Services Enabled Soft-switch System".展开更多
基金Supported by the National Natural Science Foundation of China (60673115)the National Basic Research Program of China (973 Program) (2002CB312001)the Open Foundation of State Key Laboratory of Soft-ware Engineering (SKLSE05-13)
文摘A formal model representing the navigation behavior of a Web application as the Kripke structure is proposed and an approach that applies model checking to test case generation is presented. The Object Relation Diagram as the object model is employed to describe the object structure of a Web application design and can be translated into the behavior model. A key problem of model checking-based test generation for a Web application is how to construct a set of trap properties that intend to cause the violations of model checking against the behavior model and output of counterexamples used to construct the test sequences. We give an algorithm that derives trap properties from the object model with respect to node and edge coverage criteria.
基金The National Natural Science Foundation of China(No.60503020,60503033,60703086)Opening Foundation of Jiangsu Key Laboratory of Computer Information Processing Technology in Soochow University(No.KJS0714)
文摘In order to improve the efficiency of regression testing in web application,the control flow graph and the greedy algorithm are adopted.This paper considers a web page as a basic unit and introduces a test case selection method for web application regression testing based on the control flow graph.This method is safe enough to the test case selection.On the base of features of request sequence in web application,the minimization technique and the priority of test cases are taken into consideration in the process of execution of test cases in regression testing for web application.The improved greedy algorithm is also raised resulting in optimization of execution of test cases.The experiments indicate that the number of test cases which need to be retested is reduced,and the efficiency of execution of test cases is also improved.
基金Supported by the National Natural Science Foun-dation of China (60425206 ,90412003 ,60503033)the National Bas-ic Research Program of China (973 Program 2002CB312000 ) Opening Foundation of State Key Laboratory of Software Engineeringin Wuhan University, High Technology Research Project of JiangsuProvince (BG2005032)
文摘Forms enhance both the dynamic and interactive abilities of Web applications and the system complexity. And it is especially important to test forms completely and thoroughly. Therefore, this paper discusses how to carry out the form testing by different methods in the related testing phases. Namely, at first, automatically abstracting forms in the Web pages by parsing the HTML documents; then, ohtai ning the testing data with a certain strategies, such as by requirement specifications, by mining users' hefore input informarion or by recording meehanism; and next executing the testing actions automatically due to the well formed test cases; finally, a case study is given to illustrate the convenient and effective of these methods.
基金supported in part by the National Science Foundation of China under Grants U22B2027,62172297,62102262,61902276 and 62272311,Tianjin Intelligent Manufacturing Special Fund Project under Grant 20211097the China Guangxi Science and Technology Plan Project(Guangxi Science and Technology Base and Talent Special Project)under Grant AD23026096(Application Number 2022AC20001)+1 种基金Hainan Provincial Natural Science Foundation of China under Grant 622RC616CCF-Nsfocus Kunpeng Fund Project under Grant CCF-NSFOCUS202207.
文摘Web application fingerprint recognition is an effective security technology designed to identify and classify web applications,thereby enhancing the detection of potential threats and attacks.Traditional fingerprint recognition methods,which rely on preannotated feature matching,face inherent limitations due to the ever-evolving nature and diverse landscape of web applications.In response to these challenges,this work proposes an innovative web application fingerprint recognition method founded on clustering techniques.The method involves extensive data collection from the Tranco List,employing adjusted feature selection built upon Wappalyzer and noise reduction through truncated SVD dimensionality reduction.The core of the methodology lies in the application of the unsupervised OPTICS clustering algorithm,eliminating the need for preannotated labels.By transforming web applications into feature vectors and leveraging clustering algorithms,our approach accurately categorizes diverse web applications,providing comprehensive and precise fingerprint recognition.The experimental results,which are obtained on a dataset featuring various web application types,affirm the efficacy of the method,demonstrating its ability to achieve high accuracy and broad coverage.This novel approach not only distinguishes between different web application types effectively but also demonstrates superiority in terms of classification accuracy and coverage,offering a robust solution to the challenges of web application fingerprint recognition.
基金Acknowledgements: This work was supported by National High-Technology Research and Development Program (863 Program) of China under grant (No. 2007AA01Z144), National Natural Science Foundation of China (NSFC) under grant (No. 60673115) and National Grand Basic Research Program (973 Program) of China under grant (No. 2007CB310800).
基金Project supported by the National High-Technology Research and Development Program of China(Grant No.2007AA01Z144)the Shanghai Leading Academic Discipline Project(Grant No.J50103)
文摘Building an abstract model of the web application is the chief task of software test based on model, which is an efficient way for testing the web application. One problem with current web application test technologies is the lack of tools for modeling the whole web software, especially the lack of support for describing web application from the view of action and function. This paper is concerned with providing the support for development and test of the web application. The presented novel model, named component-based and tree-oriented web application development model (CBTOWADM), abstracts the web application as a tree based on its system function and business process. CBTOWADM not only simplifies the design and development of the web application, but also acts as the model middleware for software test. The basic model definition, the system framework and the application in software test of CBTOWADM is described.
基金The National Natural Science Foundation of China(No.90818027,60873050)the National High Technology Research andDevelopment Program of China (863 Program) (No.2009AA01Z147)+2 种基金Opening Foundation of State Key Laboratory Software Engineering in Wu-han University(No.SKLSE20080717)Opening Foundation of State KeyLaboratory for Novel Software Technology in Nanjing University(No.ZZ-KT2008F12)the Key Laboratory Foundation of Shanghai Municipal Science and Technology Commission (No.09DZ2272600)
文摘In order to analyze and test the component-based web application and decide when to stop the testing process, the concept of coverage criteria and test requirement reduction approach are proposed. First, four adequacy criteria are defined and subsumption relationships among them are proved. Then, a translation algorithm is presented to transfer the test model into a web application decision-to-decision graph(WADDGraph)which is used to reduce testing requirements. Finally, different sets of test requirements can be generated from WADDGraph by analyzing subsumption and equivalence relationships among edges based on different coverage criteria, and testers can select different test requirements according to different testing environments. The case study indicates that coverage criteria follow linear subsumption relationships in real web applications. Test requirements can be reduced more than 55% on average based on different coverage criteria and the size of test requirements increases with the increase in the complexity of the coverage criteria.
文摘This study presents a methodology to evaluate and prevent security vulnerabilities issues for web applications.The analysis process is based on the use of techniques and tools that allow to perform security assessments of white box and black box,to carry out the security validation of a web application in an agile and precise way.The objective of the methodology is to take advantage of the synergies of semi-automatic static and dynamic security analysis tools and manual checks.Each one of the phases contemplated in the methodology is supported by security analysis tools of different degrees of coverage,so that the results generated in one phase are used as feed for the following phases in order to get an optimized global security analysis result.The methodology can be used as part of other more general methodologies that do not cover how to use static and dynamic analysis tools in the implementation and testing phases of a Secure Software Development Life Cycle(SSDLC).A practical application of the methodology to analyze the security of a real web application demonstrates its effectiveness by obtaining a better optimized vulnerability detection result against the true and false positive metrics.Dynamic analysis with manual checking is used to audit the results,24.6 per cent of security vulnerabilities reported by the static analysis has been checked and it allows to study which vulnerabilities can be directly exploited externally.This phase is very important because it permits that each reported vulnerability can be checked by a dynamic second tool to confirm whether a vulnerability is true or false positive and it allows to study which vulnerabilities can be directly exploited externally.Dynamic analysis finds six(6)additional critical vulnerabilities.Access control analysis finds other five(5)important vulnerabilities such as Insufficient Protected Passwords or Weak Password Policy and Excessive Authentication Attacks,two vulnerabilities that permit brute force attacks.
文摘As power systems become larger and more complicated, power system simulation analysis requires more flexibility and faster performance. BPA is simulation software that is widely used in China and thus official power system data are in BPA format. However, BPA's flexibility and performance cannot meet the requirement of ultra-large-scale power system. PSSE supports user-def'med models and can handle large scale power system with up to 150,000 buses. From that perspective, PSSE is much suitable for future network analysis. To take advantages of both BPA and PSSE, it is required to build a simulation platform which is able to combine PSS^E with BPA to meet the requirements of large-scale power system simulation in the future. In this paper, PSS^E and BPA have been integrated into the power system simulation platform to perform power system study together. As data format and models are different between BPA and PSSE, the focus is developing a converter that can convert BPA data to PSSE data and creating dynamic models in PSSE based on the dynamic models in BPA. Simulation results show the accuracy of PSSE user-defined models and high availability of PSSE Web application.
文摘Security weaknesses in web applications deployed in cloud architectures can seriously affect its data confidentiality and integrity.The construction of the procedure utilized in the static analysis tools of source code security differs and therefore each tool finds a different number of each weakness type for which it is designed.To utilize the possible synergies different static analysis tools may process,this work uses a new method to combine several source codes aiming to investigate how to increase the performance of security weakness detection while reducing the number of false positives.Specifically,five static analysis tools will be combined with the designed method to study their behavior using an updated benchmark for OWASP Top Ten Security Weaknesses(OWASP TTSW).The method selects specific metrics to rank the tools for different criticality levels of web applications considering different weights in the ratios.The findings show that simply including more tools in a combination is not synonymous with better results;it depends on the specific tools included in the combination due to their different designs and techniques.
基金P.Gao,Y.Xu and F.Song were partially supported by the National Natural Science Foundation of China(NSFC)(Grant Nos.62072309,61532019,61761136011)T.Chen is partially supported by the National Natural Science Foundation of China(Grant No.61872340)+1 种基金Guangdong Science and Technology Department(2018B010107004)Natural Science Foundation of Guangdong Province(2019A1515011689).
文摘JavaScript has become one of the most widely used languages for Web development.Its dynamic and event-driven features make it challenging to ensure the correctness of Web applications written in JavaScript.A variety of dynamic analysis techniques have been proposed which are,however,limited in either coverage or scalability.In this paper,we propose a simple,yet effective,model-based automated testing approach to achieve a high code-coverage within the time budget via testing with longer event sequences.We implement our approach as an open-source tool LJS,and perform extensive experiments on 21 publicly available benchmarks.On average,LJS is able to achieve 86.5%line coverage in 10 minutes.Compared with JSDEP,a state-of-the-art breadth-first search based automated testing tool enriched with partial order reduction,the coverage of LJS is 11%-19%higher than that of JSDEP on real-world large Web applications.Our empirical findings support that proper longer test sequences can achieve a higher code coverage in JavaScript Web application testing.
基金This work is supported by the National Natural Science Foundation of China under Grant Nos. 61472076, 61472077, and 61300054.
文摘Recently, testing techniques based on dynamic exploration, which try to automatically exercise every possible user interface element, have been extensively used to facilitate fully testing web applications. Most of such testing tools are however not effective in reaching dynamic pages induced by form interactions due to their emphasis on handling client-side scripting. In this paper, we present a combinatorial strategy to achieve a full form test and build an automated test model. We propose an algorithm called pairwise testing with constraints (PTC) to iraplement the strategy. Our PTC algorithm uses pairwise coverage and handles the issues of semantic constraints and illegal values. We have implemented a prototype tool ComjaxTest and conducted an empirical study on five web applications. Experimental results indicate that our PTC algorithm generates less form test cases while achieving a higher coverage of dynamic pages than the general pairwise testing algorithm. Additionally, our ComjaxTest generates a relatively complete test model and then detects more faults in a reasonable amount of time, as compared with other existing tools based on dynamic exploration.
文摘This paper presents a reference methodology for process orchestration that accelerates the development of Large Language Model (LLM) applications by integrating knowledge bases, API access, and deep web retrieval. By incorporating structured knowledge, the methodology enhances LLMs’ reasoning abilities, enabling more accurate and efficient handling of complex tasks. Integration with open APIs allows LLMs to access external services and real-time data, expanding their functionality and application range. Through real-world case studies, we demonstrate that this approach significantly improves the efficiency and adaptability of LLM-based applications, especially for time-sensitive tasks. Our methodology provides practical guidelines for developers to rapidly create robust and adaptable LLM applications capable of navigating dynamic information environments and performing effectively across diverse tasks.
基金supported by the National Natural Science Foundation of China(Nos.61672085,61702029,and 61872026)。
文摘Most of the behavior models with respect to Web applications focus on sequencing of events,without regard for the changes of parameters or elements and the relationship between trigger conditions of events and Web pages.As a result,these models are not sufficient to effectively represent the dynamic behavior of the Web2.0 application.Therefore,in this paper,to appropriately describe the dynamic behavior of the client side of Web applications,we define a novel Client-side Behavior Model(CBM)for Web applications and present a user behavior trace-based modeling method to automatically generate and optimize CBMs.To verify the effectiveness of our method,we conduct a series of experiments on six Web applications according to three types of user behavior traces.The experimental results show that our modeling method can construct CBMs automatically and effectively,and the CBMs built are more precise to represent the dynamic behavior of Web applications.
文摘As the increasing popularity and complexity of Web applications and the emergence of their new characteristics, the testing and maintenance of large, complex Web applications are becoming more complex and difficult. Web applications generally contain lots of pages and are used by enormous users. Statistical testing is an effective way of ensuring their quality. Web usage can be accurately described by Markov chain which has been proved to be an ideal model for software statistical testing. The results of unit testing can be utilized in the latter stages, which is an important strategy for bottom-to-top integration testing, and the other improvement of extended Markov chain model (EMM) is to present the error type vector which is treated as a part of page node. this paper also proposes the algorithm for generating test cases of usage paths. Finally, optional usage reliability evaluation methods and an incremental usability regression testing model for testing and evaluation are presented. Key words statistical testing - evaluation for Web usability - extended Markov chain model (EMM) - Web log mining - reliability evaluation CLC number TP311. 5 Foundation item: Supported by the National Defence Research Project (No. 41315. 9. 2) and National Science and Technology Plan (2001BA102A04-02-03)Biography: MAO Cheng-ying (1978-), male, Ph.D. candidate, research direction: software testing. Research direction: advanced database system, software testing, component technology and data mining.
文摘Software engineering's lifecycle models havc proven to be very important for traditional software development. However, can these models be applied to the development of Web-based applications as well? In recent years, Web-based applications have become more and more complicated and a lot of efforts have been placed on introducing new technologies such as J2EE, PhP, and .NET, etc., which have been universally accepted as the development technologies for Web-based applications. However, there is no universally accepted process model for the development of Web-based applications. Moreover, shaping the process model for small medium-sized enterprises (SMEs), which have limited resources, has been relatively neglected. Based on our previous work, this paper presents an expanded lifecycle process model for the development of Web-based applications in SMEs. It consists of three sets of processes, i.e., requirement processes, development processes, and evolution processes. Particularly, the post-delivery evolution processes are important to SMEs to develop and maintain quality web applications with limited resources and time.
基金the National High-Tech Research and De-velopment Plan of China (No.2001AA121021)the Na-tional Research Foundation for the Doctoral Program of Higher Education of China (No.20020013004)+2 种基金the Na-tional Grand Fundamental Research 973 Program of China (No.2003CB314806)the National Natural Science Foundation for Distinguished Young Scholars of China (No.60125101)the Cheung Kong Scholar’s Program and the Promotion Project for Creative Teams of the Ministry of Education (Networking Theory and Tech-nology in Telecommunication) (No.IRT0410).
文摘The paper proposes a conference control model between a web server and a telecom application server,referred to as the Conference Directed Graph(CDG) ,and describes an asynchronous communication mechanism between them. The Corba Interface Definition Language(IDL) interfaces are defined,and a message sequence chart is illustrated. This web conference control model provides conference users with a new approach to manage and control a conference and the participants. The performance of the system prototype is analyzed and verified in the 863 project named "The Multi-media and Mobile Services Enabled Soft-switch System".
