Global ETD Search

31	Teste baseado em modelos para serviços RESTful usando máquinas de estados de protocolos UML / Model-based testing of RESTful web services using UML protocol state machines Pinheiro, Pedro Victor Pontes 15 April 2014 (has links) A Arquitetura Orientada a Serviços (SOA) é um estilo arquitetural formado por um conjunto de restrições que visa promover a escalabilidade e a flexibilidade de um sistema, provendo suas funcionalidades como serviços. Nos últimos anos, um estilo alternativo foi proposto e amplamente adotado, que projeta as funcionalidades de um sistema como recursos. Este estilo arquitetural orientado a recursos é chamado de REST. O teste de serviços web em geral apresenta vários desafios devido a sua natureza distribuída, canal de comunicação pouco confiável, baixo acoplamento e a falta de uma interface de usuário. O teste de serviços RESTful (serviços que utilizam o REST) compartilham estes mesmos desafios e ainda necessitam que suas restrições sejam obedecidas. Estes desafios demandam testes mais sistemáticos e formais. Neste contexto, o teste baseado em modelos (TBM) se apresenta como um processo viável para abordar essas necessidades. O modelo que representa o sistema deve ser simples e ao mesmo tempo preciso para que sejam gerados casos de teste com qualidade. Com base nesse contexto, este projeto de mestrado propõe uma abordagem baseada em modelos para testar serviços RESTful. O modelo comportamental adotado foi a máquina de estados de protocolos UML, capaz de formalizar a interface do serviço enquanto esconde o seu funcionamento interno. Uma ferramenta foi desenvolvida para gerar automaticamente os casos de teste usando critérios de cobertura de estados e transições para percorrer o modelo / Service Oriented Architecture (SOA) is an architectural style consisting of a set of restrictions aimed at promoting the scalability and flexibility of a system, providing its functionalities as services. In recent years, an alternative style was proposed and widely adopted, which designs the system\'s functionalities as resources. This resource oriented architectural style is called REST. In general, the test of web services has several challenges due to its distributed nature, unreliable communication channel, low coupling and the lack of a user interface. Testing RESTful web services (services that use REST) share these same challenges and also need to obey the REST constraints. These challenges require a more systematic and formal testing approach. In this context, model based testing presents itself as a viable process for addressing those needs. The model that represents the system should be simple and precise enough to generate quality test cases. Based on this context, this work proposes a model based approach to test RESTful web services. The behavioral model used was the UML protocol state machine, which is capable to provide a formalization of the service interface, while hiding its internal behaviour. A tool was developed to automatically generate test cases using the state and transition coverage criteria to traverse the model Arquitetura orientada a recursos Geração de casos de teste Máquina de estados de protocolos UML Model-based testing Resource-oriented architecture RESTful web services Serviços RESTful Test case generation Teste baseado em modelos UML protocol state machine
32	Aplicação de modelos de defeitos na geração de conjuntos de teste completos a partir de Sistemas de Transição com Entrada/Saída / Applying fault models in complete test suite generation from Input/Output Transition Systems Paiva, Sofia Larissa da Costa 16 March 2016 (has links) O Teste Baseado em Modelos (TBM) emergiu como uma estratégia promissora para minimizar problemas relacionados à falta de tempo e recursos em teste de software e visa verificar se a implementação sob teste está em conformidade com sua especificação. Casos de teste são gerados automaticamente a partir de modelos comportamentais produzidos durante o ciclo de desenvolvimento de software. Entre as técnicas de modelagem existentes, Sistemas de Transição com Entrada/Saída (do inglês, Input/Output Transition Systems - IOTSs), são modelos amplamente utilizados no TBM por serem mais expressivos do que Máquinas de Estado Finito (MEFs). Apesar dos métodos existentes para geração de testes a partir de IOTSs, o problema da seleção de casos de testes é um tópico difícil e importante. Os métodos existentes para IOTS são não-determinísticos, ao contrário da teoria existente para MEFs, que fornece garantia de cobertura completa com base em um modelo de defeitos. Esta tese investiga a aplicação de modelos de defeitos em métodos determinísticos de geração de testes a partir de IOTSs. Foi proposto um método para geração de conjuntos de teste com base no método W para MEFs. O método gera conjuntos de teste de forma determinística além de satisfazer condições de suficiência de cobertura da especificação e de todos os defeitos do domínio de defeitos definido. Estudos empíricos avaliaram a aplicabilidade e eficácia do método proposto: resultados experimentais para analisar o custo de geração de conjuntos de teste utilizando IOTSs gerados aleatoriamente e um estudo de caso com especificações da indústria mostram a efetividade dos conjuntos gerados em relação ao método tradicional de Tretmans. / Model-Based Testing (MBT) has emerged as a promising strategy for the minimization of problems related to time and resource limitations in software testing and aims at checking whether the implementation under test is in compliance with its specification. Test cases are automatically generated from behavioral models produced during the software development life cycle. Among the existing modeling techniques, Input/Output Transition Systems (IOTSs) have been widely used in MBT because they are more expressive than Finite State Machines (FSMs). Despite the existence of test generation methods for IOTSs, the problem of selection of test cases is an important and difficult topic. The current methods for IOTSs are non-deterministic, in contrast to the existing theory for FSMs that provides complete fault coverage guarantee based on a fault model. This manuscript addresses the application of fault models to deterministic test generation methods from IOTSs. A method for the test suite generation based on W method for FSMs is proposed for IOTSs. It generates test suites in a deterministic way and also satisfies sufficient conditions of specification coverage and all faults in a given fault domain. Empirical studies evaluated its applicability and effectiveness. Experimental results for the analyses of the cost of test suite generation by random IOTSs and a case study with specifications from the industry show the effectiveness of the test suites generated in relation to the traditional method of Tretmans. Complete test suites Conjuntos de teste completos Fault models Geração de casos de teste Input/output transition systems Model-based testing Modelos de defeitos Test case generation Teste baseado em modelos
33	Improving the Development of Safety Critical Software : Automated Test Case Generation for MC/DC Coverage using Incremental SAT-Based Model Checking Holm, Oscar January 2019 (has links) The importance and requirements of certifying safety critical software is today more apparent than ever. This study focuses on the standards and practices used within the avionics, automotive and medical domain when it comes to safety critical software. We identify critical problems and trends when certifying safety critical software and propose a proof-of-concept using static analysis, model checking and incremental SAT solving as a contribution towards solving the identiﬁed problems. We present quantitative execution times and code coverage results of our proposed solution. The proposed solution is developed under the assumptions of safety critical software standards and compared to other studies proposing similar methods. Lastly, we conclude the issues and advantages of our proof-of-concept in perspective of the software developer community safety critical system safety critical software MC/DC quality assurance software engineering Modified Condition Decision Coverage automated testing test case generation SAT solving Z3 Dextool model checking static analysis Computer and Information Sciences Data- och informationsvetenskap Computer Sciences Datavetenskap (datalogi)
34	Design of a Test Generation Methodology for ARTIS using Model-Checking with a Generic Modelling Approach Vernekar, Ganesh Kamalakar 22 January 2016 (has links) (PDF) In the recent trends, automated systems are increasingly seen to be embedded in human life with the increase of human dependence on software to perform safetycritical tasks like airbag deployment in automobiles to real-time mission planning in UAVs (Unmanned Aircraft Vehicles). The safety-critical nature of the aerospace domain demands for a software without any errors to perform these tasks. Therefore the field of computer science needs to address these challenges by providing necessary formalisms, techniques, and tools that will ensure the correctness of systems despite their complexity. DO-178C/EC-12C is a standard that governs the certification of software for airborne systems in commercial aircraft. The additional supplement DO- 333 enables us to use the formal methods in our technique of verifying the autonomous behaviour of UAV’s. The Mission Manager system is primarily responsible for the execution of behaviour sequence in online and offline mission planning of UAV. This work presents the process of software verification by making use of formal modelling using model checking of the Mission Manager component of ARTIS (Autonomous Rotorcraft Testbed for Intelligent Systems) UAV by gaining advantages from a generic modelling approach. The main idea is to make use of the designed generic models into specific cases like ARTIS in our case. The generic models are designed using the ALFU(R)S (Autonomy Levels For Unmanned Rotorcraft System) framework that delineates the commonalities of several UAVs considered around the world which also includes the ARTIS UAV. Furthermore this work walks through every process involved in model checking like requirements extraction and documentation using a template based method, requirements specification using the temporal logics like LTL and CTL, developing a formal model using NuSMV as a model checking tool to analyze the requirements against the model for the Mission Manager component of MiPlEx (Mission Planning and Execution). Additionally as a validation approach, test sequences are generated by using trap properties or negation properties. This aids for a test generation approach by harnessing counterexample generating capabilities of the NuSMV Model Checker. Validierung Verifizierung Gegenbeispiel Flugzeug Modellprüfung Test Formal Specification Model Checking Formal Verification Validation and Verification UAV NuSMV Test Case Generation Counterexample ddc:004 Informatik Validierung Verifikation Gegenbeispiel Flugzeug Model Checking Test
35	Teste baseado em modelos para serviços RESTful usando máquinas de estados de protocolos UML / Model-based testing of RESTful web services using UML protocol state machines Pedro Victor Pontes Pinheiro 15 April 2014 (has links) A Arquitetura Orientada a Serviços (SOA) é um estilo arquitetural formado por um conjunto de restrições que visa promover a escalabilidade e a flexibilidade de um sistema, provendo suas funcionalidades como serviços. Nos últimos anos, um estilo alternativo foi proposto e amplamente adotado, que projeta as funcionalidades de um sistema como recursos. Este estilo arquitetural orientado a recursos é chamado de REST. O teste de serviços web em geral apresenta vários desafios devido a sua natureza distribuída, canal de comunicação pouco confiável, baixo acoplamento e a falta de uma interface de usuário. O teste de serviços RESTful (serviços que utilizam o REST) compartilham estes mesmos desafios e ainda necessitam que suas restrições sejam obedecidas. Estes desafios demandam testes mais sistemáticos e formais. Neste contexto, o teste baseado em modelos (TBM) se apresenta como um processo viável para abordar essas necessidades. O modelo que representa o sistema deve ser simples e ao mesmo tempo preciso para que sejam gerados casos de teste com qualidade. Com base nesse contexto, este projeto de mestrado propõe uma abordagem baseada em modelos para testar serviços RESTful. O modelo comportamental adotado foi a máquina de estados de protocolos UML, capaz de formalizar a interface do serviço enquanto esconde o seu funcionamento interno. Uma ferramenta foi desenvolvida para gerar automaticamente os casos de teste usando critérios de cobertura de estados e transições para percorrer o modelo / Service Oriented Architecture (SOA) is an architectural style consisting of a set of restrictions aimed at promoting the scalability and flexibility of a system, providing its functionalities as services. In recent years, an alternative style was proposed and widely adopted, which designs the system\'s functionalities as resources. This resource oriented architectural style is called REST. In general, the test of web services has several challenges due to its distributed nature, unreliable communication channel, low coupling and the lack of a user interface. Testing RESTful web services (services that use REST) share these same challenges and also need to obey the REST constraints. These challenges require a more systematic and formal testing approach. In this context, model based testing presents itself as a viable process for addressing those needs. The model that represents the system should be simple and precise enough to generate quality test cases. Based on this context, this work proposes a model based approach to test RESTful web services. The behavioral model used was the UML protocol state machine, which is capable to provide a formalization of the service interface, while hiding its internal behaviour. A tool was developed to automatically generate test cases using the state and transition coverage criteria to traverse the model Arquitetura orientada a recursos Geração de casos de teste Máquina de estados de protocolos UML Serviços RESTful Teste baseado em modelos Model-based testing Resource-oriented architecture RESTful web services Test case generation UML protocol state machine
36	Test symbolique de services web composite / Symbolic Testing Approach of Composite Web Services Bentakouk, Lina 16 December 2011 (has links) L’acceptation et l’utilisation des services Web en industrie se développent de par leursupport au développement d’application distribuées comme compositions d’entitéslogicielles plus simples appelées services. En complément à la vérification, le testpermet de vérifier la correction d’une implémentation binaire (code source nondisponible) par rapport à une spécification. Dans cette thèse, nous proposons uneapproche boîte-noire du test de conformité de compositions de services centralisées(orchestrations). Par rapport à l’état de l’art, nous développons une approchesymbolique de façon à éviter des problèmes d’explosion d’espace d’état dus à la largeutilisation de données XML dans les services Web. Cette approche est basée sur desmodèles symboliques (STS), l’exécution symbolique de ces modèles et l’utilisationd’un solveur SMT. De plus, nous proposons une approche de bout en bout, quiva de la spécification à l’aide d’un langage normalisé d’orchestration (ABPEL) etde la possible description d’objectifs de tests à la concrétisation et l’exécution enligne de cas de tests symboliques. Un point important est notre transformation demodèle entre ABPEL et les STS qui prend en compte les spécifications sémantiquesd’ABPEL. L’automatisation de notre approche est supportée par un ensemble d’outilsque nous avons développés. / Web services are gaining industry-wide acceptance and usage by fostering the developmentof distributed applications out of the composition of simpler entities calledservices. In complement to verification, testing allows one to check for the correctnessof a binary (no source code) service implementation with reference to a specification.In this thesis, we propose black box conformance testing approach for centralizedservice compositions (orchestrations). With reference to the state of the art, wedevelop a symbolic approach in order to avoid state space explosion issues due to theXML data being largely used in Web services. This approach is based on symbolicmodels (STS), symbolic execution, and the use of a satisfiability modulo theory(SMT) solver. Further, we propose a comprehensive end-to-end approach that goesfrom specification using a standard orchestration language (ABPEL), and the possibledescription of test purposes, to the online realization and execution of symbolic testcases against an implementation. A crucial point is a model transformation fromABPEL to STS that we have defined and that takes into account the peculiarities ofABPEL semantics. The automation of our approach is supported by a tool-chainthat we have developed. Services Orchestration Test formel Génération de cas de test WS-BPEL Système de transitions Exécution symbolique SMT solver Services Orchestration Formal testing Test-case generation WS-BPEL Transition systems Symbolic execution SMT solver
37	Aplicação de modelos de defeitos na geração de conjuntos de teste completos a partir de Sistemas de Transição com Entrada/Saída / Applying fault models in complete test suite generation from Input/Output Transition Systems Sofia Larissa da Costa Paiva 16 March 2016 (has links) O Teste Baseado em Modelos (TBM) emergiu como uma estratégia promissora para minimizar problemas relacionados à falta de tempo e recursos em teste de software e visa verificar se a implementação sob teste está em conformidade com sua especificação. Casos de teste são gerados automaticamente a partir de modelos comportamentais produzidos durante o ciclo de desenvolvimento de software. Entre as técnicas de modelagem existentes, Sistemas de Transição com Entrada/Saída (do inglês, Input/Output Transition Systems - IOTSs), são modelos amplamente utilizados no TBM por serem mais expressivos do que Máquinas de Estado Finito (MEFs). Apesar dos métodos existentes para geração de testes a partir de IOTSs, o problema da seleção de casos de testes é um tópico difícil e importante. Os métodos existentes para IOTS são não-determinísticos, ao contrário da teoria existente para MEFs, que fornece garantia de cobertura completa com base em um modelo de defeitos. Esta tese investiga a aplicação de modelos de defeitos em métodos determinísticos de geração de testes a partir de IOTSs. Foi proposto um método para geração de conjuntos de teste com base no método W para MEFs. O método gera conjuntos de teste de forma determinística além de satisfazer condições de suficiência de cobertura da especificação e de todos os defeitos do domínio de defeitos definido. Estudos empíricos avaliaram a aplicabilidade e eficácia do método proposto: resultados experimentais para analisar o custo de geração de conjuntos de teste utilizando IOTSs gerados aleatoriamente e um estudo de caso com especificações da indústria mostram a efetividade dos conjuntos gerados em relação ao método tradicional de Tretmans. / Model-Based Testing (MBT) has emerged as a promising strategy for the minimization of problems related to time and resource limitations in software testing and aims at checking whether the implementation under test is in compliance with its specification. Test cases are automatically generated from behavioral models produced during the software development life cycle. Among the existing modeling techniques, Input/Output Transition Systems (IOTSs) have been widely used in MBT because they are more expressive than Finite State Machines (FSMs). Despite the existence of test generation methods for IOTSs, the problem of selection of test cases is an important and difficult topic. The current methods for IOTSs are non-deterministic, in contrast to the existing theory for FSMs that provides complete fault coverage guarantee based on a fault model. This manuscript addresses the application of fault models to deterministic test generation methods from IOTSs. A method for the test suite generation based on W method for FSMs is proposed for IOTSs. It generates test suites in a deterministic way and also satisfies sufficient conditions of specification coverage and all faults in a given fault domain. Empirical studies evaluated its applicability and effectiveness. Experimental results for the analyses of the cost of test suite generation by random IOTSs and a case study with specifications from the industry show the effectiveness of the test suites generated in relation to the traditional method of Tretmans. Conjuntos de teste completos Geração de casos de teste Modelos de defeitos Teste baseado em modelos Complete test suites Fault models Input/output transition systems Model-based testing Test case generation
38	Design of a Test Generation Methodology for ARTIS using Model-Checking with a Generic Modelling Approach Vernekar, Ganesh Kamalakar 14 December 2015 (has links) In the recent trends, automated systems are increasingly seen to be embedded in human life with the increase of human dependence on software to perform safetycritical tasks like airbag deployment in automobiles to real-time mission planning in UAVs (Unmanned Aircraft Vehicles). The safety-critical nature of the aerospace domain demands for a software without any errors to perform these tasks. Therefore the field of computer science needs to address these challenges by providing necessary formalisms, techniques, and tools that will ensure the correctness of systems despite their complexity. DO-178C/EC-12C is a standard that governs the certification of software for airborne systems in commercial aircraft. The additional supplement DO- 333 enables us to use the formal methods in our technique of verifying the autonomous behaviour of UAV’s. The Mission Manager system is primarily responsible for the execution of behaviour sequence in online and offline mission planning of UAV. This work presents the process of software verification by making use of formal modelling using model checking of the Mission Manager component of ARTIS (Autonomous Rotorcraft Testbed for Intelligent Systems) UAV by gaining advantages from a generic modelling approach. The main idea is to make use of the designed generic models into specific cases like ARTIS in our case. The generic models are designed using the ALFU(R)S (Autonomy Levels For Unmanned Rotorcraft System) framework that delineates the commonalities of several UAVs considered around the world which also includes the ARTIS UAV. Furthermore this work walks through every process involved in model checking like requirements extraction and documentation using a template based method, requirements specification using the temporal logics like LTL and CTL, developing a formal model using NuSMV as a model checking tool to analyze the requirements against the model for the Mission Manager component of MiPlEx (Mission Planning and Execution). Additionally as a validation approach, test sequences are generated by using trap properties or negation properties. This aids for a test generation approach by harnessing counterexample generating capabilities of the NuSMV Model Checker. info:eu-repo/classification/ddc/004 ddc:004
39	Model-Based Testing of Dosing System : An Introductory Review on Model-Based Automatic Test Case Generation with Matlab Simulink Proof-of-concept / Modellbaserad Testning av doseringssystem : En översiktlig genomgång av modellbaserad automatisk testfallgenerering med Matlab Simulink proof-of-concept Setyawan, Albertus Adrian January 2021 (has links) A modern truck contains a large number of functionalities implemented in its electronics system. Thus, testing all of these functions employs a considerable effort. The execution of tests against the system has been automated for a long time. Unfortunately, most of the test is still designed manually these days. This manual test design is sometimes not comprehensive enough to cover all possible scenarios within a complex system. At the moment, there is also a growing trend in the development process based on the model. Furthermore, model-based software can handle events and signal behaviour more robustly[1]. This thesis investigates the technique in model-based testing. The study evaluates the requirement modelling and automated abstract test generation of model-based testing over the existing testing method. A cause-effect graph is utilized for the modelling in Matlab Simulink tool with DesignVerifier feature. The case study is the truck dosing system in Scania. The results are the following. The temporal and static requirements modelling are capable of being modelled using the cause-effect graph in Matlab Simulink. Compared to the traditional method, the MBT method can achieve higher requirement coverage and more rigorous test with optimized test case generation. The MBT method also has a rapid test case generation time suitable for quick design iteration. However, the total test development time (including test case generation time) of using MBT is 12.5% higher than the manual method. Using a model-based platform like Matlab Simulink is recommended to assist the manual testing, not to replace the test flow entirely with the current research state. / En modern truck innehåller ett stort antal funktioner implementerade i dess elektroniksystem. Att testa alla dessa funktioner kräver därför en avsevärd ansträngning. Utförandet av tester mot systemet har varit automatiserat under lång tid. Tyvärr är det mesta av testet fortfarande utformat manuellt nu för tiden. Denna manuella testdesign är ibland inte tillräckligt omfattande för att täcka alla möjliga scenarier inom ett komplext system. För tillfället finns det också en växande trend i utvecklingsprocessen utifrån modellen. Dessutom kan modellbaserad programvara hantera händelser och signalbeteende mer robust[1]. Detta examensarbete undersöker tekniken i modellbaserad testning. Studien utvärderar kravmodellering och automatiserad abstrakt testgenerering av modellbaserad testning över den befintliga testmetoden. En cause-effect graph används för modelleringen i Matlab Simulink-verktyget med Design Verifier-funktionen. Fallstudien är lastbilens doseringssystem i Scania. Resultaten är följande. Den tidsmässiga och statiska kravmodelleringen kan modelleras med hjälp av cause-effect graph i Matlab Simulink. Jämfört med den traditionella metoden kan MBT-metoden uppnå högre kravtäckning och mer rigorösa test med optimerad testfallsgenerering. MBT-metoden har också en snabb genereringstid för testfall som är lämplig för snabb designiteration. Den totala testutvecklingstiden (inklusive genereringstid för testfall) för att använda MBT är 12,5% högre än den manuella metoden. Att använda en modellbaserad plattform som Matlab Simulink rekommenderas för att underlätta den manuella testningen, inte för att ersätta testflödet helt med det aktuella forskningsläget. model-based testing requirement modelling automated test case generation cause-effect graph Matlab Simulink modellbaserad testning kravmodellering automatisk generering av testfall cause-effect graph Matlab Simulink Computer and Information Sciences Data- och informationsvetenskap
40	Java網頁程式安全弱點驗證之測試案例產生工具 / Test Case Generation for Verifying Security Vulnerabilities in Java Web Applications 黃于育, Huang, Yu Yu Unknown Date (has links) 近年來隨著網路的發達，網頁應用程式也跟著快速且普遍化地發展。網頁應用程式快速盛行卻忽略程式設計時的安全性考量，進而成為網路駭客的攻擊目標。因此，網頁應用程式的安全議題日益重要。目前已有許多網頁應用程式安全弱點的相關研究，以程式分析的技術找出弱點，主要分成靜態分析與動態分析兩大類。但無論是使用靜態或是動態的分析方法，仍有其不完美的地方。其中靜態分析結果完備但會產生過多弱點誤報；動態分析結果準確率高但會因為測試案例的不完備而造成弱點的漏報。因此，本論文研究結合了動靜態分析，利用靜態分析方法發展一套測試案例產生工具；再結合動態分析方法隨著測試案例的執行來追蹤測試資料並作弱點的驗證，以達到沒有弱點漏報的產生以及改善弱點誤報的目標。本論文研究的重點集中在以靜態分析技術產生涵蓋目標程式中所有可執行路徑的測試案例。我們應用測試案例產生常見的符號化執行技巧，利用程式的路徑限制蒐集與解決來達成測試案例產生。實作上我們利用跨程序性路徑分析找出目標程式中所有潛在弱點的路徑，再以反向路徑限制蒐集將限制資訊完整蒐集；最後交給限制分析器解限制並產生測試案例。接著利用剖面導向程式語言AspectJ的程式插碼技術實現動態的汙染資料流分析，配合產生的測試案執行程式觸發動態的汙染資料流分析並產生可信賴的弱點分析結果。 / Due to the rapid development of the internet in recent years, web applications have become very popular and ubiquitous. However, developers may neglect the issues of security while designing a program so that web applications become the targets of attackers. Hence, the issue of web application vulnerabilities has become very crucial. There have been many research results of web application security vulnerabilities and many of them exploit the technique of program analysis to detect vulnerabilities. These analysis approaches can be can basically be categorized into dynamic analysis and static analysis. However, both of them still have their own problems to be improved. Specifically static analysis supports high coverage of vulnerabilities, but causes too many false positives. As for the dynamic analysis, although it produces high confident results, yet it may cause false negatives without complete test cases. In this thesis, we integrate both static analysis and dynamic analysis to achieve the objectives that no false negatives are produced and reduce false positives. We develop a test case generation tool by the static analysis approach and a program execution tool that dynamically track the execution of the target program with those test data to detect its vulnerabilities. Our test case generation tool first employs both intra- and inter-procedural analysis to cover all vulnerable paths in a program, and then apply the symbolic execution technique to collect all path constraints. With these collected constraints, we use a constraint solver to solve them and finally generate the test cases. As to the execution tool, it utilizes the instrumentation mechanism provided by the aspect-oriented programming language AspectJ to implement a dynamic taint analysis that tracks the flow of tainted data derived from those generated test cases. As a result, all vulnerable program paths will be detected by our tools. 測試案例產生符號化執行網頁應用程式靜態分析動態分析汙染資料流分析 Test case generation Symbolic execution Web application Static analysis Dynamic analysis Taint analysis

Search results