Pub Date : 2020-10-01DOI: 10.1109/icstw50294.2020.00017
J. S. Bradbury, Peter M. Kruse, Mehrdad Saadatmand, H. Schlingloff
Due to increasing market diversification and customer demand, more and more software-based products and services are customizable or are designed in the form of many different variants. This brings about new challenges for the software quality assurance processes: How shall the variability be modelled in order to make sure that all features are being tested? Is it better to test selected variants on a concrete level, or can the generic software and baseline be tested abstractly? Can knowledge-based AI techniques be used to identify and prioritize test cases? How can the quality of a generic test suite be assessed? What are appropriate coverage criteria for configurable modules? If it is impossible to test all possible variants, which products and test cases should be selected for test execution? Can security-testing methods be leveraged to an abstract level?
{"title":"ToCaMS - Workshop on Testing of Configurable and Multi-variant Systems","authors":"J. S. Bradbury, Peter M. Kruse, Mehrdad Saadatmand, H. Schlingloff","doi":"10.1109/icstw50294.2020.00017","DOIUrl":"https://doi.org/10.1109/icstw50294.2020.00017","url":null,"abstract":"Due to increasing market diversification and customer demand, more and more software-based products and services are customizable or are designed in the form of many different variants. This brings about new challenges for the software quality assurance processes: How shall the variability be modelled in order to make sure that all features are being tested? Is it better to test selected variants on a concrete level, or can the generic software and baseline be tested abstractly? Can knowledge-based AI techniques be used to identify and prioritize test cases? How can the quality of a generic test suite be assessed? What are appropriate coverage criteria for configurable modules? If it is impossible to test all possible variants, which products and test cases should be selected for test execution? Can security-testing methods be leveraged to an abstract level?","PeriodicalId":441435,"journal":{"name":"ICST Workshops","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133153278","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/icstw50294.2020.00006
Tim A. D. Henderson, John Micco, Bao-Ngoc Nguyen
Continuous Integration (Cl) and Continuous Delivery (CD) are increasingly widespread throughout the technology sector. As large engineering organizations adopt CI/CD they are often met with scalability challenges. What works for small teams has not proven to work for large teams. This workshop invites practitioners and academics to come together and informally discuss the challenges and opportunities in build, test, and release automation. The purpose of the CI/CD Industry Workshop is to encourage practitioners (who may or may not be engaged with the academic community) to come together to learn from each other. It is also an opportunity for the academic community to learn (informally) about the state-of-practice in CI/CD and current challenges. We do not want any artificial barriers to exist between the experienced practitioner and participation in the workshop.
{"title":"ICST 2020 CI/CD Industry Workshop Program","authors":"Tim A. D. Henderson, John Micco, Bao-Ngoc Nguyen","doi":"10.1109/icstw50294.2020.00006","DOIUrl":"https://doi.org/10.1109/icstw50294.2020.00006","url":null,"abstract":"Continuous Integration (Cl) and Continuous Delivery (CD) are increasingly widespread throughout the technology sector. As large engineering organizations adopt CI/CD they are often met with scalability challenges. What works for small teams has not proven to work for large teams. This workshop invites practitioners and academics to come together and informally discuss the challenges and opportunities in build, test, and release automation. The purpose of the CI/CD Industry Workshop is to encourage practitioners (who may or may not be engaged with the academic community) to come together to learn from each other. It is also an opportunity for the academic community to learn (informally) about the state-of-practice in CI/CD and current challenges. We do not want any artificial barriers to exist between the experienced practitioner and participation in the workshop.","PeriodicalId":441435,"journal":{"name":"ICST Workshops","volume":"96 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130579332","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/icstw50294.2020.00013
S. Demeyer, Adnan Causevic, Kristian Wiklund, P. Potena
Test automation has been an acknowledged software engineering best practice for years. However, the topic involves more than the repeated execution of test cases that often comes first to mind. Simply running test cases using a unit testing framework is no longer enough for test automation to keep up with the ever-shorter release cycles driven by continuous deployment and technological innovations such as microservices and DevOps pipelines. Now test automation needs to rise to the next level by going beyond mere test execution.
{"title":"The Next Level of Test Automation (NEXTA 2020)","authors":"S. Demeyer, Adnan Causevic, Kristian Wiklund, P. Potena","doi":"10.1109/icstw50294.2020.00013","DOIUrl":"https://doi.org/10.1109/icstw50294.2020.00013","url":null,"abstract":"Test automation has been an acknowledged software engineering best practice for years. However, the topic involves more than the repeated execution of test cases that often comes first to mind. Simply running test cases using a unit testing framework is no longer enough for test automation to keep up with the ever-shorter release cycles driven by continuous deployment and technological innovations such as microservices and DevOps pipelines. Now test automation needs to rise to the next level by going beyond mere test execution.","PeriodicalId":441435,"journal":{"name":"ICST Workshops","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116683140","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
It is our pleasure to welcome you to the 12th edition of the International Workshop on Mutation Analysis (Mutation 2017), collocated with the 10th IEEE International Conference on Software Testing, Verification and Validation (ICST 2017) in Tokyo, Japan. Since its first edition, the Mutation workshop has provided a forum to bring together researchers and practitioners, enabling them to exchange ideas, address fundamental challenges in mutation testing, and discuss new applications of mutation.
{"title":"Message from the Mutation 2017 Chairs","authors":"J. Krinke, Nan Li, J. Rojas","doi":"10.1109/ICSTW.2017.22","DOIUrl":"https://doi.org/10.1109/ICSTW.2017.22","url":null,"abstract":"It is our pleasure to welcome you to the 12th edition of the International Workshop on Mutation Analysis (Mutation 2017), collocated with the 10th IEEE International Conference on Software Testing, Verification and Validation (ICST 2017) in Tokyo, Japan. Since its first edition, the Mutation workshop has provided a forum to bring together researchers and practitioners, enabling them to exchange ideas, address fundamental challenges in mutation testing, and discuss new applications of mutation.","PeriodicalId":441435,"journal":{"name":"ICST Workshops","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114421565","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper deals with the task of structural testing of real-world Simulink models containing stateflow diagrams, a number of difficulties arise that need to be addressed. One of the main problems is the size of the model under test and the resulting complexity. Other major challenges are the signal generation as well as the coverage of stateflow diagrams in general.
{"title":"Search-Based Testing of Complex Simulink Models containing Stateflow Diagrams","authors":"Ramón Sagarna, Xin Yao","doi":"10.1109/ICSTW.2008.34","DOIUrl":"https://doi.org/10.1109/ICSTW.2008.34","url":null,"abstract":"This paper deals with the task of structural testing of real-world Simulink models containing stateflow diagrams, a number of difficulties arise that need to be addressed. One of the main problems is the size of the model under test and the resulting complexity. Other major challenges are the signal generation as well as the coverage of stateflow diagrams in general.","PeriodicalId":441435,"journal":{"name":"ICST Workshops","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124814371","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1900-01-01DOI: 10.1109/ICSTW52544.2021.00031
A. Cavalli
Testing techniques are used to check if a given system implementation satisfies its specification or some predefined properties. In the last years an important research activity has taken place concerning the definition of testing techniques for security. Resilience has also become a crucial issue to guarantee the security and robustness of systems. Resilience is the capability of a system to continue to function properly with minimal degradation of performance, despite intrusions and attacks. In this lecture, we will present the main features of security testing and resilience. Regarding security testing, we will focus on model-based security testing, penetration testing and fuzzing testing. Regarding resilience, we will present a formal methodology that is based on three techniques: modelling, diversification and reflection. To implement this methodology, we first developed an approach of resilience that leverages model-level diversity. With this aim, we define a model of the system and derive more robust variants that can replace the first one in case of attack. To avoid manually deriving the variants and to increase the level of diversity, we propose a second complementary approach. The latter approach also consists in having different variants of ones services; but unlike the first, we have a single model and the implementations differ at the language, source code and binaries levels. To conclude we propose a formal Web service testing framework by incorporating these complementary mechanisms in order to take advantage of the benefits provided by each.We present the project H2020 VeriDevOps to illustrate the application of our approaches. The main objective of VeriDevOps is to improve automation to protect and prevent security issues based on: 1) the extraction of security and safety requirements from natural language to obtain a formal description that is validated using model checking; 2) the application of security testing techniques based on penetration testing; 3) the application of security monitoring at runtime to ensure app/system/network supervision at different layers based on the passive capture of traces and AI/ML-based techniques. Root Cause Analysis complements this activity, being focused on identifying the root cause of incidents and providing alerts.
{"title":"Security testing and resilience","authors":"A. Cavalli","doi":"10.1109/ICSTW52544.2021.00031","DOIUrl":"https://doi.org/10.1109/ICSTW52544.2021.00031","url":null,"abstract":"Testing techniques are used to check if a given system implementation satisfies its specification or some predefined properties. In the last years an important research activity has taken place concerning the definition of testing techniques for security. Resilience has also become a crucial issue to guarantee the security and robustness of systems. Resilience is the capability of a system to continue to function properly with minimal degradation of performance, despite intrusions and attacks. In this lecture, we will present the main features of security testing and resilience. Regarding security testing, we will focus on model-based security testing, penetration testing and fuzzing testing. Regarding resilience, we will present a formal methodology that is based on three techniques: modelling, diversification and reflection. To implement this methodology, we first developed an approach of resilience that leverages model-level diversity. With this aim, we define a model of the system and derive more robust variants that can replace the first one in case of attack. To avoid manually deriving the variants and to increase the level of diversity, we propose a second complementary approach. The latter approach also consists in having different variants of ones services; but unlike the first, we have a single model and the implementations differ at the language, source code and binaries levels. To conclude we propose a formal Web service testing framework by incorporating these complementary mechanisms in order to take advantage of the benefits provided by each.We present the project H2020 VeriDevOps to illustrate the application of our approaches. The main objective of VeriDevOps is to improve automation to protect and prevent security issues based on: 1) the extraction of security and safety requirements from natural language to obtain a formal description that is validated using model checking; 2) the application of security testing techniques based on penetration testing; 3) the application of security monitoring at runtime to ensure app/system/network supervision at different layers based on the passive capture of traces and AI/ML-based techniques. Root Cause Analysis complements this activity, being focused on identifying the root cause of incidents and providing alerts.","PeriodicalId":441435,"journal":{"name":"ICST Workshops","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126699629","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: