An official website of the United States government
Studies have shown that combinatorial testing (CT) can be effective for detecting faults in software systems. By focusing on the interactions between different factors of a system, CT shows its potential for detecting faults, especially those that can be revealed only by the specific combinations of values of multiple factors (multi-factor faults). However, is CT practical enough to be applied in the industry? Can it be more effective than other industry-favored techniques? Are there any challenges when applying CT in practice? These research questions remain in the context of industrial settings. In this paper, we present an empirical study of CT on five industrial systems with real faults. The details of the input space model (ISM) construction, such as factor identification and value assignment, are included. We compared the faults detected by CT with those detected by the inhouse testing teams using other methods, and the results suggest that despite some challenges, CT is an effective technique to detect real faults, especially multi-factor faults, of software systems in industrial settings. Observations and lessons learned are provided to further improve the fault detection effectiveness and overcome various challenges.
more »
« less
A Survey of the Application of Combinatorial Testing
After more than 30 years of development, combinatorial testing has become an essential method in the field of software testing, which has always been an active field. Through combined coverage, combinatorial testing can detect faults caused by various parameters and their interactions in a software under test. This paper aims to review the development of combinatorial testing and briefly introduce its basic applications. We classify today's combinatorial testing applications, including those of traditional industry and those of the IT industry. The research-and-application progress of combinatorial testing was investigated with respect to various fields of application, and potential application directions for the future were proposed to provide ideas its the extensive application.
more »
« less
- Award ID(s):
- 1822137
- PAR ID:
- 10194989
- Date Published:
- Journal Name:
- The 19th IEEE International Conference on Software Quality, Reliability and Security Companion
- Page Range / eLocation ID:
- 512 to 513
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
AUTOSAR Adaptive Platform (AP) is an emerging industry standard that tackles the challenges of modern auto- motive software design, but does not provide adequate mech- anisms to enforce deterministic execution. This poses profound challenges to testing and maintenance of the application software, which is particularly problematic for safety-critical applications. In this paper, we analyze the problem of nondeterminism in AP and propose a framework for the design of deterministic automotive software that transparently integrates with the AP communication mechanisms. We illustrate our approach in a case study based on the brake assistant demonstrator application that is provided by the AUTOSAR consortium. We show that the original implementation is nondeterministic and discuss a deterministic solution based on our framework.more » « less
-
In this paper we revisit the field of search-based software testing (SBST) in the context of its technological maturity. We highlight some successes with respect to tools, hybrid approaches, extensions and industry adoption. We then discuss some open challenges that remain for SBST including the need for new approaches to system testing, automated oracle generation, incorporating humans into the search process, and leveraging learning through hyper-heuristic search.more » « less
-
Software system security gets a lot of attention from the industry for its crucial role in protecting private resources. Typically, users access a system’s services via an application programming interface (API). This API must be protected to prevent unauthorized access. One way that developers deal with this challenge is by using role-based access control where each entry point is associated with a set of user roles. However, entry points may use the same methods from lower layers in the application with inconsistent permissions. Currently, developers use integration or penetration testing which demands a lot of effort to test authorization inconsistencies. This paper proposes an automated method to test role-based access control in enterprise applications. Our method verifies inconsistencies within the application using authorization role definitions that are associated with the API entry points. By analyzing the method calls and entity accesses on subsequent layers, inconsistencies across the entire application can be extracted. We demonstrate our solution in a case study and discuss our preliminary results.more » « less
-
null (Ed.)Interest in the investigation of novel software and control algorithms for wearable robotics is growing. However, entry into this field requires a significant investment in a testing platform. This work introduces CANopen Robot Controller (CORC)—an open source software stack designed to accelerate the development of robot software and control algorithms—justifying its choice of platform, describing its overall structure, and demonstrating its viability on two distinct platforms.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1109/QRS-C.2019.00100
