Selective Test Generation Method for Evolving Critical Systems

Fourneret, Elizabeta; Bouquet, Fabrice; Dadeau, Frédéric; Debricon, Stéphane

doi:10.1109/icstw.2011.95

Cited by 16 publications

(12 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For instance, Fourneret et al [30] propose a UML-based approach to select a precise set of tests covering changed or impacted functional requirements, identified by applying change and dependence analysis.…”

Section: Regression Testingmentioning

confidence: 99%

See 1 more Smart Citation

A systematic classification of security regression testing approaches

Felderer

Fourneret

2015

Int J Softw Tools Technol Transfer

Self Cite

View full text Add to dashboard Cite

The openness of modern IT systems and their permanent change make it challenging to keep these systems secure. A combination of regression and security testing called security regression testing, which ensures that changes made to a system do not harm its security, are therefore of high significance and the interest in such approaches has steadily increased. In this article we present a systematic classification of available security regression testing approaches based on a solid study of background and related work to sketch which parts of the research area seem to be well understood and evaluated, and which ones require further research. For this purpose we extract approaches relevant to security regression testing from computer science digital libraries based on a rigorous search and selection strategy. Then, we provide a classification of these according to security regression approach criteria: abstraction level, security issue, regression testing techniques, and tool support, as well as evaluation criteria, for instance evaluated system, maturity of the system, and evaluation measures. From the resulting classification we derive observations with regard to the abstraction level, regression testing techniques, tool support as well as evaluation, and finally identify several potential directions of future research.

show abstract

Section: Regression Testingmentioning

confidence: 99%

“…Model-based regression testing analyses changes at the level of formal representation of a software or its environment, for instance, represented as diagrams in the Unified Modeling Language (UML) [28][29][30] or as Extended Finite State Machines (EFSM) [31].…”

Section: Regression Testingmentioning

confidence: 99%

A systematic classification of security regression testing approaches

Felderer

Fourneret

2015

Int J Softw Tools Technol Transfer

Self Cite

View full text Add to dashboard Cite

show abstract

“…The security requirements are captured through schemas (or scenarios), written in the Smartesting Schema Language, which are further used to drive the test generation. The evolving aspects of the systems are captured by adapting the SeTGaM technique (Fourneret, Bouquet, Dadeau & Debricon, 2011) to security requirements. They manage the test's life cycle for the new system version through finer grained status and update.…”

Section: Security Test Evolutionmentioning

confidence: 99%

Evolution of Security Engineering Artifacts

Felderer

Katt

Kalb

et al. 2014

International Journal of Secure Software Engineering

Self Cite

View full text Add to dashboard Cite

Security is an important quality aspect of modern open software systems. However, it is challenging to keep such systems secure because of evolution. Security evolution can only be managed adequately if it is considered for all artifacts throughout the software development lifecycle. This article provides state of the art on the evolution of security engineering artifacts. The article covers the state of the art on evolution of security requirements, security architectures, secure code, security tests, security models, and security risks as well as security monitoring. For each of these artifacts the authors give an overview of evolution and security aspects and discuss the state of the art on its security evolution in detail. Based on this comprehensive survey, they summarize key issues and discuss directions of future research.

show abstract

“…Other researchers have investigated test case problems considering models with the system specifications rather than source code . Chen et al present a model‐based approach that generates a regression test suite using dependence analysis of the modified elements in the model.…”

Section: Related Workmentioning

confidence: 99%

“…Chen et al present a model‐based approach that generates a regression test suite using dependence analysis of the modified elements in the model. Similarly, Fourneret et al generate necessary test cases for the modified portion of the model (UML) using requirement information and impact analysis. Samuel and Mall generate test cases from UML activity diagrams using a dynamic slicing technique.…”

Section: Related Workmentioning

confidence: 99%

An efficient regression testing approach for PHP web applications: a controlled experiment

Hossain

2014

Software Testing Verif & Rel

View full text Add to dashboard Cite

SUMMARYCompanies that provide web applications often encounter various security attacks and frequent feature‐update demands from users, and when these needs arise, companies need to fix security problems or upgrade the application with new features. These fixes often involve small patches or revisions, but still, testers need to perform regression testing on their products to ensure that the changes have not introduced new faults. Performing regression testing on the entire product, however, can be very expensive, and it is not a viable solution for companies that need a short turnaround time to release patches. One solution is focusing only on the code areas that have been changed and performing regression testing on them. By doing this, companies can provide quick patches more dependably whenever they encounter security breaches. In this paper, the authors proposed a new regression testing approach that identifies the affected areas by code changes using impact analysis and generates new test cases for the impacted areas by changes using program slices. To facilitate the approach, the researchers implemented a Hypertext Preprocessor (PHP) Analysis and Regression Testing Engine (PARTE) and performed a controlled experiment using five open source web applications with multiple versions. The results showed that this approach is effective in reducing the cost of regression testing for a frequently patched web application, and exposed ways in which that effectiveness can vary with application characteristics and versioning frequencies. Copyright © 2014 John Wiley & Sons, Ltd.

show abstract

Selective Test Generation Method for Evolving Critical Systems

Cited by 16 publications

References 17 publications

A systematic classification of security regression testing approaches

A systematic classification of security regression testing approaches

Evolution of Security Engineering Artifacts

An efficient regression testing approach for PHP web applications: a controlled experiment

Contact Info

Product

Resources

About