Showing papers by "Hyunsook Do published in 2013"

Test Case Prioritization Using Requirements-Based Clustering

Abstract: The importance of using requirements information in the testing phase has been well recognized by the requirements engineering community, but to date, a vast majority of regression testing techniques have primarily relied on software code information Incorporating requirements information into the current testing practice could help software engineers identify the source of defects more easily, validate the product against requirements, and maintain software products in a holistic way In this paper, we investigate whether the requirements-based clustering approach that incorporates traditional code analysis information can improve the effectiveness of test case prioritization techniques To investigate the effectiveness of our approach, we performed an empirical study using two Java programs with multiple versions and requirements documents Our results indicate that the use of requirements information during the test case prioritization process can be beneficial

A threat model-based approach to security testing

Abstract: Software security issues have been a major concern in the cyberspace community, so a great deal of research on security testing has been performed, and various security testing techniques have been developed. Threat modeling provides a systematic way to identify threats that might compromise security, and it has been a well-accepted practice by the industry, but test case generation from threat models has not been addressed yet. Thus, in this paper, we propose a threat model-based security testing approach that automatically generates security test sequences from threat trees and transforms them into executable tests. The security testing approach we consider consists of three activities in large: building threat models with threat trees; generating security test sequences from threat trees; and creating executable test cases by considering valid and invalid inputs. To support our approach, we implemented security test generation techniques, and we also conducted an empirical study to assess the effectiveness of our approach. The results of our study show that our threat tree-based approach is effective in exposing vulnerabilities. Copyright © 2012 John Wiley & Sons, Ltd.

Model-Based Exploratory Testing: A Controlled Experiment

Abstract: Exploratory testing provides an intuitive way for testing a software product that testers can apply, but the advantages of exploratory testing are generally outweighed by its disadvantages, mainly the time and resources necessary to perform it manually. To address this problem, in this research, we propose Model-Based Exploratory Testing (MBET), an approach that incorporates the advantages of exploratory testing and Model-Based Testing (MBT) that automates the testing processes. To support the MBET approach, we implemented an automated testing tool, the Crushinator. To assess our approach, we conducted an experiment using an educational game application with multiple versions and we collected the number and type of defects detected with the MBET and MBT approaches. Our results showed that, overall, MBET detected more defects than MBT. The results also showed that MBET detected certain defect types better than MBT while MBT detected other types better than MBET.

Crushinator: a framework towards game-independent testing

Abstract: Testing game applications relies heavily on beta testing methods. The effectiveness of beta testing depends on how well beta testers represent the common game-application users and if users are willing to participate in the beta test. An automated testing tool framework could reduce the dependence upon beta testing by most companies to analyze their game applications. This paper presents the Crushinator as one such framework. This framework provides a game-independent testing tool that implements multiple testing methods that can assist and possibly replace the use of beta testing.

A Fuzzy Expert System for Cost-Effective Regression Testing Strategies

Abstract: Different testing environments and software change characteristics can affect the choice of regression testing techniques. In our prior work, we developed adaptive regression testing (ART) strategies to investigate this problem. While the ART strategies showed promising results, we also found that the multiple criteria decision making processes required for the ART strategies are time-consuming, often inaccurate and inconsistent, and limited in their scalability. To address these issues, in this research, we develop and empirically study a fuzzy expert system (FESART) to aid decision makers in choosing the most cost-effective technique for a particular software version. The results of our study show that FESART is consistently more cost-effective than the previously proposed ART strategies. One of the biggest contributors to FESART being more cost-effective is the reduced time required to apply the strategy. This contribution has significant impact because a strategy that is less time-consuming will be easier for researchers and practitioners to adopt, and will provide even greater cost-savings for regression testing sessions.