|
文章导读 |
|
摘要该文旨在基于白盒测试准则,提出能够在尽量复用测试资源、降低测试成本的前提下有效发现程序中错误的蜕变测试方法。任务关键软件的正确性是信息安全的重要组成部分,对其bug的测试至关重要,但Oracle问题经常制约到此类软件的测试。蜕变测试(MT)能够有效解决此类问题,但随机性较大。该文针对二元蜕变关系,提出了2种迭代的蜕变测试算法AESIST和AEMIST, 在依据此2种方法的测试中,上一轮生成的测试用例可以作为下一轮的原始用例而生成新的测试用例,并且所有的测试用例满足蜕变关系全路径覆盖准则(APCEM)。实验结果表明: 2种算法产生的测试用例能够在尽量少地运行程序的情况下有效发现程序中的错误。因此,本文提出的2种迭代蜕变测试算法在程序bug检测方面是高效的。
|
关键词 :路径分析,迭代蜕变测试,蜕变关系,bug检测 |
Abstract:This paper presents metamorphic testing (MT) methods for program bug detection with white-box criterion to reuse more testing resources and reduce cost. The correctness of mission-critical software is an important part of information security. Security systems often use metamorphic testing to solve the oracle problem with random tests. This article introduces two iterative metamorphic testing algorithms, AESIST and AEMIST, to analyze binary metamorphic relationships based upon APCEM (all-path coverage for every metamorphic relation). The test shows the efficiencies of these methods for bug detection.
|
Key words:path analysisiterative metamorphic testingmetamorphic relationshipbug detection |
收稿日期: 2013-12-01 出版日期: 2015-04-16 |
|
基金资助:国家自然科学基金资助项目 (61100047) |
|
被测程序代码 |
路径 | 路径对应的输入域 | 三角形类型 | 1 | {(max,mid,min) | (max2<mid2+ min2)∧(max=mid)}∩Tir | 顶角≤60度的等腰锐角三角形 | 2 | {(max,mid,min) | (max2<mid2+ min2)∧(min=mid)}∩Tir | 顶角>60度的等腰锐角三角形 | 3 | {(max,mid,min) | (max2<mid2+ min2)∧(三者互不相等)}∩Tir | 不规则的锐角三角形 | 4 | {(max,mid,min) | (max2=mid2+ min2)}∩Tir | 直角三角形 | 5 | {(max,mid,min) | (max2>mid2+ min2)∧(min=mid)}∩Tir | 等腰钝角三角形 | 6 | {(max,mid,min) | (max2>mid2+ min2)∧(三者互不相等)}∩Tir | 不规则的钝角三角形 |
|
程序TriSquarePlus的路径信息 |
|
mr5-7的构造原理 |
|
基于TriSquareU功能构造的蜕变关系 |
|
使用AESIST算法测试TriSquareU的过程 |
|
使用AESIST和AEMIST算法测试TriSquareU时生成测试用例 |
|
使用AESIST和AEMIST算法测试TriSquareU时的FPD值对比 |
[1] | Chen T Y, Cheung S C, Yiu S M. Metamorphic Testing: A New Approach for Generating Next Test Cases, Technical Report HKUST-CS98-01 [R]. Hong Kong, China:Hong Kong University of Science and Technology, 1998. |
[2] | Chen T Y, Kuo F C, Liu Y, et al.Metamorphic testing and testing with special values [C]// Proceedings of the 5th International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD'04). Beijing, China: IEEE Computer Society, 2004: 128-134. |
[3] | 吴鹏, 施小纯, 唐江峻, 等. 关于蜕变测试和特殊用例测试的实例研究 [J]. 软件学报, 2005, 16(7): 1210-1220. WU Peng, SHI Xiaochun, TANG Jiangjun, et al.Metamorphic testing and special case testing: A case study[J]. Journal of Software, 2005, 16(7): 1210-1220. (in Chinese) |
[4] | Wu P. Iterative metamorphic testing [C]// Proceedings of the 29th Annual International Computer Software and Applications Conference (COMPSAC'05). Edinburgh, UK: IEEE Computer Society, 2005: 19-24. |
[5] | 董国伟, 聂长海, 徐宝文. 基于程序路径分析的有效蜕变测试[J]. 计算机学报, 2009, 32(5): 1002-1013. DONG Guowei, NIE Changhai, XU Baowen. Effective metamorphic testing based on program path analysis[J]. Chinese Journal of Computers, 2009, 32(5): 1002-1013. (in Chinese) |
[6] | Chen T Y, Huang D H, Tse T H, et al. Case studies on the selection of useful relations in metamorphic testing [C]// Proceedings of the 4th Ibero-American Symposium on Software Engineering and Knowledge Engineering (JIISIC'04). Madrid, Spain: IEEE Computer Society, 2004: 569-583. |
[7] | Mayer J, Guderlei R. An empirical study on the selection of good metamorphic relations [C]// Proceedings of the 30th Annual International Computer Software and Applications Conference (COMPSAC'06). Chicago, USA: IEEE Computer Society, 2006: 475-484. |
[8] | Chen T Y, Tse T H, Zhou Z Q. Semi-proving: An integrated method based on global symbolic evaluation and metamorphic testing[J]. ACM SIGSOFT Software Engineering Notes, 2002, 27(4): 191-195. |
[9] | Chen T Y, Tse T H, Zhou Z Q. Fault-based testing without the need of oracles[J]. Information and Software Technology, 2003, 45(1): 1-9. |
[10] | Chen T Y, Feng J, Tse T H. Metamorphic testing of programs on partial differential equations: A case study [C]//Proceedings of the 26th Annual International Computer Software and Applications Conference (COMPSAC'02). Oxford, England: IEEE Computer Society, 2002: 327-333. |
[11] | Zhou Z Q, Huang D H, Tse T H, et al. Metamorphic testing and its applications [C]// Proceedings of the 8th International Symposium on Future Software Technology (ISFST'04). Xi'an, China: IEEE Computer Society, 2004: 23-28. |
[12] | Chen H Y, Tse T H, Chan F T, at el. In black and white: An integrated approach to class-level testing of object-oriented programs[J]. ACM Transactions on Software Engineering and Methodology, 1998, 7(3): 250-295. |
[1] | 王振波, 张君, 罗孙一鸣. 喷水法成型纤维网增强水泥基板材抗弯性能[J]. 清华大学学报(自然科学版), 2014, 54(5): 551-555. | [2] | 田志宏, 姜伟, 张宏莉. 一种支持犯罪重现的按需取证技术[J]. 清华大学学报(自然科学版), 2014, 54(1): 20-28. | [3] | 谢丰, 彭勇, 赵伟, 高洋, 王得金, 韩雪峰. 工业控制设备安全测试技术[J]. 清华大学学报(自然科学版), 2014, 54(1): 29-34. | [4] | 马刚, 杜宇鸽, 荣江, 甘家瑞, 史忠植, 安波. 基于威胁传播的复杂信息系统安全风险评估[J]. 清华大学学报(自然科学版), 2014, 54(1): 35-43. | [5] | 王得金, 江常青, 彭勇. 工业控制系统上基于安全域的攻击图生成[J]. 清华大学学报(自然科学版), 2014, 54(1): 44-52. | [6] | 王志华, 庞海波, 李占波. 一种适用于Hadoop云平台的访问控制方案[J]. 清华大学学报(自然科学版), 2014, 54(1): 53-59. | [7] | 梁洪亮, 阳晓宇, 董钰, 张普含, 刘书昌. 并行化智能模糊测试[J]. 清华大学学报(自然科学版), 2014, 54(1): 14-19. | [8] | 李京哲, 梁彬, 游伟, 王鹏, 石文昌. 基于控制依赖分析的Android远程控制类恶意软件检测[J]. 清华大学学报(自然科学版), 2014, 54(1): 8-13. | [9] | 韩心慧, 肖祥全, 张建宇, 刘丙双, 张缘. 基于社交关系的DHT网络Sybil攻击防御[J]. 清华大学学报(自然科学版), 2014, 54(1): 1-7. |
|