Web/API testing through model learning and verification

title:Web/API testing through model learning and verification
keywords:model based testing, automata learning, web services
topics:Case studies and Applications, Testing
contact:D.J. Huistra & prof.dr. J.C. van de Pol

BSc research project

Description

Most web applications and APIs are tested through unit tests. With unit testing, only predefined sets of actions are executed on a system and the reaction of the system should match predefined expected values. While this is a useful testing method, it is not capable of detecting errors that result after performing complex sequences of actions. 

To find those types of errors, one can use model checking. Here we have a model of the program and a list of properties, and we can verify automatically that the properties are true or not. For instance: "can we get a product without paying in advance?".

Nowadays, it is possible to learn those models automatically, through "active learning", which is a kind of robot that explores the software system dynamically. This bypasses the main obstacle to model checking: constructing models manually.

A recent advancement in this area has been the release of the ALEX [1] tool that promises to make it easy to learn the behavior of a web application or REST API. We would like to perform a case study if and how to use ALEX to learn the model of a web application or API and verify that this model satisfies important system properties.

We have some initial ideas, but it is your task to select a web/API application, define the learning interface ("alphabet") and suggest a number of system properties to check for.

References

  1. Open source ALEX project (from Dortmund) (Digital version available here)
  2. Model Learning (Frits Vaandrager), Communications of the ACM (Digital version available here)