Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection

Permanent URI for this collectionhttps://hdl.handle.net/11147/7148

Browse

Filters

2009 - 200932010 - 20207

Settings

Author: search.filters.author.Tuğlular, TuğkanInstitution Author: search.filters.institutionAuthor.Belli, Fevzi

Search Results

Now showing 1 - 10 of 10
  • Conference Object
    Citation - WoS: 1
    Citation - Scopus: 1
    Mutation Operators for Decision Table-Based Contracts Used in Software Testing
    (Institute of Electrical and Electronics Engineers, 2020) Khalilov, Abbas; Tuğlular, Tuğkan; Belli, Fevzi
    The Design by Contract technique allows developers to improve source code with contracts, and testing using contracts helps to identify faults. However, the source code of the program under test is not always available. With black-box testing, it is possible to generate contracts from specifications of the software. In this paper, we apply mutation analysis on a model of a given specifications, where mutants are initially gained by applying proposed in this paper certain mutation operators on corresponding model, and then mutated specifications are examined. © 2020 IEEE.
  • Article
    Model-Based Selective Layer-Centric Testing
    (Information Processing Society of Japan, 2018) Belli, Fevzi; Güler Dinçer, Nevin; Linschulte, Michael; Tuğlular, Tuğkan
    Model-based testing of large systems usually requires decomposition of the model into hierarchical submodels for generating test sequences, which fulfills the goals of module testing, but not those of system testing. System testing requires test sequences be generated from a fully resolved model, which necessitates refining the toplevel model, that is, by replacing its elements with submodels they represent. If the depth of model hierarchy is high, the number of test sequences along with their length increases resulting in high test costs. For solving this conflict, a novel approach is introduced that generates test sequences based on the top-level model and replaces elements of these sequences by corresponding, optimized test sequences generated by the submodels. To compensate the shortcoming at test accuracy, the present approach selects components that have lowering impact on the overall system reliability. The objective is to increase the reliabilities of these critical components by intensive testing and appropriate correction which, as a consequence, also increases the overall reliability at less test effort without losing accuracy. An empirical study based on a large web-based commercial system is performed to validate the approach and analyze its characteristics, and to discuss its strengths and weaknesses. © 2018 Information Processing Society of Japan.
  • Article
    Citation - WoS: 7
    Citation - Scopus: 9
    Input Contract Testing of Graphical User Interfaces
    (World Scientific Publishing Co. Pte Ltd, 2016) Tuğlular, Tuğkan; Belli, Fevzi; Linschulte, Michael
    User inputs are critical for the security, safety, and reliability of software systems. This paper proposes a new concept called user input contracts, which is an integral part of a design-by-contract supplemented development process, and a model-based testing approach to detect violations of user input contracts. The approach generates test cases from an input contract integrated with graph-based model of user interface specification and applies them to the system under consideration. The paper presents a proof-of-concept tool that has been developed and used to validate the approach by experiments. The experiments are conducted on a web-based system for marketing tourist services to analyze input robustness of system under consideration with respect to user input contracts.
  • Book Part
    Citation - WoS: 4
    Citation - Scopus: 8
    Advances in Model-Based Testing of Graphical User Interfaces
    (Academic Press Inc., 2017) Belli, Fevzi; Beyazıt, Mutlu; Budnik, Christof J.; Tuğlular, Tuğkan
    Graphical user interfaces (GUIs) enable comfortable interactions of the computer-based systems with their environment. Large systems usually require complex GUIs, which are commonly fault prone and thus are to be carefully designed, implemented, and tested. As a thorough testing is not feasible, techniques are favored to test relevant features of the system under test that will be specifically modeled. This chapter summarizes, reviews, and exemplifies conventional and novel techniques for model-based GUI testing.
  • Conference Object
    Citation - Scopus: 1
    Karar Tablosu Destekli Olay Sıra Çizgeleri Temelli Sınama Durum Üretim Aracı
    (CEUR Workshop Proceedings, 2016) Belli, Fevzi; Linschulte, Michael; Tuğlular, Tuğkan
    Model temelli sınama alanında otomatik sınama durum üretimi önemli konuların başında gelir. Otomatik sınama durum üretimi için formel bir modelleme yöntemi ile üretim için algoritmalar gereklidir. Bu bildirinin ilk yazarının geliştirdiği Olay Sıra Çizgeleri (İng. Event Sequence Graphs) formel modelleme yöntemi ve sınama durum üretim algoritmaları, bu bildirinin diğer yazarları tarafından karar tabloları destekli şekilde genişletilmiştir. Ortaya konan modelleme yöntemi ve algoritmalar kodlanarak bir sınama durum üretim aracı 2008 yılından beri geliştirilmektedir. Anılan araç birçok çalışmada kullanılmış ve bu çalışmaların anlatıldığı yayınlarda bu araçtan söz edilmiştir. Bu bildiride karar tabloları destekli olay sıra çizgeleri temelli sınama durum aracının son durumu tanıtılmış ve anılan araç ile bir örnek çalışma sergilenmiştir.
  • Article
    Citation - WoS: 3
    Citation - Scopus: 3
    Model-Based Contract Testing of Graphical User Interfaces
    (Institute of Electronics, Information and Communication Engineers, 2015) Tuğlular, Tuğkan; Linschulte, Michael; Belli, Fevzi; Müftüoğlu, Arda
    Graphical User Interfaces (GUIs) are critical for the security, safety and reliability of software systems. Injection attacks, for instance via SQL, succeed due to insufficient input validation and can be avoided if contract-based approaches, such as Design by Contract, are followed in the software development lifecycle of GUIs. This paper proposes a model-based testing approach for detecting GUI data contract violations, which may result in serious failures such as system crash. A contract-based model of GUI data specifications is used to develop test scenarios and to serve as test oracle. The technique introduced uses multi terminal binary decision diagrams, which are designed as an integral part of decision tableaugmented event sequence graphs, to implement a GUI testing process. A case study, which validates the presented approach on a port scanner written in Java programming language, is presented. Copyright © 2015 The Institute of Electronics, Information and Communication Engineers.
  • Article
    Citation - WoS: 53
    Citation - Scopus: 76
    Model-Based Mutation Testing-Approach and Case Studies
    (Elsevier Ltd., 2016) Belli, Fevzi; Budnik, Christof J.; Hollmann, Axel; Tuğlular, Tuğkan; Wong, W. Eric
    This paper rigorously introduces the concept of model-based mutation testing (MBMT) and positions it in the landscape of mutation testing. Two elementary mutation operators, insertion and omission, are exemplarily applied to a hierarchy of graph-based models of increasing expressive power including directed graphs, event sequence graphs, finite-state machines and statecharts. Test cases generated based on the mutated models (mutants) are used to determine not only whether each mutant can be killed but also whether there are any faults in the corresponding system under consideration (SUC) developed based on the original model. Novelties of our approach are: (1) evaluation of the fault detection capability (in terms of revealing faults in the SUC) of test sets generated based on the mutated models, and (2) superseding of the great variety of existing mutation operators by iterations and combinations of the two proposed elementary operators. Three case studies were conducted on industrial and commercial real-life systems to demonstrate the feasibility of using the proposed MBMT approach in detecting faults in SUC, and to analyze its characteristic features. Our experimental data suggest that test sets generated based on the mutated models created by insertion operators are more effective in revealing faults in SUC than those generated by omission operators. Worth noting is that test sets following the MBMT approach were able to detect faults in the systems that were tested by manufacturers and independent testing organizations before they were released. © 2016 Elsevier B.V.
  • Conference Object
    Citation - Scopus: 5
    Gui-Based Testing of Boundary Overflow Vulnerability
    (Institute of Electrical and Electronics Engineers Inc., 2009) Tuğlular, Tuğkan; Müftüoğlu, Can Arda; Kaya, Özgür; Belli, Fevzi; Linschulte, M.
    Boundary overflows are caused by violation of constraints, mostly limiting the range of internal values of a program, and can be provoked by an intruder to gain control of or access to stored data. In order to countermeasure this well-known vulnerability issue, this paper focuses on input validation of graphical user interfaces (GUI). The approach proposed generates test cases for numerical inputs based on GUI specification through decision tables. If boundary overflow error(s) are detected, the source code will be analyzed to localize and correct the encountered error(s) automatically.
  • Conference Object
    Citation - WoS: 5
    Citation - Scopus: 6
    The 1st Workshop on Model-Based Verification & Validation: Directed Acyclic Graph Modeling of Security Policies for Firewall Testing
    (Institute of Electrical and Electronics Engineers Inc., 2009) Tuğlular, Tuğkan; Kaya, Özgür; Müftüoğlu, Can Arda; Belli, Fevzi
    Currently network security of institutions highly depend on firewalls, which are used to separate untrusted network from trusted one by enforcing security policies. Security policies used in firewalls are ordered set of rules where each rule is represented as a predicate and an action. This paper proposes modeling of firewall rules via directed acyclic graphs (DAG), from which test cases can be automatically generated for firewall testing. The approach proposed follows test case generation algorithm developed for event sequence graphs. Under a local area network setup with the aid of a specifically developed software for this purpose, generated test cases are converted to network test packets, test packets are sent to the firewall under test (FUT), and sent packets are compared with passed packets to determine test result.
  • Conference Object
    Citation - Scopus: 3
    Protocol-Based Testing of Firewalls
    (Institute of Electrical and Electronics Engineers Inc., 2009) Tuğlular, Tuğkan; Belli, Fevzi
    A firewall is the most important tool of network security defense. Its proper functioning is critical to the network it protects. Therefore a firewall should be tested rigorously with respect to its implemented network protocols and security policy specification. We propose a combined approach for test case generation to uncover errors both in firewall software and in its configuration. In the proposed approach, abstract test cases are generated by mutating event sequence graph model of chosen network protocol and filled with values from policy specification by using equivalence partitioning and boundary value analysis. A case study is presented to validate the presented approach.