WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection

Permanent URI for this collectionhttps://hdl.handle.net/11147/7150

Browse

Filters

2009 - 200922010 - 20205

Settings

Author: search.filters.author.Tuğlular, TuğkanInstitution Author: search.filters.institutionAuthor.Belli, Fevzi

Search Results

Now showing 1 - 7 of 7
  • Conference Object
    Citation - WoS: 1
    Citation - Scopus: 1
    Mutation Operators for Decision Table-Based Contracts Used in Software Testing
    (Institute of Electrical and Electronics Engineers, 2020) Khalilov, Abbas; Tuğlular, Tuğkan; Belli, Fevzi
    The Design by Contract technique allows developers to improve source code with contracts, and testing using contracts helps to identify faults. However, the source code of the program under test is not always available. With black-box testing, it is possible to generate contracts from specifications of the software. In this paper, we apply mutation analysis on a model of a given specifications, where mutants are initially gained by applying proposed in this paper certain mutation operators on corresponding model, and then mutated specifications are examined. © 2020 IEEE.
  • Article
    Citation - WoS: 7
    Citation - Scopus: 9
    Input Contract Testing of Graphical User Interfaces
    (World Scientific Publishing Co. Pte Ltd, 2016) Tuğlular, Tuğkan; Belli, Fevzi; Linschulte, Michael
    User inputs are critical for the security, safety, and reliability of software systems. This paper proposes a new concept called user input contracts, which is an integral part of a design-by-contract supplemented development process, and a model-based testing approach to detect violations of user input contracts. The approach generates test cases from an input contract integrated with graph-based model of user interface specification and applies them to the system under consideration. The paper presents a proof-of-concept tool that has been developed and used to validate the approach by experiments. The experiments are conducted on a web-based system for marketing tourist services to analyze input robustness of system under consideration with respect to user input contracts.
  • Book Part
    Citation - WoS: 4
    Citation - Scopus: 8
    Advances in Model-Based Testing of Graphical User Interfaces
    (Academic Press Inc., 2017) Belli, Fevzi; Beyazıt, Mutlu; Budnik, Christof J.; Tuğlular, Tuğkan
    Graphical user interfaces (GUIs) enable comfortable interactions of the computer-based systems with their environment. Large systems usually require complex GUIs, which are commonly fault prone and thus are to be carefully designed, implemented, and tested. As a thorough testing is not feasible, techniques are favored to test relevant features of the system under test that will be specifically modeled. This chapter summarizes, reviews, and exemplifies conventional and novel techniques for model-based GUI testing.
  • Article
    Citation - WoS: 3
    Citation - Scopus: 3
    Model-Based Contract Testing of Graphical User Interfaces
    (Institute of Electronics, Information and Communication Engineers, 2015) Tuğlular, Tuğkan; Linschulte, Michael; Belli, Fevzi; Müftüoğlu, Arda
    Graphical User Interfaces (GUIs) are critical for the security, safety and reliability of software systems. Injection attacks, for instance via SQL, succeed due to insufficient input validation and can be avoided if contract-based approaches, such as Design by Contract, are followed in the software development lifecycle of GUIs. This paper proposes a model-based testing approach for detecting GUI data contract violations, which may result in serious failures such as system crash. A contract-based model of GUI data specifications is used to develop test scenarios and to serve as test oracle. The technique introduced uses multi terminal binary decision diagrams, which are designed as an integral part of decision tableaugmented event sequence graphs, to implement a GUI testing process. A case study, which validates the presented approach on a port scanner written in Java programming language, is presented. Copyright © 2015 The Institute of Electronics, Information and Communication Engineers.
  • Article
    Citation - WoS: 53
    Citation - Scopus: 76
    Model-Based Mutation Testing-Approach and Case Studies
    (Elsevier Ltd., 2016) Belli, Fevzi; Budnik, Christof J.; Hollmann, Axel; Tuğlular, Tuğkan; Wong, W. Eric
    This paper rigorously introduces the concept of model-based mutation testing (MBMT) and positions it in the landscape of mutation testing. Two elementary mutation operators, insertion and omission, are exemplarily applied to a hierarchy of graph-based models of increasing expressive power including directed graphs, event sequence graphs, finite-state machines and statecharts. Test cases generated based on the mutated models (mutants) are used to determine not only whether each mutant can be killed but also whether there are any faults in the corresponding system under consideration (SUC) developed based on the original model. Novelties of our approach are: (1) evaluation of the fault detection capability (in terms of revealing faults in the SUC) of test sets generated based on the mutated models, and (2) superseding of the great variety of existing mutation operators by iterations and combinations of the two proposed elementary operators. Three case studies were conducted on industrial and commercial real-life systems to demonstrate the feasibility of using the proposed MBMT approach in detecting faults in SUC, and to analyze its characteristic features. Our experimental data suggest that test sets generated based on the mutated models created by insertion operators are more effective in revealing faults in SUC than those generated by omission operators. Worth noting is that test sets following the MBMT approach were able to detect faults in the systems that were tested by manufacturers and independent testing organizations before they were released. © 2016 Elsevier B.V.
  • Conference Object
    Citation - Scopus: 5
    Gui-Based Testing of Boundary Overflow Vulnerability
    (Institute of Electrical and Electronics Engineers Inc., 2009) Tuğlular, Tuğkan; Müftüoğlu, Can Arda; Kaya, Özgür; Belli, Fevzi; Linschulte, M.
    Boundary overflows are caused by violation of constraints, mostly limiting the range of internal values of a program, and can be provoked by an intruder to gain control of or access to stored data. In order to countermeasure this well-known vulnerability issue, this paper focuses on input validation of graphical user interfaces (GUI). The approach proposed generates test cases for numerical inputs based on GUI specification through decision tables. If boundary overflow error(s) are detected, the source code will be analyzed to localize and correct the encountered error(s) automatically.
  • Conference Object
    Citation - WoS: 5
    Citation - Scopus: 6
    The 1st Workshop on Model-Based Verification & Validation: Directed Acyclic Graph Modeling of Security Policies for Firewall Testing
    (Institute of Electrical and Electronics Engineers Inc., 2009) Tuğlular, Tuğkan; Kaya, Özgür; Müftüoğlu, Can Arda; Belli, Fevzi
    Currently network security of institutions highly depend on firewalls, which are used to separate untrusted network from trusted one by enforcing security policies. Security policies used in firewalls are ordered set of rules where each rule is represented as a predicate and an action. This paper proposes modeling of firewall rules via directed acyclic graphs (DAG), from which test cases can be automatically generated for firewall testing. The approach proposed follows test case generation algorithm developed for event sequence graphs. Under a local area network setup with the aid of a specifically developed software for this purpose, generated test cases are converted to network test packets, test packets are sent to the firewall under test (FUT), and sent packets are compared with passed packets to determine test result.