Guy-Vincent Jourdan

Testing input/output partial order automata

We propose an extension of the Finite State Machine framework in distributed systems, using input/output partial order automata (IOPOA). In this model, transitions can be executed non-atomically, reacting to asynchronous inputs on several ports, and producing asynchronous output on those ports. We develop the formal framework for distributed testing in this architecture and compare with the synchronous I/O automaton setting. The advantage of the compact modelling by IOPOA combines with low complexity : the number of tests required for concurrent input in our model is polynomial in the number of inputs.

Testing Systems Specified as Partial Order Input/Output Automata

An Input/Output Automaton is an automaton with a finite number of states where each transition is associated with a single inpu f or output interaction. In [1], we introduced a new formalism, in which each transition is associated with a bipartite partially ordered set made of concurrent inputs followed by concurrent outputs. In this paper, we generalize this model to Partial Order Input/Output Automata (POIOA), in which each transition is associated with an almost arbitrary partially ordered set of inputs and outputs. This formalism can be seen as High-Level Messages Sequence Charts with inputs and outputs and allows for the specification of concurrency between inputs and outputs in a very general, direct and concise way. We give a formal definition of this framework, and define several conformance relations for comparing system specifications expressed in this formalism. Then we show how to derive a test suite that guarantees to detect faults defined by a POIOA-specific fault model: missing output faults, unspecified output faults, weaker precondition faults, stronger precondition faults and transfer faults.

A strategy for efficient crawling of rich internet applications

New web application development technologies such as Ajax, Flex or Silverlight result in so-called Rich Internet Applications (RIAs) that provide enhanced responsiveness, but introduce new challenges for crawling that cannot be addressed by the traditional crawlers. This paper describes a novel crawling technique for RIAs. The technique first generates an optimal crawling strategy for an anticipated model of the crawled RIA by aiming at discovering new states as quickly as possible. As the strategy is executed, if the discovered portion of the actual model of the application deviates from the anticipated model, the anticipated model and the strategy are updated to conform to the actual model. We compare the performance of our technique to a number of existing ones as well as depth-first and breadth-first crawling on some Ajax test applications. The results show that our technique has a better performance often with a faster rate of state discovery.

Solving Some Modeling Challenges when Testing Rich Internet Applications for Security

Web-based applications are becoming more ubiquitous day by day, and among these applications, a new trend is emerging: rich Internet applications (RIAs), using technologies such as Ajax, Flex, or Silverlight, break away from the traditional approach of Web applications having server-side computation and synchronous communications between the web client and servers. RIAs introduce new challenges, new security vulnerabilities, and their behavior makes it difficult or impossible to test with current web-application security scanners. A new model is required to enable automated scanning of RIAs for security. In this paper, we evaluate the shortcomings of current approaches, we elaborate a framework that would permit automated scanning of RIAs, and we provide some directions to address the open problems.

On-the-fly analysis of distributed computations

At some abstraction level a distributed computation can be modeled as a partial order on a set of observable events. This paper presents an analysis technique which can be superimposed on distributed computations to analyze the structure of control flows terminating at observable events. A general algorithm working on the longest control flows of distributed computations is introduced. Moreover it is shown how this algorithm can be simplified according to the position of observable events with respect to communication events.

Computing on-line the lattice of maximal antichains of posets

AbstractWe consider the on-line computation of the lattice of maximal antichains of a finite poset

Checking Sequence Construction Using Adaptive and Preset Distinguishing Sequences

\tilde P

Testing k-Safe Petri Nets

. This on-line computation satisfies what we call the “linear extension hypothesis”: the new incoming vertex is always maximal in the current subposet of