计算机科学

计算机科学 ›› 2023, Vol. 50 ›› Issue (9): 101-107.doi: 10.11896/jsjkx.220800071

• 计算机软件 • 上一篇    下一篇

基于依赖模型的REST接口测试用例生成方法研究

刘盈盈, 杨秋辉, 姚邦国, 刘巧韵   

  1. 四川大学计算机学院 成都 610065
  • 收稿日期:2022-08-07 修回日期:2022-11-15 出版日期:2023-09-15 发布日期:2023-09-01
  • 通讯作者: 杨秋辉(yangqiuhui@scu.edu.cn)
  • 作者简介:(yyliu.eve@foxmail.com)
  • 基金资助:
    四川省自然科学基金(23NSFSC3752);四川大学专职博士后研发基金(2022SCU12077)

Study on REST API Test Case Generation Method Based on Dependency Model

LIU Yingying, YANG Qiuhui, YAO Bangguo, LIU Qiaoyun   

  1. College of Computer Science,Sichuan University,Chengdu 610065,China
  • Received:2022-08-07 Revised:2022-11-15 Online:2023-09-15 Published:2023-09-01
  • About author:LIU Yingying,born in 1998,postgra-duate.Her main research interest is software quality assurance.
    YANG Qiuhui,born in 1970,Ph.D,associate professor.Her main research interests include software quality assu-rance and testing and software enginee-ring.
  • Supported by:
    Natural Science Foundation of Sichuan Province,China(23NSFSC3752) and Sichuan University Postdoctoral Science Research Foundation(2022SCU12077).

PDF (PC)

4001

摘要: REST接口中普遍存在依赖关系,导致生成合理的接口调用序列与输入参数变得十分困难。现有的大多数方法只考虑了其中一种依赖关系,并需要人工执行繁杂的前置操作,生成的测试用例有效性仍然较低。针对以上问题,文中提出了一种基于依赖模型的测试用例生成方法。通过解析OpenAPI文档,该方法提取了接口内的操作间依赖关系与参数间依赖关系,并据此建立了两种依赖模型,从模型生成测试用例,最后从3方面确定测试预言。实验结果表明,该方法的输入度量覆盖率达到了100%,状态码类别、状态码、响应资源类型的覆盖率分别达到了100%,91.67%,83.33%,并能在限定时间内检出接口内部缺陷;与RESTler和RESTest相比,该方法的输出度量覆盖率最大提高了36%,触发了最多次的异常响应状态码,检测到接口异常响应的比例最大提高了10%。该方法为REST接口的测试用例生成问题提供了有价值的参考。

关键词: REST接口, 测试用例生成, 操作间依赖, 参数间依赖, BERT模型

Abstract: The prevalence of dependencies in REST API makes it difficult to generate a reasonable sequence of API calls with input parameters.Most existing approaches only consider one of these dependencies and require cumbersome manual preliminaries,thus the generated test cases are still less effective.To address the above problem,a test case generation method based on depen-dency model is proposed.By parsing the OpenAPI documentation,this method extracts the inter-operation dependencies and inter-parameter dependencies,establishes two dependency models,generates test cases from the models,and determines test oracles.Experimental results show that the proposed method achieves 100% input metric coverage,and 100%,91.67%,and 83.33% coverage for status code category,status code,and response resource type,respectively,and can detect internal interface defects within a limited time.Compared with RESTler and RESTest,the proposed method improves the maximum 36% of output metric coverage,triggeres the most number of abnormal response status codes,and detects a maximum of 10% increase in the percentage of abnormal responses.The method provides a valuable reference for the test case generation problem of REST API.

Key words: REST API, Test case generation, Inter-operation dependency, Inter-parameter dependency, BERT model

中图分类号: 

  • TP311.5
[1]FIELDING R T.Architectural styles and the design of network-based software architectures[M].Ann Arbor:University of California,Irvine,2000:76-105.
[2]ATLIDAKIS V,GODEFROID P,POLISHCHUNK M.Che-cking security properties of cloud service REST APIs[C]//2020 IEEE 13th International Conference on Software Testing,Validation and Verification.2020:387-397.
[3]SaltSecurity.91% of organizations had an API security incident last year[EB/OL].The State of API Security.[2021-02-26].https://salt.security/api-security-trends.
[4]ATLIDAKIS V,GODEFROID P,POLISHCHUNK M.Restler:Stateful rest API fuzzing[C]//2019 IEE ACM 41st Interna-tional Conference on Software Engineering.2019:748-758.
[5]VIGLIANISI E,DALLAGO M,CECCATO M.Resttestgen:automated black-box testing of restful apis[C]//2020 IEEE 13th Interna-tional Conference on Software Testing,Validation and Verification.2020:142-152.
[6]MARTIN-LOPEZ A,SEGURA S,RUIZ-CORTES A.RES-Test:automated black-box testing of RESTful web APIs[C]//Proceedings of the 30th ACM SIGSOFT International Sympo-sium on Software Testing and Analysis.2021:682-685.
[7]LARANJEIRO N,AGNELO J,BERNARDINO J.A black box tool for robustness testing of REST services[J].IEEE Access,2021,9:24738-24754.
[8]CORRADINI D,ZAMPIERI A,PASQUA M,et al.EmpiricalComparison of Black-box Test Case Generation Tools for RESTful APIs[C]//2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation.2021:226-236.
[9]MARTIN-LOPEZ A.Automated analysis of inter-parameter dependencies in web APIs[C]//Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering:Companion Proceedings.2020:140-142.
[10]MARTIN-LOPEZ A,SEGURA S,RUIZ-CORTÉS A.A Catalogue of Inter-parameter Dependencies in RESTful Web APIs[M].Service-Oriented Computing.Cham:Springer International Publishing,2019:399-414.
[11]APIs.GURU.Browse APIs.APIs.guru[EB/OL].[2022-01-16].https://apis.guru/.
[12]WU S,HE Y.Enriching pre-trained language model with entity information for relation classification[C]//Proceedings of the 28th ACM International Conference on Information and Know-ledge Management.2019:2361-2364.
[13]Get Started with OR-Tools for Python[EB/OL]//Google Developers.[2022-01-17].https://developers.google.com/optimization/introduction/python.
[14]ARCURI A.RESTful API Automated Test Case Generationwith EvoMaster[J].ACM Transactions on Software Enginee-ring and Methodology,2019,28(1):3:1-3:37.
[15]CORRADINID,ZAMPIERI A,PASQUA M,et al.EmpiricalComparison of Black-box Test Case Generation Tools for RESTful APIs[C]//2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation.2021:226-236.
[16]MARTIN-LOPEZ A,SEGURA S,RUIZ-CORTÉS A.Test co-verage criteria for RESTful web APIs[C]//Proceedings of the 10th ACM SIGSOFT International Workshop on Automating TEST Case Design,Selection,and Evaluation.2019:15-21.
[17]CORRADINI D,ZAMPIERI A,PASQUA M,et al.Restats:A test coverage tool for RESTful APIs[C]//2021 IEEE International Conference on Software Maintenance and Evolution.2021:594-598.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发