计算机科学 ›› 2023, Vol. 50 ›› Issue (9): 101-107.doi: 10.11896/jsjkx.220800071
刘盈盈, 杨秋辉, 姚邦国, 刘巧韵
LIU Yingying, YANG Qiuhui, YAO Bangguo, LIU Qiaoyun
摘要: REST接口中普遍存在依赖关系,导致生成合理的接口调用序列与输入参数变得十分困难。现有的大多数方法只考虑了其中一种依赖关系,并需要人工执行繁杂的前置操作,生成的测试用例有效性仍然较低。针对以上问题,文中提出了一种基于依赖模型的测试用例生成方法。通过解析OpenAPI文档,该方法提取了接口内的操作间依赖关系与参数间依赖关系,并据此建立了两种依赖模型,从模型生成测试用例,最后从3方面确定测试预言。实验结果表明,该方法的输入度量覆盖率达到了100%,状态码类别、状态码、响应资源类型的覆盖率分别达到了100%,91.67%,83.33%,并能在限定时间内检出接口内部缺陷;与RESTler和RESTest相比,该方法的输出度量覆盖率最大提高了36%,触发了最多次的异常响应状态码,检测到接口异常响应的比例最大提高了10%。该方法为REST接口的测试用例生成问题提供了有价值的参考。
中图分类号:
[1]FIELDING R T.Architectural styles and the design of network-based software architectures[M].Ann Arbor:University of California,Irvine,2000:76-105. [2]ATLIDAKIS V,GODEFROID P,POLISHCHUNK M.Che-cking security properties of cloud service REST APIs[C]//2020 IEEE 13th International Conference on Software Testing,Validation and Verification.2020:387-397. [3]SaltSecurity.91% of organizations had an API security incident last year[EB/OL].The State of API Security.[2021-02-26].https://salt.security/api-security-trends. [4]ATLIDAKIS V,GODEFROID P,POLISHCHUNK M.Restler:Stateful rest API fuzzing[C]//2019 IEE ACM 41st Interna-tional Conference on Software Engineering.2019:748-758. [5]VIGLIANISI E,DALLAGO M,CECCATO M.Resttestgen:automated black-box testing of restful apis[C]//2020 IEEE 13th Interna-tional Conference on Software Testing,Validation and Verification.2020:142-152. [6]MARTIN-LOPEZ A,SEGURA S,RUIZ-CORTES A.RES-Test:automated black-box testing of RESTful web APIs[C]//Proceedings of the 30th ACM SIGSOFT International Sympo-sium on Software Testing and Analysis.2021:682-685. [7]LARANJEIRO N,AGNELO J,BERNARDINO J.A black box tool for robustness testing of REST services[J].IEEE Access,2021,9:24738-24754. [8]CORRADINI D,ZAMPIERI A,PASQUA M,et al.EmpiricalComparison of Black-box Test Case Generation Tools for RESTful APIs[C]//2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation.2021:226-236. [9]MARTIN-LOPEZ A.Automated analysis of inter-parameter dependencies in web APIs[C]//Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering:Companion Proceedings.2020:140-142. [10]MARTIN-LOPEZ A,SEGURA S,RUIZ-CORTÉS A.A Catalogue of Inter-parameter Dependencies in RESTful Web APIs[M].Service-Oriented Computing.Cham:Springer International Publishing,2019:399-414. [11]APIs.GURU.Browse APIs.APIs.guru[EB/OL].[2022-01-16].https://apis.guru/. [12]WU S,HE Y.Enriching pre-trained language model with entity information for relation classification[C]//Proceedings of the 28th ACM International Conference on Information and Know-ledge Management.2019:2361-2364. [13]Get Started with OR-Tools for Python[EB/OL]//Google Developers.[2022-01-17].https://developers.google.com/optimization/introduction/python. [14]ARCURI A.RESTful API Automated Test Case Generationwith EvoMaster[J].ACM Transactions on Software Enginee-ring and Methodology,2019,28(1):3:1-3:37. [15]CORRADINID,ZAMPIERI A,PASQUA M,et al.EmpiricalComparison of Black-box Test Case Generation Tools for RESTful APIs[C]//2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation.2021:226-236. [16]MARTIN-LOPEZ A,SEGURA S,RUIZ-CORTÉS A.Test co-verage criteria for RESTful web APIs[C]//Proceedings of the 10th ACM SIGSOFT International Workshop on Automating TEST Case Design,Selection,and Evaluation.2019:15-21. [17]CORRADINI D,ZAMPIERI A,PASQUA M,et al.Restats:A test coverage tool for RESTful APIs[C]//2021 IEEE International Conference on Software Maintenance and Evolution.2021:594-598. |
|