Evolutionary Robustness Testing of REST services
Áreas de especialidade
Engenharia de Software
Local do Estágio
REST Web Services are now being used in business-critical systems to support application communication in highly demanding environments. In such environments, an application failure might turn into severe safety incidents, might represent large financial costs, or even reputation costs. Verification and Validation activities (V&V) and namely Testing play an important role in this context, the problem is that there are several tasks involving Testing that are manual tasks, mostly due to the specificities of the systems being verified. This includes the apparently simple case of generating valid inputs that can be used for plain testing or in combination with more advanced verification activities used in mission- or business-critical systems, like fault injection. A few evolutionary approaches have been tried for similar purposes, but none specifically targets the robustness of REST services, where an oracle may exist in the form of an OpenAPI interface description.
The goal of this work sits at the intersection of Artificial Intelligence and Advanced Software Engineering practices. We intend to design and implement a tool that is able to read a REST API description written in OpenAPI and automatically generate valid call parameters and also invalid ones. The description may also be incomplete or described in a semi-structured form, which means that input domain and other advanced aspects, like operation dependencies, must be intelligently determined. The student will explore evolutionary computing techniques (for example, genetic algorithms) for generating valid inputs (and also invalid ones for triggering robustness failures) that can be used to invoke REST operations. The application of basic Natural Language Processing techniques may also be helpful in creating a higher quality tool.
In practice, the expected outcome of this internship is:
• A software tool that allows a developer to generate valid calls to a REST service and invalid calls that are effective in triggering robustness failures.
• A research paper, to be submitted and presented at a top international conference, describing the tool, its underlying mechanisms, and tests results.
Plano de Trabalhos - Semestre 1
[Some tasks might overlap; M=Month]
T1 (M1 – M2): Knowledge transfer and state of the art review on software testing and evolutionary computing.
T2 (M3) Application of evolutionary computing algorithms using a preliminary set of Swagger/OpenAPI descriptions.
T3 (M3–M4): Design of the preliminary architecture of the tool.
T4 (M4) Implementation of a small proof-of-concept prototype.
T5 (M5): Writing the Intermediate report.
Plano de Trabalhos - Semestre 2
[Some tasks might overlap; M=Month]
T6 (M6): Integration of the intermediate defense comments.
T7 (M6–M7) Application of evolutionary algorithms to imperfect Swagger/OpenAPI descriptions. This may involve application of Natural Language Processing for higher quality outcomes.
T8 (M8): Execution of tests and analysis of results.
T9 (M9): Write a research paper and submission to a top international conference in the Dependability or Services areas (IEEE/IFIP Dependable Systems and Networks (dsn.org), IEEE International Conferences on Web Services (conferences.computer.org/icws), International Symposium on Software reliability Engineering (issre.net), etc.).
T10 (M10): Writing the thesis.
The selected student will be integrated in the Software and Systems Engineering group of CISUC and the work will be carried out in the facilities of the Department of Informatics Engineering at the University of Coimbra (CISUC - Software and Systems Engineering Group), where a work place and all necessary computer resources will be provided.
Please contact Nuno Laranjeiro (email@example.com) or Nuno Lourenço (firstname.lastname@example.org) for any questions about this proposal.
Nuno Laranjeiro; Nuno Lourenço