White-box testing of behavioral web service contracts with Pex

A web service exposes a public API that can be accessed by potentially hostile clients over the internet. Pex, a white-box test generation tool for .NET, can automatically create test inputs that cover comer cases of a web service implemented in .NET, simulating a malicous attacker.

[1]  Amit P. Sheth,et al.  Web Service Semantics - WSDL-S , 2005 .

[2]  Koushik Sen,et al.  CUTE and jCUTE: Concolic Unit Testing and Explicit Path Model-Checking Tools , 2006, CAV.

[3]  Nikolai Tillmann,et al.  Unit tests reloaded: parameterized unit testing with symbolic execution , 2006, IEEE Software.

[4]  Patrice Godefroid,et al.  Automated Whitebox Fuzz Testing , 2008, NDSS.

[5]  Tao Xie,et al.  Automated Testing and Response Analysis ofWeb Services , 2007, IEEE International Conference on Web Services (ICWS 2007).

[6]  Koushik Sen,et al.  DART: directed automated random testing , 2005, PLDI '05.

[7]  Alex Mackey,et al.  Windows Communication Foundation , 2010 .

[8]  Nikolai Tillmann,et al.  Mock-object generation with behavior , 2006, 21st IEEE/ACM International Conference on Automated Software Engineering (ASE'06).

[9]  Nikolai Tillmann,et al.  Pex-White Box Test Generation for .NET , 2008, TAP.

[10]  Nikolai Tillmann,et al.  Parameterized unit tests , 2005, ESEC/FSE-13.

[11]  Dawson R. Engler,et al.  EXE: automatically generating inputs of death , 2006, CCS '06.

[12]  James C. King,et al.  Symbolic execution and program testing , 1976, CACM.