2008 The Eighth International Conference on Quality Software

12-13 Aug. 2008

Filter Results

Displaying Results 1 - 25 of 65
  • [Front cover]

    Publication Year: 2008, Page(s): C1
    Request permission for commercial reuse | PDF file iconPDF (903 KB)
    Freely Available from IEEE
  • [Title page i]

    Publication Year: 2008, Page(s): i
    Request permission for commercial reuse | PDF file iconPDF (94 KB)
    Freely Available from IEEE
  • [Title page iii]

    Publication Year: 2008, Page(s): iii
    Request permission for commercial reuse | PDF file iconPDF (142 KB)
    Freely Available from IEEE
  • [Copyright notice]

    Publication Year: 2008, Page(s): iv
    Request permission for commercial reuse | PDF file iconPDF (109 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2008, Page(s):v - ix
    Request permission for commercial reuse | PDF file iconPDF (183 KB)
    Freely Available from IEEE
  • Message from the General Chair

    Publication Year: 2008, Page(s): x
    Request permission for commercial reuse | PDF file iconPDF (109 KB) | HTML iconHTML
    Freely Available from IEEE
  • Message from the Program Chair

    Publication Year: 2008, Page(s): xi
    Request permission for commercial reuse | PDF file iconPDF (110 KB) | HTML iconHTML
    Freely Available from IEEE
  • Conference organization

    Publication Year: 2008, Page(s):xii - xiv
    Request permission for commercial reuse | PDF file iconPDF (122 KB)
    Freely Available from IEEE
  • Novel Applications of Machine Learning in Software Testing

    Publication Year: 2008, Page(s):3 - 10
    Cited by:  Papers (11)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (468 KB) | HTML iconHTML

    Machine learning techniques have long been used for various purposes in software engineering. This paper provides a brief overview of the state of the art and reports on a number of novel applications I was involved with in the area of software testing. Reflecting on this personal experience, I draw lessons learned and argue that more research should be performed in that direction as machine learn... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Testing in the Distributed Test Architecture: An Extended Abstract

    Publication Year: 2008, Page(s):11 - 14
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (171 KB) | HTML iconHTML

    Some systems interact with their environment at a number of physically distributed interfaces/ports and when testing such a system it is normal to place a local tester at each port. If the local testers cannot interact with one another and there is no global clock then we are testing in the distributed test architecture and this can introduce additional controllability and observability problems. ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Coalgebraic Semantic Framework for Reasoning about UML Sequence Diagrams

    Publication Year: 2008, Page(s):17 - 26
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (311 KB) | HTML iconHTML

    If, as a well-known aphorism states, modelling is for reasoning, this paper is an attempt to define and apply a formal semantics to UML sequence diagrams in order to enable rigourous reasoning about them. Actually, model transformation plays a fundamental role in the process of software development, in general, and in model driven engineering in particular. Being a de facto standard in this area, ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On the Composition of Design Patterns

    Publication Year: 2008, Page(s):27 - 36
    Cited by:  Papers (12)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (303 KB) | HTML iconHTML

    Design patterns are usually applied in a composed form with each other. It is crucial to be able to formally reason about how patterns can be composed and to prove the properties of composed patterns. Based on our previous work on formal specification of design patterns and formal reasoning about their properties, this paper focuses on the composition of design patterns. A notion of composition of... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An Executable Interface Specification for Industrial Embedded System Design

    Publication Year: 2008, Page(s):37 - 44
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (291 KB) | HTML iconHTML

    Nowadays, designers resort to abstraction techniques to conquer the complexity of industrial embedded systems during the design process. However, due to the large semantic gap between the abstractions and the implementation, the designers often fails to apply the abstraction techniques. In this paper, an EIS-based (executable interface specification) approach is proposed for the embedded system de... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Model Transformation Specification and Verification

    Publication Year: 2008, Page(s):45 - 54
    Cited by:  Papers (4)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (285 KB) | HTML iconHTML

    Model transformations are becoming increasingly important in software development, particularly as part of model-driven development approaches (MDD). This paper defines an approach for specifying transformations as constraints, and for verifying the correctness of these transformations. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Optimizing Test Process Action Plans by Blending Testing Maturity Model and Design of Experiments

    Publication Year: 2008, Page(s):57 - 66
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (403 KB) | HTML iconHTML

    Software testing is a core activity in quality assurance. To improve the test process, we can use best practice models which describe in detail what to do in organizational test processes. The improvement activities using best practice models are performed as follows: checking the current status of test processes, suggesting and planning new actions, and implementing the actions. However, it is di... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Bridging the Concept to Implementation Gap in Software System Testing

    Publication Year: 2008, Page(s):67 - 73
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (257 KB) | HTML iconHTML

    The following paper proposes a solution to bridging the ontological gap between the conceptual test specification on the one side and the test implementation on the other. The cause of the gap is the different ontologies used on each side and the different levels of granularity. Whereas on the conceptual side, the ontology of the application is used, and that at an abstract level, on the implement... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • MUSIC: Mutation-based SQL Injection Vulnerability Checking

    Publication Year: 2008, Page(s):77 - 86
    Cited by:  Papers (25)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (425 KB) | HTML iconHTML

    SQL injection is one of the most prominent vulnerabilities for web-based applications. Exploitation of SQL injection vulnerabilities (SQLIV) through successful attacks might result in severe consequences such as authentication bypassing, leaking of private information etc. Therefore, testing an application for SQLIV is an important step for ensuring its quality. However, it is challenging as the s... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An Approach for Generation of J2EE Access Control Configurations from Requirements Specification

    Publication Year: 2008, Page(s):87 - 96
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (377 KB) | HTML iconHTML

    Access control of sensitive resources is a widely used means to achieve information security. When building large-scale systems based on popular commercial component middleware, such as J2EE, a usual way to enforce access control is to define access control configurations for components in a declarative manner. These configurations can be interpreted by the J2EE security service to grant or deny a... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Targeting Security Vulnerabilities: From Specification to Detection (Short Paper)

    Publication Year: 2008, Page(s):97 - 102
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (223 KB) | HTML iconHTML

    In this paper, we present a joint approach to automate software security testing using two approaches, namely team edit automata (TEA), and the security chaining approach. Team edit automata is used to formally specify the security properties to be tested. It also composes the monitoring engine of the vulnerability detection process. The security chaining approach is used to generate test-data for... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Integrating Top-Down and Scenario-Based Methods for Constructing Software Specifications

    Publication Year: 2008, Page(s):105 - 113
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (650 KB) | HTML iconHTML

    How to achieve the completeness and consistency of a software specification by construction is an important issue for software quality assurance, but it is still an open problem. The difficulty lies in the fact that the assurance of the completeness needs user's judgments and the specification keeps changing as requirements analysis progresses. To allow the user to easily make such judgments and t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Path-Sensitive Reachability Analysis of Web Service Interfaces (Short Paper)

    Publication Year: 2008, Page(s):114 - 119
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (316 KB) | HTML iconHTML

    WCFA (Web service interface control flow automata) is enhanced by allowing pre/post-conditions for certain Web service invocations to be declared. The formal definition of WCFA is given. Global behaviors of web service compositions (described by a set of WCFA) are captured by ARG (abstract reachability graph), in which each control point is equipped with a state formula and a call stack. The algor... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • SMT-Based Bounded Model Checking for Real-Time Systems (Short Paper)

    Publication Year: 2008, Page(s):120 - 125
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (254 KB) | HTML iconHTML

    SAT-based bounded model checking has a high complexity in dealing with real-time systems. SMT solvers can generalize SAT solving by adding the ability to handle arithmetic and other decidable theories. With this advantage, if we use SMT in bounded model checking for real-time systems instead of SAT, the clocks can be represented as integer or real variables directly and clock constraints can be re... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Verifying Business Process Compatibility (Short Paper)

    Publication Year: 2008, Page(s):126 - 131
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (303 KB) | HTML iconHTML

    We describe a process-algebraic approach to verifying process interactions for business collaboration described in business process modelling notation. We first overview our process semantics for BPMN in the language of communicating sequential processes; we then use a simple example of business collaboration to demonstrate how our semantic model may be used to verify compatibility between busines... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using Machine Learning to Refine Black-Box Test Specifications and Test Suites

    Publication Year: 2008, Page(s):135 - 144
    Cited by:  Papers (9)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (395 KB) | HTML iconHTML

    In the context of open source development or software evolution, developers often face test suites which have been developed with no apparent rationale and which may need to be augmented or refined to ensure sufficient dependability, or even reduced to meet tight deadlines. We refer to this process as the re-engineering of test suites. It is important to provide both methodological and tool suppor... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Does Adaptive Random Testing Deliver a Higher Confidence than Random Testing?

    Publication Year: 2008, Page(s):145 - 154
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (545 KB) | HTML iconHTML

    Random testing (RT) is a fundamental software testing technique. Motivated by the rationale that neighbouring test cases tend to cause similar execution behaviours, adaptive random testing (ART) was proposed as an enhancement of RT, which enforces random test cases evenly spread over the input domain. ART has always been compared with RT from the perspective of the failure-detection capability. Pr... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.