• Journal of the Korea Society of Computer and Information
• /
• v.9 no.1
• /
• pp.17-23
• /
• 2004

Testing tools help software developers and test engineers to automate a part or the whole of test process and reduce the time and cost of software test. However. no automatic tools meet a variety of test requirements with various domains In this paper, we suggest a categorical taxonomy of automatic testing tools and analyze numerous commercial testing tools on its basis. Then we propose a development roadmap of software automatic testing tools. As a result of those analysis. we try to understand the complementary relations of the testing tools and seek for the direction of further development of the testing tools.

• Journal of Software Assessment and Valuation
• /
• v.17 no.2
• /
• pp.125-142
• /
• 2021

Reports of rampant cross-site scripting (XSS) vulnerabilities raise growing concerns on the effectiveness of current Static Analysis Security Testing (SAST) tools as an internet security device. Attentive to these concerns, this study aims to examine seven open-source SAST tools in order to account for their capabilities in detecting XSS vulnerabilities in PHP applications and to determine their performance in terms of effectiveness and analysis runtime. The representative tools - categorized as either text-based or graph-based analysis tools - were all test-run using real-world PHP applications with known XSS vulnerabilities. The collected vulnerability detection reports of each tool were analyzed with the aid of PhpStorm's data flow analyzer. It is observed that the detection rates of the tools calculated from the total vulnerabilities in the applications can be as high as 0.968 and as low as 0.006. Furthermore, the tools took an average of less than a minute to complete an analysis. Notably, their runtime is independent of their analysis type.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.3 s.35
• /
• pp.89-99
• /
• 2005

The testing time and cost of developed software can be reduced by automation of the whole or part of testing process. Since the testing automation tools to be used currently have been developed without their interoperability, test case information such as test procedures, test data, and expectation of test results generated at the stage of test execution cannot be shared and reused in other testing automation tools, In order to reduce testing time and cost, in this thesis, we have proposed a software testing automation framework which makes it possible to share and reuse the test case information generated in testing process. To prove the availability and effectiveness of proposed testing automation framework, three testing automation tools that are available in current market were experimented by the test scenario. As a result of experiment, the testing time and cost could be reduced by sharing and reusing the test case information in software testing automation framework.

• IE interfaces
• /
• v.25 no.4
• /
• pp.416-421
• /
• 2012

One of the activities to improve software quality in ISO 26262 is to apply the design principles for software unit design and implementation mentioned in ISO 26262-6, including the evaluation activity. Before evaluation activity, the tool is compared and selected for evaluation. Because the results of the tool a company selected might have an effect on product quality. In this paper, we suggest the method to compare industrial static analysis tools with some of "MISRA C : 2004 Exemplar Suite" and all lessons learned from comparing tools are described. The result on comparison shows that we just couldn't rely on a result of Static Analysis Tool and need to have another appropriate processes and guidelines to evaluate a software.

• Journal of the Korean Society of Industry Convergence
• /
• v.20 no.4
• /
• pp.265-273
• /
• 2017

Major industries in Gyeongnam area include robot and automobile manufacturing, shipbuilding, and aviation. According to the research, the mechanical part of the products has been advanced, but awareness over the improvement of quality of the software still lacks. The quality performance test presently conducted by the companies in Gyeongnam is mostly the manual performance test performed by the program manager. In order to systematize this and extend the range of using software testing tools, the current study intends to suggest the necessity for conducting a survey on demand to improve performance and securing testing tools such as measured data analysis. Accordingly, this study is going to investigate 33 companies in Gyeongnam related with software in each of the major business areas centering around the actual field and examine activities related to software quality. And after figuring out the current status of retaining testing tools, the study will suggest the ways to enhance recognition over software quality and propose ultimate solutions to solve the problems on the current stage by finding out how to share information as much as possible in order to lay the foundation for extending the range of activity for the sake of software quality.

• KIISE Transactions on Computing Practices
• /
• v.21 no.2
• /
• pp.132-137
• /
• 2015

A real-time system is a system wherein the behavior of the system depends not only on the input but also on the timing of the input. Timed automata is a widely used model for real-time system modeling and analysis. Model-based testing is employed to check whether the system under test (SUT) works according to the model specifications by using test cases generated from models that represent software requirements. In this paper, a case study was performed applying the timed automata based testing tools, UPPAAL-TRON, UPPAAL-COVER and SYMBOLRT, to the same system. Comparison of the testing approaches and tools is then made based on the results of the case study.

• Journal of Information Technology Services
• /
• v.10 no.4
• /
• pp.205-218
• /
• 2011

Unit testing which is the first task to perform software testing has a major impact on reducing s/w development cost and improving s/w quality. In order to make unit testing become the formal procedure rather than ad-hoc tasks performed by developer, the language-neutral measures are necessary in the programming which is able to specify the test cases. This paper presents a test assertion language for the language-neutral specification of the test cases. The suggested language is based on the ISO/IEC 24709-1, but it supports object oriented features and can describe test cases for unit testing. The test cases that are specified by the language can be used for generating test oracle source codes by test oracle generation tools.

• The KIPS Transactions:PartD
• /
• v.11D no.6
• /
• pp.1341-1348
• /
• 2004

As of an international standard in e-business domains, ebXML solutions are required to be tested and authenticated whether they can satisfy the conformance and interoperability requirements. In this paper, we design and implement the ebXML conformance and interoperability testing tools that observe the standard specification in conformity with ebXML Message Service v2.0, ebXML Registry Service v2.0 and ebXML CPP/A Y2.0. With this regard, our research would serve in building the verification and authentication service infrastructure for fitting standard ebXML e-business solutions with ebXML conformance and interoperability testing tools.

• The KIPS Transactions:PartD
• /
• v.17D no.6
• /
• pp.423-430
• /
• 2010

As software becomes large-scale and complicated, the need for Quality Assurance and management is increased and software testing is becoming more important. The main aims of software testing are not only detecting and handling the defects in the system but also investigating and managing the present system. But automatic testing tools require lots of time and efforts to detect and manage the risk in the system because test-cases used in the general automatic testing tools have the simply static information. In this thesis, the dynamic management technique for weighted testcases is designed to test the high-risk testcases preferentially by giving the testcases dynamic weight.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.51-59
• /
• 2007

Software testing is the process of analyzing a software item to detect the differences between existing and required conditions and to evaluate the features of the software item. A traditional testing focuses on proper functionality, not security testing. Fuzzing is a one of many software testing techniques and security testing. Fuzzing methodology has advantage that low-cost, efficiency and so on. But fuzzing has defects such as intervening experts. Also, if there is no specification, fuzzing is impossible. ROAD Tool is automated testing tool for RPC(Remote Procedure Call) based protocol and software without specification. Existing tools are semi-automated. Therefore we must modify these tools. In this paper, we design and implement ROAD tool. Also we verify utility in testing results.