A formal approach for run-time verification of web applications using scope-extended LTL
Information and Software Technology
| Hi-index | 0.00 |
The research work presented in this thesis encompasses three main subject areas in an effort to develop a formal approach and framework for the analysis and verification of Web Applications. This research aims at ensuring and maintaining high quality Web Applications in an efficient, automatic, and easy to use manner. The main research venue is dedicated to developing methods for formal modeling of a given web application using communicating finite automata model, based on the user-defined properties to be validated. We elaborate a method for automatic generation of such a model from execution traces produced by a web application while it is explored by a human operator or a crawler. The obtained model could then be used to verify properties with a model checker, as well as for regression testing and documentation. Some of the web related properties concern all states of the model, while others—only a proper subset of them. Therefore, we refine our model to designate the subset of the global states of interest. The second research venue involves solving the problem of property specification in Linear Temporal Logic (LTL) over a subset of states of a system under test while ignoring the valuation of the properties in the rest of them. We introduce specialized operators that facilitate specifying properties over propositional scopes, where each scope constitutes a subset of states that satisfy a propositional logic formula. Using the proposed operators, the user can specify web properties more concisely and intuitively. Although the motivation behind this problem stems from the context of distinguishing between stable and transient states of the proposed model for Web Applications, the anticipated solution is generic and applicable to any problem domain. Specifying properties using temporal logic is often complex even to experts, while it is a daunting task and error prone for non-expert users. To assist web developer and testers in formally specifying web related properties, we present a library of web specification patterns mapped into LTL. This library is a result of a survey of various resources in the field of quality assurance of Web Applications, which characterize successful web application using a set of standardized attributes. The patterns are categorized into two main classes: functional and non-functional. We finally present our implementation of the proposed framework using Spin model checker, where we develop a prototype tool that monitors and analyzes executions of a given web application, and produces a communicating automata model which could be represented either in Promela (Spin' input language) or XML-Promela. Keywords: Dynamic Analysis, Model Checking, Verification, Linear Temporal Logic, Spin Model Checker, Web Application, Browsing Session, Kripke Structure, Property Patterns, Communicating Automata.