QuickCheck: a lightweight tool for random testing of Haskell programs
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
Symbolic execution and program testing
Communications of the ACM
Analysis and testing of Web applications
ICSE '01 Proceedings of the 23rd International Conference on Software Engineering
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Model Checking the World Wide Web
CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
Verifying Interactive Web Programs
Proceedings of the 19th IEEE international conference on Automated software engineering
Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
Software Abstractions: Logic, Language, and Analysis
Software Abstractions: Logic, Language, and Analysis
WAVer: A Model Checking-based Tool to Verify Web Application Design
Electronic Notes in Theoretical Computer Science (ENTCS)
Kodkod: a relational model finder
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Generalized symbolic execution for model checking and testing
TACAS'03 Proceedings of the 9th international conference on Tools and algorithms for the construction and analysis of systems
Symbolic security analysis of ruby-on-rails web applications
Proceedings of the 17th ACM conference on Computer and communications security
Static checking of dynamically-varying security policies in database-backed applications
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
The RSpec Book: Behaviour Driven Development with Rspec, Cucumber, and Friends
The RSpec Book: Behaviour Driven Development with Rspec, Cucumber, and Friends
Bounded verification of Ruby on Rails data models
Proceedings of the 2011 International Symposium on Software Testing and Analysis
MDA and analysis of web applications
TEAA'05 Proceedings of the 31st VLDB conference on Trends in Enterprise Application Architecture
Data model property inference and repair
Proceedings of the 2013 International Symposium on Software Testing and Analysis
Growing solver-aided languages with rosette
Proceedings of the 2013 ACM international symposium on New ideas, new paradigms, and reflections on programming & software
Model-based, event-driven programming paradigm for interactive web applications
Proceedings of the 2013 ACM international symposium on New ideas, new paradigms, and reflections on programming & software
| Hi-index | 0.00 |
Rubicon is a verifier for web applications. Specifications are written in an embedded domain-specific language and are checked fully automatically. Rubicon is designed to fit with current practices: its language is based on RSpec, a popular testing framework, and its analysis leverages the standard Ruby interpreter to perform symbolic execution (generating verification conditions that are checked by the Alloy Analyzer). Rubicon has been evaluated on five open-source applications; in one, a widely used customer relationship management system, a previously unknown security flaw was revealed.