ICSE MET 17 Keynote. Metamorphic Testing: Beyond Testing Numerical Computations

Similar documents
Bridge Course On Software Testing

No Source Code. EEC 521: Software Engineering. Specification-Based Testing. Advantages

Case studies of metamorphic tesing

Black Box Testing. EEC 521: Software Engineering. Specification-Based Testing. No Source Code. Software Testing

Verification and Validation. Ian Sommerville 2004 Software Engineering, 7th edition. Chapter 22 Slide 1

Part 5. Verification and Validation

Heartbleed Bug. Anthony Postiglione. Department of Electrical & Computer Engineering Missouri University of Science and Technology

Digitized Engineering Notebook

International Journal of Computer Engineering and Applications, Volume XII, Special Issue, April- ICITDA 18,

International Journal of Computer Engineering and Applications, Volume XII, Special Issue, September 18, ISSN SOFTWARE TESTING

Testing. Prof. Clarkson Fall Today s music: Wrecking Ball by Miley Cyrus

Three General Principles of QA. COMP 4004 Fall Notes Adapted from Dr. A. Williams

Objectives. Chapter 19. Verification vs. validation. Topics covered. Static and dynamic verification. The V&V process

Case Studies on the Selection of Useful Relations in Metamorphic Testing

Overview AEG Conclusion CS 6V Automatic Exploit Generation (AEG) Matthew Stephen. Department of Computer Science University of Texas at Dallas

XVIII. Software Testing. Laurea Triennale in Informatica Corso di Ingegneria del Software I A.A. 2006/2007 Andrea Polini

Verification and Validation. Ian Sommerville 2004 Software Engineering, 7th edition. Chapter 22 Slide 1

Verification and Validation

Test Oracles and Mutation Testing. CSCE Lecture 23-11/18/2015

Software Engineering

The Bizarre Truth! Automating the Automation. Complicated & Confusing taxonomy of Model Based Testing approach A CONFORMIQ WHITEPAPER

Structural Testing. (c) 2007 Mauro Pezzè & Michal Young Ch 12, slide 1

Software Quality. Chapter What is Quality?

Taking White Hats to the Laundry: How to Strengthen Testing in Common Criteria

10. Software Testing Fundamental Concepts

Security Testing. John Slankas

Software Testing Strategies. Slides copyright 1996, 2001, 2005, 2009, 2014 by Roger S. Pressman. For non-profit educational use only

Ian Sommerville 2006 Software Engineering, 8th edition. Chapter 22 Slide 1

Lecture 15 Software Testing

Greats Bugs in History

Topics in Software Testing

It is primarily checking of the code and/or manually reviewing the code or document to find errors This type of testing can be used by the developer

How to Break Software by James Whittaker

Web Security Vulnerabilities: Challenges and Solutions

MSc Software Testing MSc Prófun hugbúnaðar

Verification and Validation. Assuring that a software system meets a user s needs. Verification vs Validation. The V & V Process

DART: Directed Automated Random Testing

Administrivia. ECE/CS 5780/6780: Embedded System Design. Acknowledgements. What is verification?

Software Testing Interview Question and Answer

Ontology- and Bayesian- based Information Security Risk Management

CYSE 411/AIT 681 Secure Software Engineering. Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun

Software Engineering Testing and Debugging Testing

Agent-based Modeling using L S D

4. Risk-Based Security Testing. Reading. CYSE 411/AIT 681 Secure Software Engineering. Seven Touchpoints. Application of Touchpoints

Metamorphic Testing and Beyond

Types of Software Testing: Different Testing Types with Details

INTRODUCTION TO CLOAKWARE/TRS TECHNOLOGY

Manuel Oriol, CHCRC-C, Software Testing ABB

Outline. software testing: search bugs black-box and white-box testing static and dynamic testing

An Introduction to Systematic Software Testing. Robert France CSU

A Template-Based Approach to Describing Metamorphic Relations

Static Analysis and Bugfinding

Honours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui

Chapter 8 Software Testing. Chapter 8 Software testing

Chap 2. Introduction to Software Testing

MSc Software Testing and Maintenance MSc Prófun og viðhald hugbúnaðar

Verification Overview Testing Theory and Principles Testing in Practice. Verification. Miaoqing Huang University of Arkansas 1 / 80

Automatizing vulnerability research

n Explain penetration testing concepts n Explain vulnerability scanning concepts n Reconnaissance is the first step of performing a pen test

MONIKA HEINER.

Low level security. Andrew Ruef

CS/ECE 5780/6780: Embedded System Design

Requirements Validation and Negotiation

L04. Model-based Testing: Principles Henry Muccini. Dipartimento di Informatica, Universityof L Aquila

USER-CENTERED DESIGN KRANACK / DESIGN 4

Database Security MET CS 674 On-Campus/Blended

Software testing. Ian Sommerville 2006 Software Engineering, 8th edition. Chapter 23 Slide 1

Overview. State-of-the-Art. Relative cost of error correction. CS 619 Introduction to OO Design and Development. Testing.

Lecture 17: Testing Strategies. Developer Testing

Why testing and analysis. Software Testing. A framework for software testing. Outline. Software Qualities. Dependability Properties

Introduction to Dynamic Analysis

Predictive malware response testing methodology. Contents. 1.0 Introduction. Methodology version 1.0; Created 17/01/2018

Analysis/Bug-finding/Verification for Security

Testing & Symbolic Execution

Tonight s Agenda. CSC340: Requirements Engineering. Course Objectives. Requirements Engineering. Software Engineering. What is Software Engineering?

Static Analysis of C++ Projects with CodeSonar

COMP 3500 Introduction to Operating Systems Project 5 Virtual Memory Manager

Effizientere IT-Sicherheitstests mit Hilfe von Usage-based Testing

Software Quality Assurance. David Janzen

ThousandEyes for. Application Delivery White Paper

CCNA Cybersecurity Operations 1.1 Scope and Sequence

[IT6004-SOFTWARE TESTING] UNIT 2

Improving software testing cost-effectiveness through dynamic partitioning

1 Visible deviation from the specification or expected behavior for end-user is called: a) an error b) a fault c) a failure d) a defect e) a mistake

Advanced Security Tester Course Outline

Bug Finding with Under-approximating Static Analyses. Daniel Kroening, Matt Lewis, Georg Weissenbacher

CCNA Cybersecurity Operations. Program Overview

In this Lecture you will Learn: Testing in Software Development Process. What is Software Testing. Static Testing vs.

Publications Database

Metamorphic Testing and Its Applications

Software Quality Engineering: Testing, Quality Assurance, and Quantifiable Improvement

Test Plan. KSU Student Portal. Version 2.0. Submitted in partial fulfillment of the requirements of the degree of MSE

CIS 5373 Systems Security

Subject Software Testing Structural Testing

Software change. Software maintenance

Sample Exam Syllabus

Web Application Testing in Fifteen Years of WSE

Semi-Proving: An Integrated Method for Program Proving, Testing, and Debugging

Testing Tools. Software Testing and Verification. Lecture 14. Stephen M. Thebaut, Ph.D. Prepared by. University of Florida

Transcription:

ICSE MET 17 Keynote Metamorphic Testing: Beyond Testing Numerical Computations Dr. Zhi Quan (George) Zhou Associate Professor University of Wollongong Australia zhiquan@uow.edu.au 1

Why this topic? Observation: MT is often illustrated using mathematical functions, e.g. sin(x) = sin (x+360) sin(-x) = -sin(x) This is because mathematical functions have well known properties that everyone understands. Z.Q. (George) Zhou, University of Wollongong 2

Why this topic? Misunderstanding: Is MT just for numerical programs? Z.Q. (George) Zhou, University of Wollongong 3

Why this topic? The fact: Source: Segura et al., A survey on metamorphic testing, TSE 2016 Z.Q. (George) Zhou, University of Wollongong 4

Presentation outline MT in security testing A motivating example: the Heartbleed bug Detecting obfuscator bugs MT for online search MT beyond verification Z.Q. (George) Zhou, University of Wollongong 5

Presentation outline MT in security testing A motivating example: the Heartbleed bug Detecting obfuscator bugs MT for online search MT beyond verification Z.Q. (George) Zhou, University of Wollongong 6

MT in Security Testing A motivating example: the Heartbleed bug Under the Heartbeat protocol, the client sends a message and the message length to the server, and the server sends back the same message. Z.Q. (George) Zhou, University of Wollongong 7

MT in Security Testing A motivating example: the Heartbleed bug Server, if you are still there, send me banana (6 letters) Z.Q. (George) Zhou, University of Wollongong 8

MT in Security Testing A motivating example: the Heartbleed bug banana Z.Q. (George) Zhou, University of Wollongong 9

MT in Security Testing A motivating example: the Heartbleed bug The specification (RFC 6520) (TLS and DTLS Heartbeat Extension) Z.Q. (George) Zhou, University of Wollongong 10

MT in Security Testing A motivating example: the Heartbleed bug The specification (RFC 6520) (TLS and DTLS Heartbeat Extension) Z.Q. (George) Zhou, University of Wollongong 11

MT in Security Testing A motivating example: the Heartbleed bug The specification (RFC 6520) (TLS and DTLS Heartbeat Extension) Z.Q. (George) Zhou, University of Wollongong 12

MT in Security Testing A motivating example: the Heartbleed bug The specification (RFC 6520) (TLS and DTLS Heartbeat Extension) Z.Q. (George) Zhou, University of Wollongong 13

MT in Security Testing A motivating example: the Heartbleed bug The specification (RFC 6520) (TLS and DTLS Heartbeat Extension) Z.Q. (George) Zhou, University of Wollongong 14

MT in Security Testing A motivating example: the Heartbleed bug The specification (RFC 6520) (TLS and DTLS Heartbeat Extension) Z.Q. (George) Zhou, University of Wollongong 15

The bug: Z.Q. (George) Zhou, University of Wollongong 16

MT in Security Testing A motivating example: the Heartbleed bug Server, if you are still there, send me banana (600 letters) Z.Q. (George) Zhou, University of Wollongong 17

MT in Security Testing 600 characters in server buffer starting from b. A They motivating can be anything. example: the Heartbleed bug banana. User George set password to abcdefg. Server master key is set to 0987654321 Z.Q. (George) Zhou, University of Wollongong 18

MT in Security Testing A motivating example: the Heartbleed bug Difficulty in detecting the bug No crash No hang Undetectable with fuzz testing alone. Z.Q. (George) Zhou, University of Wollongong 19

MT in Security Testing A motivating example: the Heartbleed bug How MT can help? To identify MRs, the tester will ask: What if I change some of the parameter values? Z.Q. (George) Zhou, University of Wollongong 20

What if I change type to a different value? Z.Q. (George) Zhou, University of Wollongong 21

What if I change payload_length to a different value? This MR will generate failure test cases! Z.Q. (George) Zhou, University of Wollongong 22

What if I change two ore more parameters? MT can guide the tester to think beyond the normal range of input values (negative testing). Z.Q. (George) Zhou, University of Wollongong 23

MT in Security Testing Related work: MT in penetration test COMPSAC'17 Z.Q. (George) Zhou, University of Wollongong 24

Presentation outline MT in security testing A motivating example: the Heartbleed bug Detecting obfuscator bugs MT for online search MT beyond verification Z.Q. (George) Zhou, University of Wollongong 25

Detecting obfuscator bugs A pilot study Critical security infrastructure Transform an original program into an equivalent program less readable to prevent attackers from analyzing and understanding the original code. Z.Q. (George) Zhou, University of Wollongong 26

Detecting obfuscator bugs A pilot study As important as compilers But difficult to test A surprising observation: Compiler testing: a lot of research Obfuscator testing: almost nothing Our work: first to report real bugs. Z.Q. (George) Zhou, University of Wollongong 27

Detecting obfuscator bugs Obfuscators under test Cobfusc open source Linux utility that makes a C source file unreadable, but compilable. http://manpages.ubuntu.com/manpages/hardy/man1/cobfusc.1.html Z.Q. (George) Zhou, University of Wollongong 28

Detecting obfuscator bugs Obfuscators under test Z.Q. (George) Zhou, University of Wollongong 29

Detecting obfuscator bugs Obfuscators under test Stunnix CXX-Obfus commercial C/C++ obfuscator users include many Fortune 500 companies http://stunnix.com/prod/cxxo Z.Q. (George) Zhou, University of Wollongong 30

Detecting obfuscator bugs Obfuscators under test Z.Q. (George) Zhou, University of Wollongong 31

Detecting obfuscator bugs Obfuscators under test Tigress C obfuscator developed at the University of Arizona that supports novel defenses against both static and dynamic reverse engineering. Z.Q. (George) Zhou, University of Wollongong 32

Detecting obfuscator bugs Obfuscators under test Obfuscator-LLVM open source tool in LLVM compilation suite. Given a C source program, Obfuscator-LLVM outputs obfuscated and compiled binary code LLVM users include Adobe Systems, Apple, Intel, and Sony. https://github.com/obfuscator-llvm/obfuscator/wiki Z.Q. (George) Zhou, University of Wollongong 33

Detecting obfuscator bugs Obfuscators under test Z.Q. (George) Zhou, University of Wollongong 34

Detecting obfuscator bugs The metamorphic relations (MRs) MR 1 Same outputs for the same inputs Q O(Q) C(O(Q)) P O(P) C(O(P)) obfuscator compiler Z.Q. (George) Zhou, University of Wollongong 35

Detecting obfuscator bugs The metamorphic relations (MRs) Q MR 1 How do we generate equivalent (P, Q)? MR 1.1 : by a separate tool MR 1.2 : by the obfuscator. C(O(Q)) P O(P) C(O(P)) obfuscator compiler Z.Q. (George) Zhou, University of Wollongong 36

Detecting obfuscator bugs The metamorphic relations (MRs) MR 2 For the same input program, the obfuscator should generate (behaviourally) equivalent programs regardless of when the obfuscator is run. P O(P) C(O(P)) obfuscator compiler P O(P) C(O(P)) obfuscator compiler Z.Q. (George) Zhou, University of Wollongong 37

Detecting obfuscator bugs The metamorphic relations (MRs) MR 3 Looks at obfuscated source code without compiling it. P O(P) C(O(P)) obfuscator compiler Checks whether obfuscation rules have been applied consistently each time the obfuscator runs. Z.Q. (George) Zhou, University of Wollongong 38

Detecting obfuscator bugs Tigress Z.Q. (George) Zhou, University of Wollongong 39

Detecting obfuscator bugs Tigress either true or false, i.e. 1 or 0. Z.Q. (George) Zhou, University of Wollongong 40

Detecting obfuscator bugs Tigress either 1-116 or 0-116 i.e., true. Z.Q. (George) Zhou, University of Wollongong 41

Detecting obfuscator bugs Tigress true else branch is unreachable true else branch is unreachable Z.Q. (George) Zhou, University of Wollongong 42

Any MT test case (i, j) will Detecting obfuscator bugs Tigress detect a failure because i-10 i+10. true i = i - 10 else branch is unreachable true i = i + 10 else branch is unreachable Z.Q. (George) Zhou, University of Wollongong 43

true i = i - 10 else branch is unreachable true Conventional testing without MT can detect the i = i + 10 else branch is unreachable failure only when i<=j (hence not guaranteed). Z.Q. (George) Zhou, University of Wollongong 44

In comparison, MT guarantees detection of the failure in this example, because O(P 1 ) and O(P 2 ) always output different values for i. true i = i - 10 else branch is unreachable true i = i + 10 else branch is unreachable Z.Q. (George) Zhou, University of Wollongong 45

Detecting obfuscator bugs Cobfusc MR 1.2 P O(P) C(O(P)) obfuscator compiler P: O(O(O(P))): Can t be compiled. Z.Q. (George) Zhou, University of Wollongong 46

Detecting obfuscator bugs Obfuscator-LLVM MR 2 : When an obfuscator runs at different times for the same program, the behaviour of the output programs should be equivalent.

Detecting obfuscator bugs Obfuscator-LLVM

Detecting obfuscator bugs Obfuscator-LLVM

Detecting obfuscator bugs Stunnix CXX-Obfus MR 3 : checking that obfuscated source files based on the same input source file are consistent. Z.Q. (George) Zhou, University of Wollongong 50

Detecting obfuscator bugs Stunnix CXX-Obfus Z.Q. (George) Zhou, University of Wollongong 51

Detecting obfuscator bugs Stunnix CXX-Obfus Z.Q. (George) Zhou, University of Wollongong 52

Relevant publication Metamorphic testing for cybersecurity, Computer, 2016. Z.Q. (George) Zhou, University of Wollongong 53

Presentation outline MT in security testing A motivating example: the Heartbleed bug Detecting obfuscator bugs MT for online search MT beyond verification Z.Q. (George) Zhou, University of Wollongong 54

MT for Online Search Related publications Automated functional testing of web search engines in the absence of an oracle, The University of Hong Kong, Tech. Rep. TR-2007-06, 2007 Automated functional testing of online search services, Software Testing, Verification and Reliability, 2012. Metamorphic testing for software quality assessment: A study of search engines, IEEE Transactions on Software Engineering, 2016 Ongoing projects to report more interesting findings Z.Q. (George) Zhou, University of Wollongong 55

MT for Online Search Significance Post-industrial society / knowledge society / information society Key: to find the information. Z.Q. (George) Zhou, University of Wollongong 56

MT for Online Search Significance Online search / information retrieval The main activity to discover information cf. browsing Very difficult to test. Z.Q. (George) Zhou, University of Wollongong 57

MT for Online Search Applications Z.Q. (George) Zhou, University of Wollongong

MT for Online Search Applications Z.Q. (George) Zhou, University of Wollongong 59

MT for Online Search Applications Z.Q. (George) Zhou, University of Wollongong 60

MT for Online Search Applications Z.Q. (George) Zhou, University of Wollongong 61

MT for Online Search Applications Z.Q. (George) Zhou, University of Wollongong 62

MT for Online Search Applications

MT for Online Search Applications Location based service / local search Source of image: http://techiegrp.com/wp-content/uploads/2014/08/location-based-marketing.jpg

MT for Online Search Traditional evaluation methods Precision Recall C / B expensive C / A impossible Difficulties: (1) the sheer volume of online data (2) how to decide relevance? (3) how to assess ranking quality? C B A 65

MT for Online Search How to identify MRs? A top-down approach Z.Q. (George) Zhou, University of Wollongong 66

MT for Online Search MR examples First identify some General MRs, e.g.: If A implies B then * results for A results for B, and * results for A results for B. A general MR can generate many concrete MRs. Z.Q. (George) Zhou, University of Wollongong 67

a general MR: If A implies B then results for A results for B. a concrete MR: filtering by location Example: www.yellowpages.com.au Z.Q. (George) Zhou, University of Wollongong 68

a general MR: If A implies B then results for A results for B. a concrete MR: filtering by location failure Z.Q. (George) Zhou, University of Wollongong 69

a general MR: If A implies B then results for A results for B. concrete MRs: using logical operations such as AND, OR, EXCLUDE: results for (A 1 AND A 2 ) results for A 1 results for (A 1 - A 2 ) results for A 1 results for (A 1 ) results for (A 1 OR A 2 ) Z.Q. (George) Zhou, University of Wollongong 70

a general MR: If A implies B then results for A results for B. concrete MRs: using logical operators such as AND, OR, EXCLUDE: results for (A 1 AND A 2 ) results for A 1 results for (A 1 - A 2 ) results for A 1 results for (A 1 ) results for (A 1 OR A 2 ) A 1, A 2 can be any search criteria, e.g. query terms and filters Z.Q. (George) Zhou, University of Wollongong 71

a general MR: If A implies B then results for A results for B. concrete MRs: using logical operators such as AND, OR, EXCLUDE: results for (A 1 AND A 2 ) results for A 1 results for (A 1 - A 2 ) results for A 1 results for (A 1 ) results for (A 1 OR A 2 ) A 1, A 2 can be any search criteria, e.g. query terms and filters Z.Q. (George) Zhou, University of Wollongong 72

a general MR: If A implies B then results for A results for B. concrete MRs: using logical operators such as AND, OR, EXCLUDE: results for (A 1 AND A 2 ) results for A 1 results for (A 1 - A 2 ) results for A 1 results for (A 1 ) results for (A 1 OR A 2 ) A 1, A 2 can be any search criteria, e.g. query terms and filters Z.Q. (George) Zhou, University of Wollongong 73

concrete MRs: using logical operators such as AND, OR, EXCLUDE: results for (A 1 AND A 2 ) results for A 1 results for (A 1 - A 2 ) results for A 1 results for (A 1 ) results for (A 1 OR A 2 ) A 1, A 2 can be any search criteria, e.g. query terms and filters. Z.Q. (George) Zhou, University of Wollongong 74

concrete MRs: using logical operators such as AND, OR, EXCLUDE: results for (A 1 AND A 2 ) results for A 1 results for (A 1 - A 2 ) results for A 1 results for (A 1 ) results for (A 1 OR A 2 ) A 1, A 2 can be any search criteria, e.g. query terms and filters. Z.Q. (George) Zhou, University of Wollongong 75

MT for Online Search Z.Q. (George) Zhou, University of Wollongong 76

MT for Online Search Validity must be carefully considered Because online search may only return approximate results. We cannot use simple mathematics such as: If A=1, B=2 then A+B=3. Z.Q. (George) Zhou, University of Wollongong 77

MT for Online Search Validity must be carefully considered Dynamic nature of online data? All tests must be repeatable. Z.Q. (George) Zhou, University of Wollongong 78

MT for Online Search Validity must be carefully considered Relationship between users information needs and logical consistency (MRs)? Users perceived quality of ranking decreases if they find strong inconsistencies in search results. Z.Q. (George) Zhou, University of Wollongong 79

MT for Online Search Ranking quality Most users are more concerned about the first few items. Z.Q. (George) Zhou, University of Wollongong 80

MT for Online MR: An Search example of Web search engines Ranking quality filter Z.Q. (George) Zhou, University of Wollongong 81

MT for Online Search Ranking quality Studied different file types HTML, PDF, TXT Sensitive / vulnerable to hyperlink structure / topology of Web components Needs improvement for less structured files How about multimedia search? Further research topic Any bias in search results? Z.Q. (George) Zhou, University of Wollongong 82

Useful for detecting security vulnerabilities Undetectable with traditional approaches.

Presentation outline MT in security testing A motivating example: the Heartbleed bug Detecting obfuscator bugs MT for online search MT beyond verification Z.Q. (George) Zhou, University of Wollongong 84

MT beyond verification Software testing can be performed for different purposes, with verification and validation being the core tasks. Testing is also used for other types of quality assessment beyond V&V, such as usability and scalability. Z.Q. (George) Zhou, University of Wollongong 85

MT beyond verification Meeting the challenges lack of specifications lack of oracles when verifying, validating, and assessing large and complex software systems. User-oriented approach Z.Q. (George) Zhou, University of Wollongong 86

Figure adapted from: Mauro Pezzè and Michal Young, Software Testing and Analysis: Process, Principles and Techniques

x x x x x x x Note: User manuals are not specifications --- an adequate guide to building a product that will fulfill its goals.

Difficulties in user validation A large body of software systems come without specifications, or with incomplete specifications, e.g.: online systems open source development poor software evolution web services Z.Q. (George) Zhou, University of Wollongong 89

Difficulties in user validation The lack of knowledge about the software design and specifications, coupled with the oracle problem, makes user validation extremely difficult. It is hard for users to decide if, and to what degree, the systems are appropriate for their needs. Z.Q. (George) Zhou, University of Wollongong 90

Difficulties in user validation The lack of knowledge about the software design and specifications, coupled with the oracle problem, makes user validation extremely difficult. It is hard Solution: for users define to decide MRs if, and from to the what degree, the user s systems perspective. are appropriate for their needs. Beyond traditional verification and fault detection. Z.Q. (George) Zhou, University of Wollongong 91

MT beyond verification From verification to validation

MT beyond verification From verification to validation Z.Q. (George) Zhou, University of Wollongong 93

MT beyond verification From V&V to quality assessment A crucial deficiency in Bing s functional completeness, which refers to the degree to which the set of functions covers all the specified tasks and user objectives. Z.Q. (George) Zhou, University of Wollongong 94

MT beyond verification From V&V to quality assessment Z.Q. (George) Zhou, University of Wollongong 95

MT beyond verification From V&V to quality assessment Functional completeness Z.Q. (George) Zhou, University of Wollongong 96

MT beyond verification From V&V to quality assessment Functional correctness Z.Q. (George) Zhou, University of Wollongong 97

Functional correctness: more examples Search for a paper in the ACM digital library: In black and white: an integrated approach to class-level testing of object-oriented programs Z.Q. (George) Zhou, University of Wollongong 98

Functional correctness: more examples Z.Q. (George) Zhou, University of Wollongong 99

Functional correctness: more examples Oracle on the fly: Shoot first and then point to the target. filter Z.Q. (George) Zhou, University of Wollongong 100

Functional correctness: more examples Z.Q. (George) Zhou, University of Wollongong 101

Z.Q. (George) Zhou, University of Wollongong 102

MT beyond verification Measuring software performance Performance efficiency: MT revealed scalability problems of the SUTs. Z.Q. (George) Zhou, University of Wollongong 103

MT beyond verification Measuring software performance: scalability steeper performance degradation when searching large domains. Z.Q. (George) Zhou, University of Wollongong 104

MT beyond verification Measuring software performance: scalability performance degradation when searching large domains. Z.Q. (George) Zhou, University of Wollongong 105

MT beyond verification Reliability: degree to which a system performs specified functions under specified conditions for a specified period of time. Measuring reliability We performed MT under different operational profiles and quantified the test results on an hourly basis. Z.Q. (George) Zhou, University of Wollongong 106

MT beyond verification Measuring reliability Z.Q. (George) Zhou, University of Wollongong 107

MT beyond verification Measuring reliability Z.Q. (George) Zhou, University of Wollongong 108

MT beyond verification Measuring reliability Z.Q. (George) Zhou, University of Wollongong 109

MT beyond verification Measuring reliability Z.Q. (George) Zhou, University of Wollongong 110

MT beyond verification Measuring reliability Z.Q. (George) Zhou, University of Wollongong 111

MT beyond verification Measuring usability Operability: easy to operate and control. A lot of search operators were tested in MT. Z.Q. (George) Zhou, University of Wollongong 112

MT beyond verification Measuring usability User error protection: e.g. even if users didn't issue their queries by following the optimal order. Z.Q. (George) Zhou, University of Wollongong 113

MT beyond verification Quality in Use Model Quality in Use Model: characterizes the impact that the product has on its stakeholders. Effectiveness: accuracy and completeness with which users achieve specified goals. Z.Q. (George) Zhou, University of Wollongong 114

MT beyond verification Quality in Use Model Context completeness: A system "can be used... in all the specified contexts of use." We tested with different operational profiles e.g. different languages, query types, and domains to search. Z.Q. (George) Zhou, University of Wollongong 115

Ongoing Research Location-based search GPS navigation software ecommerce websites Z.Q. (George) Zhou, University of Wollongong 116

Questions are welcome Z.Q. (George) Zhou, University of Wollongong 117

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback