tags:

views:

33

answers:

2
+1  Q: 

Exhaustive website verifier

I have this grand idea to basically employ some brute force attack to test/verify that my web application doesn't crash.

Don't get me started on unit testing, and IoC stuff, this is something else entirely.

What I'm doing, and what I'm asking for help with is to create an intelligent exhaustive search, that explore parts of the program state.

What I have is a web page with things I can do, clicking is one thing, text input is another, some inputs like radio buttons and drop down lists are constrained to certain values. Pretty basic things. What I end up with a finite set of events and values and what I want to model is a progression of state. Maybe this is FSM optimization in a way, but the goal is to systematically go through arbitrary permutations of events and values and see what happens.

When a problem is found I want to try and provoke that error with as little effort as possible to be able to present a clear test case.

This relates to formal verification methods and I'm asking for help or insight from people with experience.

+1  A: 

What you want to do sounds a little like model-checking, on the one hand, and automated test case generation on the other hand (in the latter category check out Concolic testing, a technique to avoid wasting time with unfeasible execution paths).

Model-checking would be the preferred method if you assume your web application is correct and want to prove that it is. But in the case of a warning, you may have to work to understand if the problem is real or not. Test case generation is oriented towards bug-finding: it does not prove that you app is correct, but if it finds a problem, it gives you an input vector to produce it so you don't need to wonder if the problem is real.

I am not aware of any existing tools for web apps, but that doesn't mean that they don't exist.

Pascal Cuoq  2010-02-22 19:47:22
This is exactly what I was looking for, thanks. I'm not trying to create a proof for my web app, but I am trying to find bugs before anyone else runs in to them.
John Leidegren  2010-02-23 09:51:43
+1  A: 

It sounds like you want a fuzzer. Peach is one such tool.

Hugh Brackett  2010-02-22 21:28:03

related questions

Can applications running in ring0 be secure without formal verification?
Want tool to obtain linear temporal logic spec from UML 2.0 sequence diagram
Splitting a test to a set of smaller tests
Formally verifying the correctness of an algorithm
How to learn about formal top-down approach to software architecture?
Do formal methods of program verfication have a place in industry?
JML Evaluation of \old(Expression[Id])
Recommend book for discrete math
Haskell or Standard ML for beginners?
Difference between Discrete Structures and Discrete Mathematics
Is a given set of group elements a set of coset representatives?
Should I use formal methods on my software project?
Is there an algorithm for calculating the multiplicative order of x modulo y (for y < 1000) that doesn't require a BigInteger type?
Algorithm for checking transitivity of relation?
Compute a derivative using discrete methods
Which algorithm for assigning shifts (discrete optimization problem)
Every graph node is connected with every other node. There are N * (N - 1)/2 edges.
How to design and verify distributed systems?
Recommendations for discrete math resources
Constrained Sequence to Index Mapping
Is there a tool that supports discrete mathematics?
Where is a good place to brush up on some math?
How Does Relational Theory Apply in Ways I can Care About while Learning it?
What is your experience with software model checking?