130 results about "Black-box testing" patented technology

A method and process for developing and testing software applies runtime executable patching technology to enhance the quality assurance effort across all phases of the Software Development Life-Cycle in a "grey box" methodology. The system facilitates the creation of re-usable, Plug"n'Play Test Components, called Probe Libraries, that can be used again and again by testers as well as developers in unit and functional tests to add an extra safety net against the migration of low-level defects across Phases of the overall Software Development and Testing Life-Cycle. The new elements introduced in the Software Development Life-Cycle focus on bringing developers and testers together in the general quality assurance workflow and provide numerous tools, techniques and methods for making the technology both relatively easy to use and powerful for various test purposes.

The invention relates to an automation software black box testing system and method based on Android. The system comprises an event injection module, an event dynamic execution and filtering module, a GUI (Graphical User Interface) information automation recording module and a GUI state conversion diagram building module; under the condition of no application program code, the critical UI event of the Android and the system intent event are acquired through manpower, and are injected into the corresponding application of the Android equipment in the form of training scripts through a customized test tool, then in the process of execution of the training scripts, the system event is subjected to dynamic execution and filtering, GUI new window control information and window conversion relation both triggered by the relative event are recorded, and the GUI state conversion diagram model is automatically built according to the recorded information; finally, the test use case is generated according to the GUI state conversion diagram model. The method and the system can add the system event into the GUI model fast and efficiently, so that the integrity of the test is ensured, and the method and the system have the characteristics of higher degree of automation, strong reusability, excellent expandability and the like.

The invention relates to a safety critical system-oriented automatic testing resource management method and a safety critical system-oriented automatic testing resource management platform, which are applied to a huge safety critical system with a high requirement on safe reliability. In the method, a testing project is established after a user passes authentication, three management types, namely testing case management, testing process management and document management are set, and a user selects a corresponding management type to perform resource testing management. The platform has a qualification test (Qt) library-based client / server (C / S) framework on the basis of a management platform; a server is taken as a database; a client comprises a core module, a testing case management module, a testing process management module, a document management module and a Bug management module; and the tree structure and the entity type node data of testing resources and operation on the data are defined by the modules of the client. Uniform management on the automatic testing resources of the safety critical system is realized, and the resource management covers a testing stage from the time, so that the black box testing of the safety critical system is effectively supported.

The invention discloses a method and a system for automatically testing mobile phone applications. The method includes: S1, establishing control on a mobile phone from a computer; S2, installing the applications to be tested in the mobile phone; S3, obtaining component information involved in a test of the applications to be tested, and if a next application to be tested exists, moving to the step S2; S4, writing a corresponding test script according to the component information; S5, triggering a script actuator to send the test script to the mobile phone for batch execution and complete automated testing of all the applications to be tested installed in the mobile phone in the step S2. According to the method and the system for automatically testing the mobile phone applications, the test script is written according to the component information involved in the test of the applications, a user only needs to input testing command into the computer so as to trigger the script actuator to complete the automated testing for all the applications to be tested, a black box test of the mobile phone applications is provided, the automated testing is achieved through a visual script method, and common testing personnel can fast and efficiently complete batch testing of the mobile phone applications.

Testing a computer software application by identifying a sink in the computer software application, identifying a source associated with the sink in the application, identifying an entry point associated with the source in the application, where the source is configured to receive input provided externally to the application via the entry point, determining a sink type represented by the sink, and providing to a testing application information identifying the entry point and in association with the sink type.

Detecting security vulnerabilities in web applications by interacting with a web application at a computer server during its execution at the computer server, identifying client-side instructions provided by the web application responsive to an interaction with the web application, where the client-side instructions are configured to be implemented by a client computer that receives the client-side instructions from the computer server, evaluating the identified client-side instructions, and identifying a security vulnerability associated with the client-side instructions.

Provided is a system and method for black-box testing of software using positive and negative test cases with N-way combinations of parameter values. An original model comprising valid and invalid values is modified in a first phase, by generating exclusions (constraints) for pairs of invalid values. A first suite of test cases is generated from the modified model, and positive test cases eliminated, creating a first test suite with only negative tests. In a second phase, the original model is modified by eliminating invalid values, from which a second test suite having only positive test cases for all valid N-way combinations is generated. Merging the two test suites provides a suite of positive and negative test cases that test software with N-way combinations of values, in which each negative test case has only one invalid value.

The invention provides an Android-based automatic test method for mobile phone notes. The automatic test method comprises the following steps that: 1, the notes needing to be tested and a test case are determined; 2, according to the test case, a custom method packet which aims at a smart phone platform and simulates an artificial black box test operation is called to sequentially encode the test case; 3, well edited codes are complied to an executable file; 4, a tester installs the executable file at a mobile phone terminal and runs a program; 5, equipment calls an assertion method in the custom method packet according to the encoding sequence and is automatically operated according to the test case or the test content; 6, when the program runs, the assertion method in the custom method packet is called to judge whether the result is an expectant result, a log is produced, and the equipment can be shoot by the program at a special interface; and 7, the tester judges the software condition according to the acquired test result. Operation results of the notes are revised and compared, the efficiency is high, the simplicity is realized, and the implementation is easy.

The invention discloses a software credibility measurement and estimation method based on data mining, and the method comprises the following steps of: (1) on the basis of a concept hierarchy, defining a construction relation of each attribute weight and an adjacent layer attribute set in the same attribute set; (2) based on a software testing environment, providing a credibility computing base operator facing to an attribute feature set by combining with an artificial intelligence theory; (3) based on a software blackbox testing method, combining a data mining theory, obtaining a software credibility static state attribute feature set and a credibility computing base operator by using the blackbox testing, computing the initial credibility of the software layer by layer, obtaining a software dynamic attribute feature set by testing the software when running, and obtaining the credibility of the software in running by using a congruence measurement operator; (4) defining the lowest subjective expectation to the attribute feature set through a user, and computing the credibility of the software when in termination layer by layer; and (5) providing an estimation recommendation to the credibility of the to-be-estimated software.

The invention discloses a method and device for automatic testing of a code coverage rate, applied to an Android system and relates to the technical field of Android testing. The method comprises the steps that pile insertion operations of a Jacoco tool are conducted to a source code, so a Class document which is already processed by pile insertion is generated; pre-processing before compiling is conducted to the Class document which is already processed by pile insertion; the pre-processed Class document is compiled and packaged, so an APK document which is already processed by pile insertion is generated; the APK document is installed into a testing machine for running testing, and log information of the code coverage rate is collected and recorded during testing; data integration is conducted to the log information of the code coverage rate, and an EC document containing the code coverage rate information is generated and uploaded to a web server; and integration processing is conducted to the web server, so a code coverage rate report of a designated format is formed and displayed. According to the invention, the automatic testing of the code coverage rate of the Android system can be achieved; the problem about the code coverage rate in black-box testing can be solved; and actual testing demands are satisfied.

Detecting security vulnerabilities in web applications by interacting with a web application at a computer server during its execution at the computer server, identifying client-side instructions provided by the web application responsive to an interaction with the web application, where the client-side instructions are configured to be implemented by a client computer that receives the client-side instructions from the computer server, evaluating the identified client-side instructions, and identifying a security vulnerability associated with the client-side instructions.

The invention relates to an XSS vulnerability detection method based on simulating a browser behavior. A crawler module is contained with a core of a browser, JavaScript can be analyzed and Ajax can be loaded by simulating the browser behavior to obtain a hidden type decanting point of a page. Compared with a traditional condition, the system increases covering of the decanting point greatly. A vulnerability detection module uses a black-box detection method to detect whether an abnormal condition occurs on the page or not by simulating the browser behavior after the attack vector is improved, namely whether the browser executes a page script or not can be detected, whether a current decanting point has vulnerability or not is judged directly, and the method is more accurate compared with the traditional method. In addition, the method is exploited through the python language, the advantages of being easy to maintain and being easy to conduct secondary development are possessed, and a great application value is possessed to the detection and research of the XSS vulnerability.

The invention provides a satellite attitude orbit control software digital closed-loop test system and a method. The system comprises an interface simulation end which is connected with an iSystem system, a remote measurement remote control end and a dynamics model end through a network interface and is used for carrying out interface simulation for carrying out data transmission, the iSystem system used for operating the attitude orbit control software, monitoring an operation state and collecting the data of an external interface, the remote measurement remote control end used for receiving an inputted remote control instruction, sending the remote control instruction to the attitude orbit control software and receiving and processing the remote measurement result data, and the dynamics model end used for receiving the control information outputted by the attitude orbit control software, accomplishing calculation of a satellite peripheral attitude orbit model and sending the data of an input part to the attitude orbit control software. According to the system, the interface simulation end forms the digital simulation operation environment and a flexible customization external interface and interacts with the peripheral dynamics model, and thereby white box test content effects can be realized through a black box test method.

The invention discloses an Android application program automatically black box testing method and system. When recognizing all control information and target window information in the target window as well as obtaining the control information, control information document which is obtained through ADB orders needs to be parsed to gain all control information. It is simple in the process to directly obtain window information through ADB orders.When automatically generating test case, all Android application widget can be covered during the process. When automatically generating test script, keywords and test data need to be added in test case document to achieve to automatically generate test script by automatically encapsulating the test frames of Robotium. When test data changes, the test data in test case document need to be changed. The Android application program automatically black box testing method and system improves the automaticity of test, the coverage rate at interface and the reusability of test script without needing source code.

A method of block box testing in multi-tier application environments. A multi-tier application is divided into a plurality of tier-specific modules. Each of the plurality of tier-specific modules is tested as a black box. Output from testing a tier-specific module can be stored in a computer usable media. Output from a first tier-specific module of the plurality of tier-specific modules can be used as input to a subsequent tier-specific module. Absent actual output, simulated input can used to test tier-specific modules.

The present invention discloses a model based system design and information flow visualization simulation system and method. The system comprises a component model library module, a system model building module, an information display module, a simulation code generation module, a code compiling module, and a running and control module. The present invention by integrating a model concept into a software development process, provides a novel software development and test method, and the method improves a conventional software development mode, and improves development efficiency; based on a reusable component model, the present invention adopts a building block manner to build a system model, so that the amount of manually written codes is reduced to a large extent, the work focus of a developer is shifted to the logic and principle design, and programmable ability of the system is lifted; and the present invention adopts a simulation information visualization manner to display a program running process and delivery variable information, and the conventional black box test is turned to be a white box test, so that validation capability of system design is improved.

The invention belongs to the technical field of model-based test automation of software engineering, discloses an embedded software black-box test case generation method based on a static model and solves the problems that the black-box test based on requirement specification documents is behind, difficult to understand and low in test efficiency, and test case quality is unguaranteed. The technical scheme includes the embedded software black-box test case generation method includes (1) adopting a data flow diagram, a fault tree, a cause-and-effect diagram, a decision table, a nest mechanism of diagrams and expanded semantics of the diagrams to construct the static model of the embedded software; (2) based on the static model, planning test items, and automatically generating black box test case collections corresponding to the test items according to a test coverage principle and a test case generation algorithm. The embedded software black-box test case generation method is applicable to static test requirement description of the embedded software and black-box test case generation.

The inveniton discloses an automatic testing and estimating tool of software in the monitoring system of computer software, which comprises the following parts: realizing too of testing and estimating frame of software, unit testing tool, optimizing tool of integrating testing, reliability testing and estimating tool of software, wherein the unit testing tool is simple technique to integrate black box testing and testing routine of testing data generated by random path; the optimizing tool of integrated testing is the testing optimizing model based on component; the reliability testing and estimating tool of software adopts data bin to collect and store ineffective data to build reliable predicting model based on gene expressive formula program, which analyzes the estimating result of multiple models to give perfect qualitative and quantitative reliable analyzing report. The invention solves the contradiction of incomplete mating between commercial testing tool and local software engineering, which affirms high quality to develop software.

The invention discloses a software testing system, which is used for testing the performance of software, and comprises a module testing device for testing a software module on the basis of functions, a subsystem testing device for combining modules into one or more subsystems and testing the communication performance of interfaces, a software system for connecting the subsystems into a whole, an entire system testing device for testing the entire software system and a test result evaluation device for evaluating test results. When the technical scheme of the invention is adopted, the software testing system can realize the performance test of one or more pieces of software automatically, realize a black box testing function and acquire test results.

The invention relates to the technical field of software test, and provides a test coverage statistical method and a test coverage statistical system based on JVM. The method comprises the steps of: S1, introducing taxons needing subjecting to statistics as parameters while starting JVM; S2, judging whether classes loaded into a virtual machine need to be injected, if yes, executing a step S3, otherwise, directly executing a step S4; S3, implementing bytecode operation to the classes needing subjecting to statistics and writing back into the virtual machine; S4, normally executing the operation of the classes and automatically recording statistical information in the execution by the virtual machine; S5, when the virtual machine exits, computing test coverage according to the statistical information and outputting result. According to the test coverage statistical method and system based on JVM, the bytecode is injected without changing original program structure, the test coverage of the code line level can be obtained in a black-box testing manner, the test coverage of the software code can be quantitatively evaluated, and a forceful reference index can be provided for the sufficiency of the test and the execution efficiency of a test case.

A system for detecting file upload vulnerabilities in web applications is provided. The system may include a black-box tester configured to upload, via a file upload interface exposed by a web application, a file together with a signature associated with the file. An execution monitor may be configured to receive information provided by instrumentation instructions within the web application during the execution of the web application. The execution monitor may be configured to recognize the signature of the uploaded file as indicating that the uploaded file was uploaded by the black-box tester. The execution monitor may also be configured to use any of the information to make at least one predefined determination assessing the vulnerability of the web application to a file upload exploit.

The invention discloses a co-diversified random testing (CAT) method. The diversity among internal program structures of randomly generated test cases is recognized through predicate interpretation (PI); the diversity among input domains of the test cases is recognized through Euclidean distances among the test cases; and then the diversity in the two aspects are combined to efficiently generate an effective test case set, so that the co-diversified random testing method is an automatic random testing technology integrating a black-box testing technology and a white-box testing technology. By adopting the CAT method, the problem of test case redundancies resulted from program structure ignorance in an adaptive random testing (ART) method is improved, the problem of complexity of a path condition (PC) used during symbolic execution is alleviated, and high efficiency and high effectiveness of test case generation are also realized during software testing.

The invention discloses a method and a terminal for testing communication equipment, and relates to the technical field of black-box testing of power electronic equipment. The method for testing the communication equipment comprises the steps that the format of a communication protocol is pre-configured and accords with a communication protocol of the tested communication equipment; according to the pre-configured format of the communication protocol, received and sent test messages are analyzed and assembled; according to the analyzing and assembling result of the tested messages, a test result is output. Through the method and terminal for testing the communication equipment, testing workload can be reduced, and test cost can be greatly reduced.

The invention relates to a dispatching automation system software quality evaluation method. The method comprises the following steps of: I, establishing a software quality model; II, establishing anindex system; III, carrying out multi-index comprehensive evaluation; and IV, calculating a quality index. According to the evaluation method disclosed by the invention, the complete software qualitymodel is constructed, the comprehensive quality index system is established, an effective index test method and a comprehensive evaluation method are disclosed, the specific quality index are given, test methods such as black-box test and artificial judgement are applied, comprehensive and effective test is carried out on software through a complete test case and an evaluation set, and comprehensive evaluation is carried out on the software quality by adoption of an analytic hierarchy process and a fuzzy comprehensive judgement method, so that the dispatching automation system software qualityevaluation problem is solved, and the software quality evaluation efficiency and correctness are improved at the same time, thereby providing guarantee for the stable operation of dispatching automation systems and powerfully supporting the safe operation of power grids.

The invention discloses a program vulnerability detection method, device, computing device and storage medium. The method includes that an input case is selected from input use case set, and then the target program is started to run the selected input case; a control flow path in the running of the target program is obtained and recorded; false information on the control flow path is obtained through testing the control flow path; the program vulnerability is determined according to the false information. The program vulnerability device provides a scheme for automatically discovering potential threats of program products. Detection codes do not need to insert in the target program of this scheme, and no modification happens to the target program. The program vulnerability device is suitable for black box testing of non-open source software system or large program products, and the detection scheme is high in detection efficiency and high in security.

The invention relates to a statistical error positioning method based on the reduction of a black-box test case. The statistical error positioning method aims at a given test case set and utilizes a distance measurement method to measure difference degrees among test cases so as to construct a test case distance matrix; on the basis, test requirements are set, a greedy algorithm is adopted to carry out test case reduction work so as to generate the test case set which meets the test requirements, and the program overlay information and the program execution result of the test case set are simultaneously collected and reduced so as to construct the test case distance matrix; then, statistical error positioning is carried out to measure an anomaly degree of statement errors in the program; and finally, a software error positioning report is generated. The statistical error positioning method aims to solve the problem that the traditional statistical error positioning method needs to collect test information in a long time, so that the efficiency and the usability of the statistical error positioning method are greatly improved, and the efficiency of program debugging work is improved so as to better guarantee the quality of software.

The invention discloses a tree-based black-box test case generation method and system. The method comprises the steps of S1, obtaining n interface parameters and corresponding parameter values; S2, constructing an inverted tree structure by the n interface parameters and the parameter values, wherein each layer of the tree structure represents the value of one interface parameter, and a first-layer node is a node with a maximum number of the values of the n interface parameters; S3, classifying and numbering the values of the interface parameters of all layers; and S4, moving downwards along a branch from a node of the first layer until a leaf node of the whole tree is reached, so that a path is formed, wherein a node number sequence on the path represents a test case, and data types in formed test cases are inconsistent. According to the method and system, the black-box test case coverage rate of an algorithm capable of quickly searching for effective cases is higher and system defects can be located more quickly.

The invention belongs to the software engineering technology field which provides an automatic digging method for the integer overflow hole. The method is: it sets the length of the filling character, the content and the memory address; it fills the data in the appointed memory address by the appointed character, the detected object carries out the treatment to the file data or the network protocol data. It captures the error of the object, if it has the error, it will note the fault position and stores the error data and then it will revise the memory address. It detects cyclically like that until the end of the object data. The method can find the position of the proper memory integer variable in the condition of the black-box testing or the detector does not know the data format to improve the quality and the stability of the software.