| 摘要 |
PROBLEM TO BE SOLVED: To provide symbolic execution for validating a Web application. SOLUTION: A symbolic string manipulation class library for one or more web applications is created. A manipulation group is generalized into a string manipulation symbolic algebra. Also, symbolic execution is performed for one or more web applications. Typically, a Java model checker is augmented to check for certain types of requirements or properties in performing the symbolic execution. If an error scenario exists, a solution to a set of symbolic constraints is obtained, and the solution is mapped back to a source code to obtain an error trace and a test case. Requirements or properties may be encoded through templates, and checked using public domain decision procedures. The properties or requirements can relate to security validation. The symbolic execution can be adjusted for Java-based web applications. COPYRIGHT: (C)2009,JPO&INPIT
|
