Using Model-Based Testing to Repair Models of Configurable Software Systems

Software testing is an important phase in the software development process, aiming at locating faults in artifacts, in order to achieve a degree of confidence that the software behaves according to its specification. While most of the techniques in software testing are applied to debugging, fault-localization, and repair of code, to the best of our knowledge there are fewer works regarding the application of software testing to locate faults in models, and to the automated repair of such faults. The goal of this PhD thesis is to study how testing, and specifically model-based testing, can be applied to repair models of configurable software systems. We describe the research approach, and discuss the application cases of configuration constraints in combinatorial models, feature models, and clock guards in timed automata. In addition to evaluating the process on different versions of real-world systems, we show an application of repair of configuration constraints for the detection of security vulnerability conditions among parameters of XSS attack vectors. Empirical evaluation shows that, on average, the process achieves around 37% accuracy in combinatorial model repair, 79% accuracy in XSS vulnerability detection, 89% accuracy for the feature model repair through mutations, and 100% accuracy on variability constraints and timed automata clock-guards repair, although these values have been obtained in the optimal conditions for fault localization, that is an important factor influencing accuracy. We also present CTWedge and MixTgTe, two tools developed to support combinatorial testing and failure-inducing combination detection respectively, that are two important preliminary activities for the actual model repair. We then discuss future work to overcome the current limitations of the approach, and for applying testing to repair other types of models of software systems.