Stress Testing Web 2.0 Apps

Tuesday, February 28, 2012 @ 04:02 PM gHale

Web applications such as Google Mail, Facebook and Amazon see use every day. However, so far there are no methods to test them systematically and at low cost for malfunctions and security vulnerabilities.

But that issue may soon disappear as there is a new program in development that could offer automatic methods of testing, which check complex web applications autonomously, said researchers at Saarland University in Saarbrücken, Germany.

Updated DHS Cyber Security Tool
Body Heat Powers Devices
Grass to Gas: A Biofuel Boost
Hydrogen from Acidic Water

“Ineffective and inefficient” is Valentin Dallmeier’s assessment of the methods that web developers and responsible project leaders rely on to try to find programming errors and security holes in web applications. Dallmeier, a post doctorate student working at the software engineering chair at Saarland, said its main focus is systematic automated debugging.

The developed methods are functioning very well with typical computer programs. Dallmeier and his colleague Martin Burger have built on that basis, and aim to develop a software system that will determine automatically why Web 2.0 applications fail.

Web applications run centrally on an online server. Therefore, in contrast to conventional programs, they are not on the user’s computer or laptop; instead, the user interacts with them via a web browser.

In recent years, thanks to new web development technologies such as Asynchronous JavaScript and XML (AJAX), web applications can work smoothly as if they were on personal computers. AJAX takes care of organizing the transfer of data packets between the user’s computer and server in such a way the delays incurred by the connection are barely noticeable. Hence, not only private users but also companies and the public sector are adopting web applications more and more. However, their quality control is not any better.

“This is still done manually and therefore causes not only very high costs, but also high levels of risk for companies and the community,” Burger said. He refers to an article from last December, which revealed that incorrect programming of the “Facebook” social network made it possible to access saved, private photos of members.

Dallmeier and Burger want to prevent such worst-case scenarios and other breakdowns through their software “Webmate.” Businesses and their responsible web administrators will only have to type in their Web address. Afterward the system will automatically discover how the different components of the application connect to each other and via which menus, buttons, and other control panels the users are interacting with the application.

Subsequently, it will generate and carry out test scenarios. If it discovers, for example, the application is not compatible with a certain version of a browser, or a control panel no longer exists in a new version of the application, the system will inform the developer immediately — likewise if a database is not connected, a server does not respond, or a link is dead. The web developer should be able to repeat this test at any time.

In the future, there will be a fee for the service. The researchers want to promote the technology through their own business, and hope to receive a patent. They will start up their own company within the next few months. Dallmeier, the leader of the project, is confident it is possible to implement the software system soon.

“We have done the basic work over the last three years, and we even did some feasibility studies,” he said. He estimates the market potential in Germany alone to be $161.5 million (€120 million) a year.

Leave a Reply

You must be logged in to post a comment.