REST API Testing in DevOps: A Study on an Evolving Healthcare IoT Application

• URL: http://arxiv.org/abs/2410.12547v1
• Date: Wed, 16 Oct 2024 13:24:42 GMT
• Title: REST API Testing in DevOps: A Study on an Evolving Healthcare IoT Application
• Authors: Hassan Sartaj, Shaukat Ali, Julie Marie Gjøby,
• Abstract summary: This paper evaluates state-of-the-art and well-established REST API testing tools. We conducted experiments using all accessible REST APIs with 120 endpoints. All tools generated tests leading to several failures, 18 potential faults, up to 84% coverage, 23 regressions, and over 80% cost overhead.
• Score: 3.229371159969159
• License:
• Abstract: Healthcare Internet of Things (IoT) applications often integrate various third-party healthcare applications and medical devices through REST APIs, resulting in complex and interdependent networks of REST APIs. Oslo City's healthcare department collaborates with various industry partners to develop such healthcare IoT applications enriched with a diverse set of REST APIs. Following the DevOps process, these REST APIs continuously evolve to accommodate evolving needs such as new features, services, and devices. Oslo City's primary goal is to utilize automated solutions for continuous testing of these REST APIs at each evolution stage, thereby ensuring their dependability. Although the literature offers various automated REST API testing tools, their effectiveness in regression testing of the evolving REST APIs of healthcare IoT applications within a DevOps context remains undetermined. This paper evaluates state-of-the-art and well-established REST API testing tools-specifically, RESTest, EvoMaster, Schemathesis, RESTler, and RestTestGen-for the regression testing of a real-world healthcare IoT application, considering failures, faults, coverage, regressions, and cost. We conducted experiments using all accessible REST APIs (17 APIs with 120 endpoints), and 14 releases evolved during DevOps. Overall, all tools generated tests leading to several failures, 18 potential faults, up to 84% coverage, 23 regressions, and over 80% cost overhead.

Related papers

• AutoPT: How Far Are We from the End2End Automated Web Penetration Testing? [54.65079443902714]
  We introduce AutoPT, an automated penetration testing agent based on the principle of PSM driven by LLMs. Our results show that AutoPT outperforms the baseline framework ReAct on the GPT-4o mini model.
  arXiv  Detail & Related papers  (2024-11-02T13:24:30Z)
• Beyond Browsing: API-Based Web Agents [58.39129004543844]
  API-based agents outperform web browsing agents in experiments on WebArena. Hybrid Agents out-perform both others nearly uniformly across tasks. Results strongly suggest that when APIs are available, they present an attractive alternative to relying on web browsing alone.
  arXiv  Detail & Related papers  (2024-10-21T19:46:06Z)
• Reinforcement Learning-Based REST API Testing with Multi-Coverage [4.127886193201882]
  MUCOREST is a novel Reinforcement Learning (RL)-based API testing approach that leverages Q-learning to maximize code coverage and output coverage. MUCOREST significantly outperforms state-of-the-art API testing approaches by 11.6-261.1% in the number of discovered API bugs.
  arXiv  Detail & Related papers  (2024-10-20T14:20:23Z)
• Observation-based unit test generation at Meta [52.4716552057909]
  TestGen automatically generates unit tests, carved from serialized observations of complex objects, observed during app execution. TestGen has landed 518 tests into production, which have been executed 9,617,349 times in continuous integration, finding 5,702 faults. Our evaluation reveals that, when carving its observations from 4,361 reliable end-to-end tests, TestGen was able to generate tests for at least 86% of the classes covered by end-to-end tests.
  arXiv  Detail & Related papers  (2024-02-09T00:34:39Z)
• Leveraging Large Language Models to Improve REST API Testing [51.284096009803406]
  RESTGPT takes as input an API specification, extracts machine-interpretable rules, and generates example parameter values from natural-language descriptions in the specification. Our evaluations indicate that RESTGPT outperforms existing techniques in both rule extraction and value generation.
  arXiv  Detail & Related papers  (2023-12-01T19:53:23Z)
• Exploring Behaviours of RESTful APIs in an Industrial Setting [0.43012765978447565]
  We propose a set of behavioural properties, common to REST APIs, which are used to generate examples of behaviours that these APIs exhibit. These examples can be used both (i) to further the understanding of the API and (ii) as a source of automatic test cases. Our approach can generate examples deemed relevant for understanding the system and for a source of test generation by practitioners.
  arXiv  Detail & Related papers  (2023-10-26T11:33:11Z)
• Adaptive REST API Testing with Reinforcement Learning [54.68542517176757]
  Current testing tools lack efficient exploration mechanisms, treating all operations and parameters equally. Current tools struggle when response schemas are absent in the specification or exhibit variants. We present an adaptive REST API testing technique incorporates reinforcement learning to prioritize operations during exploration.
  arXiv  Detail & Related papers  (2023-09-08T20:27:05Z)
• Testing Real-World Healthcare IoT Application: Experiences and Lessons Learned [5.126355491416586]
  We report an industrial evaluation of a state-of-the-art REST APIs testing approach (RESTest) on a real-world healthcare IoT application. We analyze the effectiveness of RESTest's testing strategies regarding REST API failures, faults in the application, and REST API coverage.
  arXiv  Detail & Related papers  (2023-09-08T09:35:21Z)
• Nirikshak: A Clustering Based Autonomous API Testing Framework [0.0]
  Nirikshak is a self-reliant testing framework for REST API testing. It achieves level 2 of autonomy in executing REST API testing procedures. Nirikshak is publicly available as an open-source software for the community at https://github.com/yashmahalwal/nirikshak.
  arXiv  Detail & Related papers  (2021-12-15T18:05:27Z)
• Improving Test Case Generation for REST APIs Through Hierarchical Clustering [14.064310383770243]
  In the last decade, tools and approaches have been proposed to automate the creation of system-level test cases for APIs. One of the limiting factors of evolutionary algorithms (EAs) is that the genetic operators are fully randomized. This paper proposes a new approach that uses agglomerative hierarchical clustering (AHC) to infer a linkage tree model.
  arXiv  Detail & Related papers  (2021-09-14T12:57:49Z)
• Dynamic Causal Effects Evaluation in A/B Testing with a Reinforcement Learning Framework [68.96770035057716]
  A/B testing is a business strategy to compare a new product with an old one in pharmaceutical, technological, and traditional industries. This paper introduces a reinforcement learning framework for carrying A/B testing in online experiments.
  arXiv  Detail & Related papers  (2020-02-05T10:25:02Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.