[ PDF |
DOI |
BibTeX |
EndNote |
RIS |
Word ]
Formalizing (Web) Standards: An Application of Test and Proof
By Achim D. Brucker and Michael Herzberg.
Most popular technologies are based on informal or semiformal standards that lack a rigid formal semantics. Typical examples include web technologies such as the DOM or HTML, which are defined by the Web Hypertext Application Technology Working Group (WHATWG) and the World Wide Web Consortium (W3C). While there might be API specifications and test cases meant to assert the compliance of a certain implementation, the actual standard is rarely accompanied by a formal model that would lend itself for, e.g., verifying the security or safety properties of real systems.
Even when such a formalization of a standard exists, two important questions arise: first, to what extend does the formal model comply to the standard and, second, to what extend does the implementation comply to the formal model and the assumptions made during the verification? In this paper, we present an approach that brings all three involved artifacts - the (semi-)formal standard, the formalization of the standard, and the implementations - closer together by combining verification, symbolic execution, and specification based testing.
Keywords: Standard Compliance, Compliance Tests, DOM
Supplementary material: [ Slides ]
Please cite this work as follows: A. D. Brucker and M. Herzberg, “Formalizing (web) standards: An application of test and proof,” in TAP 2018: Tests and proofs, C. Dubois and B. Wolff, Eds. Heidelberg: Springer-Verlag, 2018, pp. 159–166. doi: 10.1007/978-3-319-92994-1_9. Author copy: http://logicalhacking.com/publications/brucker.ea-standard-compliance-testing-2018/
BibTeX
@InCollection{ brucker.ea:standard-compliance-testing:2018,
abstract = {Most popular technologies are based on informal or semiformal
standards that lack a rigid formal semantics. Typical examples
include web technologies such as the DOM or HTML, which are
defined by the Web Hypertext Application Technology Working
Group (WHATWG) and the World Wide Web Consortium (W3C). While
there might be API specifications and test cases meant to
assert the compliance of a certain implementation, the actual
standard is rarely accompanied by a formal model that would
lend itself for, e.g., verifying the security or safety
properties of real systems.
Even when such a formalization of a standard exists, two
important questions arise: first, to what extend does the
formal model comply to the standard and, second, to what
extend does the implementation comply to the formal model and
the assumptions made during the verification? In this paper,
we present an approach that brings all three involved
artifacts - the (semi-)formal standard, the formalization of
the standard, and the implementations - closer together by
combining verification, symbolic execution, and specification
based testing.},
keywords = {Standard Compliance, Compliance Tests, DOM},
location = {Toulouse, France},
author = {Achim D. Brucker and Michael Herzberg},
booktitle = {{TAP} 2018: Tests And Proofs},
language = {USenglish},
publisher = {Springer-Verlag },
address = {Heidelberg },
series = {Lecture Notes in Computer Science },
number = {10889},
editor = {Cathrine Dubois and Burkhart Wolff},
title = {Formalizing (Web) Standards: An Application of Test and
Proof},
areas = {formal methods, software engineering},
year = {2018},
doi = {10.1007/978-3-319-92994-1_9},
pages = {159--166},
isbn = {978-3-642-38915-3},
note = {Author copy: \url{http://logicalhacking.com/publications/brucker.ea-standard-compliance-testing-2018/}},
}