pdfreaders.org

Formalizing (Web) Standards: An Application of Test and Proof

by Achim D. Brucker and Michael Herzberg

Cover for brucker.ea:standard-compliance-testing:2018.Most popular technologies are based on informal or semiformal standards that lack a rigid formal semantics. Typical examples include web technologies such as the DOM or HTML, which are defined by the Web Hypertext Application Technology Working Group (WHATWG) and the World Wide Web Consortium (W3C). While there might be API specifications and test cases meant to assert the compliance of a certain implementation, the actual standard is rarely accompanied by a formal model that would lend itself for, e.g., verifying the security or safety properties of real systems.

Even when such a formalization of a standard exists, two important questions arise: first, to what extend does the formal model comply to the standard and, second, to what extend does the implementation comply to the formal model and the assumptions made during the verification? In this paper, we present an approach that brings all three involved artifacts - the (semi-)formal standard, the formalization of the standard, and the implementations - closer together by combining verification, symbolic execution, and specification based testing.

Keywords: standard compliance, compliance tests, DOM
Categories: ,
Documents: (full text as PDF file) (slides) (handout)

QR Code for brucker.ea:standard-compliance-testing:2018.Please cite this article as follows:
Achim D. Brucker and Michael Herzberg. Formalizing (Web) Standards: An Application of Test and Proof. In TAP 2018: Tests And Proofs. Lecture Notes in Computer Science (10889), pages 159-166, Springer-Verlag, 2018.
Keywords: standard compliance, compliance tests, DOM
(full text as PDF file) (BibTeX) (Endnote) (RIS) (Word) (doi:10.1007/978-3-319-92994-1_9) (Share article on LinkedIn. Share article on CiteULike. )

BibTeX
@InCollection{ brucker.ea:standard-compliance-testing:2018,
abstract = {Most popular technologies are based on informal or semiformal standards that lack a rigid formal semantics. Typical examples include web technologies such as the DOM or HTML, which are defined by the Web Hypertext Application Technology Working Group (WHATWG) and the World Wide Web Consortium (W3C). While there might be API specifications and test cases meant to assert the compliance of a certain implementation, the actual standard is rarely accompanied by a formal model that would lend itself for, e.g., verifying the security or safety properties of real systems.\\\\Even when such a formalization of a standard exists, two important questions arise: first, to what extend does the formal model comply to the standard and, second, to what extend does the implementation comply to the formal model and the assumptions made during the verification? In this paper, we present an approach that brings all three involved artifacts - the (semi-)formal standard, the formalization of the standard, and the implementations - closer together by combining verification, symbolic execution, and specification based testing.},
address = {Heidelberg},
author = {Achim D. Brucker and Michael Herzberg},
booktitle = {{TAP} 2018: Tests And Proofs},
doi = {10.1007/978-3-319-92994-1_9},
editor = {Cathrine Dubois and Burkhart Wolff},
isbn = {978-3-642-38915-3},
keywords = {standard compliance, compliance tests, DOM},
language = {USenglish},
location = {Toulouse, France},
number = {10889},
pages = {159--166},
pdf = {https://www.brucker.ch/bibliography/download/2018/brucker.ea-standard-compliance-testing-2018.pdf},
publisher = {Springer-Verlag},
series = {Lecture Notes in Computer Science},
talk = {talk:brucker.ea:standard-compliance-testing:2018},
title = {Formalizing (Web) Standards: An Application of Test and Proof},
url = {https://www.brucker.ch/bibliography/abstract/brucker.ea-standard-compliance-testing-2018},
year = {2018},
}