Web applications such as Google Mail, Facebook and Amazon are used every day. However, so far there are no methods to test them systematically and at low cost for malfunctions and security vulnerabilities. Therefore, computer scientists from Saarland University are working on automatic methods of testing, which check complex web applications autonomously. For the first time, they will present this work at exhibition booth F34 in hall 26 at the computer fair Cebit. The trade show will take place from March 6 to 10 in Hannover.
“Ineffective and inefficient” is Valentin Dallmeier’s assessment of the methods that web developers and responsible project leaders rely on to try to find programming errors and security holes in web applications. Dallmeier is a postdoc working at the software engineering chair of Saarland University. Its main focus is systematic automated debugging. The developed methods are functioning very well with typical computer programs. Dallmeier and his colleague Martin Burger have built on that basis, and aim to develop a software system that will determine automatically why Web 2.0 applications fail.
“This is still done manually and therefore causes not only very high costs, but also high levels of risk for companies and the community,” Burger explains. He refers to an article from last December, which revealed that incorrect programming of the “Facebook” social network made it possible to access saved, private photos of members.
Dallmeier and Burger want to prevent such worst-case scenarios and other breakdowns through their software “Webmate.” Businesses and their responsible web administrators will only have to type in their Web address. Afterwards the system will automatically discover how the different components of the application are connected to each other and via which menus, buttons, and other control panels the users are interacting with the application.
Subsequently, it will generate and carry out test scenarios. If it discovers, for example, that the application is not compatible with a certain version of a browser, or a control panel no longer exists in a new version of the application, the system will inform the developer immediately — likewise if a database is not connected, a server does not respond, or a link is dead. The web developer should be able to repeat this test at any time.
In the future, the service will be offered to companies for a fee. The researchers want to promote the technology through their own business, and hope to receive a patent. They will found their own company within the next few months. Dallmeier, the leader of the project, is confident that it is possible to implement the software system soon. “We have done the basic work over the last three years, and we even did some feasibility studies,” he says. He estimates the market potential in Germany alone to be 120 million Euros annually.