Recent ASERT Presentations
The Advanced Software Engineering Research and Training (ASERT) group at the University of Ottawa has interest in the Suitability of SDL Methodology to Software Engineering, Protocol development, E-Commerce Security, Risk-Based Analysis Testing, and related topics. The group has partnered with several corporate sponsors including Nortel Networks and Telelogic. This page documents recent presentations at group functions.

J2EE E-commerce Testing Using TTCN-3 - Wei Xu, August 20th

The research ties two advanced techniques in the field of e-commerce testing, one is J2EE infrastructure and the other is the new international standard test language- TTCN-3. EXtreme Programming (XP), with its simplicity and vast support in the Java world is becoming more and more popular, as our working target is also a Java application and XP applied to various open source tools in Java, it is an intuitive and natural choice to make it our methodology in this thesis work. A parser for the translation of TTCN-3 test script to Java code is introduced to resolve the learning curve for both TTCN-3 testers and Java developers while both sides can take advantage of the two advanced techniques to improve the quality of e-commerce system. [ Compressed Powerpoint Presentation ]

A Phase Model for E-Commerce Business Models - Tuong Nguyen, August 20th

New e-commerce business models attempts to exploit information technology to overcome the limitations of traditional business model and to lower costs by improving the efficiency of business processes. A basic requirement for their success is security mechanisms against theft or other fraud. This paper presents a simple approach to understanding e-commerce business models by phases in business processes and roles and interactions in each phase. The authors use their model to categorize several typical new business models and then analyze the specific security requirements of these business models and highlight potential threats scenarios and describe their solutions. [ Compressed Powerpoint Presentation ]

ASERT Webpage Structure / Wiki / RSS Feeds - Daniel Carlson, August 14th

This presentation discusses the important qualities of a research project webpage, and it's implementation. The second half of the presentation looks at several interesting web technologies that could be used to create a more dynamic research project webpage. The main technologies focused on are Wiki (community editable webapages) and RSS Feeds (a way of syndicating content using XML documents). [ Compressed Powerpoint Presentation ]

An Introduction to SIP - Professor Os. Monkewich, August 6th

Session Initiation Protocol is designed to facilitate the initiation of interactive communication sessions between users. The protocol makes use proxy servers to coordinate a user's position and forward any incoming messages to user agents that are associated with that user and are avaliable for contact. [ Compressed Powerpoint Presentation ]

SIP Security- Peter Qi Qiu, August 6th

This presentation provides an overview of Session Initiation Protocol (SIP) and its security. The focus is on the security aspect of SIP, including the typical threats, expected security services, security schemes and mechanisms. Finally it discusses the research area for SIP analysis and testing by using formal method. [ Compressed Powerpoint Presentation ]

Risk-Based Regression Testing - Yanping Chen, July 31st

Risk is anything that threatens the successful achievement of a project's goals. Specifically, a risk is an event that has some probability of happening, and will result in some loss if it occurs. The fundamental principle of risk-based testing is to do more thorough testing to those parts of the software system that present the highest risk. In this presentation, we introduce risk-based testing and discuss applying risk analysis to select test cases for regression testing which is essential to ensure software quality. We provide a method of risk-based test case selection, and define corresponding metrics to measure the quality of regression test suites. This approach is a specification-based method. Therefore, it does not have scalability problems as does code-based techniques. It is also easy to implement with test tools, thus, making the regression test process more automated. [ PDF Presentation ]

Testing Web Applications- Pulei Xiong, July 16th

WA design and test are complex tasks that require the integration of different methods and techniques. We propose a multi-approach testing methodology for WAs based on TTCN-3. In the multi-approach, we build models for a WA on the analysis and design level with Extended UML notations. Then we apply various testing methods, such as grey box, black box, and white box, to test the WA based on the models and implementation. We integrate all these methods by specifying derived Test Cases (TCs) on an abstract level using TTCN-3. [ Compressed Powerpoint Presentation ]