Andrea Arcuri

Professor - Kristiania, Norway

Verifying the correctness of Web APIs is an expensive, tedious task.

For example, writing test cases to send HTTP requests and verify the responses returned from the APIs requires expertise and time. Automatically generating test cases to find faults and cover requirements would hence be highly beneficial.

In the last few years, advances in Artificial Intelligence techniques have led to few open-source tools that can be used for this task, like EvoMaster, Restler and Schemathesis.

But most testers and developers in industry are still not aware of these existing solutions. This talk will summarise the current state-of-the-art on this exciting testing automation problem, discussing their strengths and limitations. We will briefly as well discuss our direct experience in introducing these techniques in large enterprises such as Meituan and Volkswagen.

What you will Learn

1. Fuzzing Web APIs can be already tried today, with open-source tools
2. Trying out a fuzzer on an OpenAPI schema takes just a few minutes
3. It is quite easy to find bugs when sending unexpected inputs with a fuzzer

This talk was part of our AutomationSTAR Virtual Day 2024. EuroSTAR Huddle shares talks and articles from our community. Check out our library of online talks from test experts and come together with the community in-person at the annual EuroSTAR Software Testing Conference. The EuroSTAR Conference has been running since 1993 and is the largest testing event in Europe, welcoming 1000+ software testers and QA professionals every year.