Systematic API Testing Through Model Checking and Executable Contracts
Ana Ribeiro, Margarida Mamede, Carla Ferreira
TL;DR
IcePick is a framework that uses model checking and executable contracts to systematically generate API test sequences with strong coverage guarantees, addressing limitations of traditional black-box testing.
Contribution
It introduces IcePick, combining TLA+ modeling, TLC model checking, and a new contract language Glacier to improve API testing coverage and behavioral verification.
Findings
Achieves complete state coverage in API testing scenarios.
Reveals faults in multi-operation API interactions.
Demonstrates scalability and practical applicability on benchmark systems.
Abstract
Automated black-box testing of APIs typically relies on interface specifications that define available operations and data schemas, but offer limited or no behavioural semantics. This semantic gap amplifies the test-oracle problem and limits the generation of effective, stateful call sequences. We introduce IcePick, a framework that achieves systematic state-space coverage for API testing by leveraging model checking. IcePick uses TLA+ to formally model API state evolution, employs the TLC model checker to exhaustively explore reachable states, and generates test sequences that provably cover the behavioural model. To mitigate state-space explosion and improve sequence extraction, we introduce a coverage-guided breadth-first traversal of the TLC state-space graph. To address oracle limitations beyond HTTP status codes, we propose Glacier, a first-order logic contract language that…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.