Automated detection of critical code in composite web services

One of the important goals of the software development process is to verify that the produced system always meets the predefined requirements. However, current testing approaches on web services composition involve several manual tasks and, hence, are error-prone and costly. Furthermore, composite web services impose additional analysis complexity as they are consumed by a plethora of clients having different desires. This provides frequent changes within composite services. Therefore, it is inevitable to provide tools and mechanisms that enable efficient and effective detection of critical codes within these complex systems. In this paper, we developed a formalbased framework namely ADCC (Automated Detection of Critical Code) framework that takes as input a composite WS and a security policy and automatically detect critical sections of the code that should be tested.