An Applicable Family of Data Flow Testing Criteria
IEEE Transactions on Software Engineering
GENOA: a customizable language- and front-end independent code analyzer
ICSE '92 Proceedings of the 14th international conference on Software engineering
Dominators, super blocks, and program coverage
POPL '94 Proceedings of the 21st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
An introduction to computational learning theory
An introduction to computational learning theory
EEL: machine-independent executable editing
PLDI '95 Proceedings of the ACM SIGPLAN 1995 conference on Programming language design and implementation
Decompilation of binary programs
Software—Practice & Experience
Computer related risks
Proceedings of the 29th annual ACM/IEEE international symposium on Microarchitecture
Specifying representations of machine instructions
ACM Transactions on Programming Languages and Systems (TOPLAS)
Experiments of the effectiveness of dataflow- and controlflow-based test adequacy criteria
ICSE '94 Proceedings of the 16th international conference on Software engineering
Further empirical studies of test effectiveness
SIGSOFT '98/FSE-6 Proceedings of the 6th ACM SIGSOFT international symposium on Foundations of software engineering
Techniques for trusted software engineering
Proceedings of the 20th international conference on Software engineering
Handbook of Applied Cryptography
Handbook of Applied Cryptography
A Formal Analysis of the Fault-Detecting Ability of Testing Methods
IEEE Transactions on Software Engineering
An Experimental Comparison of the Effectiveness of Branch Testing and Data Flow Testing
IEEE Transactions on Software Engineering
Partial Automation of an Integrated Reverse Engineering Environment of Binary Code
WCRE '96 Proceedings of the 3rd Working Conference on Reverse Engineering (WCRE '96)
Secure coprocessors in electronic commerce applications
WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
Proceedings of the Conference on The Future of Software Engineering
Software engineering for security: a roadmap
Proceedings of the Conference on The Future of Software Engineering
Evaluation of debug-testing efficiency by duplication of the detected fault and delay time of repair
Information Sciences—Informatics and Computer Science: An International Journal
Hi-index | 0.01 |
The market for software components is growing, driven on the 驴demand side驴 by the need for rapid deployment of highly functional products and, on the 驴supply side,驴 by distributed object standards. As components and component vendors proliferate, there is naturally a growing concern about quality and the effectiveness of testing processes. White-box testing, particularly the use of coverage criteria, is a widely used method for measuring the 驴thoroughness驴 of testing efforts. High levels of test coverage are used as indicators of good quality control procedures. Software vendors who can demonstrate high levels of test coverage have a credible claim to high quality. However, verifying such claims involves knowledge of the source code, test cases, build procedures, etc. In applications where reliability and quality are critical, it would be desirable to verify test coverage claims without forcing vendors to give up valuable technical secrets. In this paper, we explore cryptographic techniques that can be used to verify such claims. Our techniques have certain limitations, which we discuss in this paper. However, vendors who have done the hard work of developing high levels of test coverage can use these techniques (for a modest additional cost) to provide credible evidence of high coverage, while simultaneously reducing disclosure of intellectual property.