Software fault injection: inoculating programs against errors
Software fault injection: inoculating programs against errors
Trust (and mistrust) in secure applications
Communications of the ACM
Programming Applications for Microsoft Windows with Cdrom
Programming Applications for Microsoft Windows with Cdrom
IEEE Software
IEEE Security and Privacy
Queue - Distributed Development
Rules of thumb for secure software engineering
Proceedings of the 27th international conference on Software engineering
Semi-automated detection of architectural threats for security testing
Proceedings of the doctoral symposium for ESEC/FSE on Doctoral symposium
Logical Specification and Analysis of Fault Tolerant Systems Through Partial Model Checking
Electronic Notes in Theoretical Computer Science (ENTCS)
A model-based attack injection approach for security validation
Proceedings of the 4th international conference on Security of information and networks
Enabling security testing from specification to code
IFM'05 Proceedings of the 5th international conference on Integrated Formal Methods
CONFU: Configuration Fuzzing Testing Framework for Software Vulnerability Detection
International Journal of Secure Software Engineering
| Hi-index | 0.00 |
Traditional Black box software testing can be effective at exposing some classes of software failures. Security class failures, however, do not tend to manifest readily using these techniques. The problem is that many security failures occur in stressed environments, which appear in the field, but are often neglected during testing because of the difficulty to simulate these conditions. Software can only be considered secure if it behaves securely under all operating environments. Hostile environment testing must thus be a part of any overall testing strategy. This paper describes this necessity and a black box approach for creating such environments in order to expose security vulnerabilities.