Fault Injection for Dependability Validation: A Methodology and Some Applications
IEEE Transactions on Software Engineering
Constraint-Based Automatic Test Data Generation
IEEE Transactions on Software Engineering
PIE: A Dynamic Failure-Based Technique
IEEE Transactions on Software Engineering
Software error analysis: a real case study involving real faults and mutations
ISSTA '96 Proceedings of the 1996 ACM SIGSOFT international symposium on Software testing and analysis
Computer
An Empirical Study of Testing and Integration Strategies Using Artificial Software Systems
IEEE Transactions on Software Engineering
A Constant Perturbation Method for Evaluation of Structural Diversity in Multiversion Software
SAFECOMP '00 Proceedings of the 19th International Conference on Computer Safety, Reliability and Security
COTS Software Failures: Can Anything be Done?
ASSET '98 Proceedings of the 1998 IEEE Workshop on Application - Specific Software Engineering and Technology
An Approach to Measuring and Assessing Dependability for Critical Software Systems
ISSRE '97 Proceedings of the Eighth International Symposium on Software Reliability Engineering
Testing Software Requirements with Z and Statecharts Applied to an Embedded Control Systemt0t1
Software Quality Control
Testing network-based intrusion detection signatures using mutant exploits
Proceedings of the 11th ACM conference on Computer and communications security
Quantitative software security risk assessment model
Proceedings of the 2007 ACM workshop on Quality of protection
Using failure injection mechanisms to experiment and evaluate a grid failure detector
VECPAR'06 Proceedings of the 7th international conference on High performance computing for computational science
An empirical validation of a web fault taxonomy and its usage for web testing
Journal of Web Engineering
ICISS'05 Proceedings of the First international conference on Information Systems Security
Hi-index | 4.10 |
Software developers are living in a liability grace period, but it won't last. To adequately insure themselves against potential liability, developers need tools to identify worst-case scenarios and help them quantify the risks associated with a piece of software. For assessing such risks associated with software, the authors recommend fault injection, which provides worst-case predictions about how badly a piece of code might behave and how frequently it might behave that way. By contrast, software testing states how good software is. But even correct code can have "bad days," when external influences keep it from working as desired. Fault injection is arguably the next best thing to having a crystal ball, and it certainly beats facing the future with no predictions at all. It should be a regular part of risk assessment. The greatest benefit from fault injection occurs when a piece of software does not tolerate injected anomalies. False optimism gives way to the only honest claim-that the software presents risks.