SocialTwist Tell-a-Friend

Comments --

Add

Gcn.com announce New Algorithm Tools by NIST

According to gcn.com, The National Institute of Standards and Technology has developed algorithms for automated testing of the multiple variables in software that can cause security faults, and has released a tutorial for using the tools.
The improper or unexpected interaction of two or more parameters in a piece of software, such as inputs or

Advertisment
My Twitter Friends
Friends: Followers:
SocialTwist Tell-a-Friend

0

Comments

Add

Gcn.com announce New Algorithm Tools by NIST

According to gcn.com, The National Institute of Standards and Technology has developed algorithms for automated testing of the multiple variables in software that can cause security faults, and has released a tutorial for using the tools.

The improper or unexpected interaction of two or more parameters in a piece of software, such as inputs or configuration settings, is a significant cause of security bugs. But testing for these problems has been limited by the cost and complexity of testing the huge number of possible combinations. NIST in 2003 reported that such problems cost the U.S. economy more than $59 billion a year despite the fact that more than half of most software development budgets went toward testing.

Research has shown that in many cases the large majority of such faults, from 89 to 100 percent, are caused by combinations of no more than four variables, and virtually all are caused by no more than six, NIST has reported.

The Automated Combinatorial Testing for Software program is a cooperative effort by NIST, the Air Force, and variousĀ  Universities have produced methods and tools to generate tests for any number of variable combinations. SP 800-142 offers instructions for their use.

For more details visit gcn.com.

IST, the Air Force,