The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Context-aware applications often consist of a middleware and a collection of services, which run autonomously adaptive to the changing environments, where a variety of sensors are installed in physical facilities, with end-users moving around. Testing such context-aware applications is challenging due to the complex interactions among the components, especially for the complicated environment modeling...
To gain an in-depth understanding of the behaviour of a malware, reverse engineers have to disassemble the malware, analyze the resulting assembly code, and then archive the commented assembly code in a malware repository for future reference. In this paper, we have developed an assembly code clone detection system called Bin Clone to identify the code clone fragments from a collection of malware...
Security testing still is a hard task, especially if focusing on non-functional security testing. The two main reasons behind this are, first, at the most a lack of the necessary knowledge required for security testing, second, managing the almost infinite amount of negative test cases, which result from potential security risks. To the best of our knowledge, the issue of the automatic incorporation...
The use of system requirements and their risks enables software testers to identify more important test cases that can reveal faults associated with risky components. Having identified those test cases, software testers can manage the testing schedule more effectively by running such test cases earlier so that they can fix faults sooner. Some work in this area has been done, but the previous approaches...
Modified Condition/Decision Coverage (MC/DC) became widely used in software testing, especially in safety-critical domain. However, existing testing tools often aim at achieving statement or branch coverage and do not support test generation for MC/DC. In this paper, we propose a novel test generation method to find appropriate test data for MC/DC. Specifically, we first extract paths from the target...
Recently code transformations or tailored fitness functions are adopted to achieve coverage (structural or logical criterion) driven testing to ensure software reliability. However, some internal threats like negative impacts on underlying search strategies or local maximum exist. So we propose a dynamic symbolic execution (DSE) based framework combined with a path filtering algorithm and a new heuristic...
In this paper we introduce SeTGaM, a Model-Based Regression Testing (MBRT) approach based on UML/OCL behavioral models. SeTGaM is a test selection and classification approach that also generates new tests to cover new functionalities of a new version of a system. We extract the behavior of the system from guards/transitions of state charts or pre/post conditions in operations of class diagrams to...
Under the increasing complexity and time-to-market pressures, functional validation is becoming a major bottleneck of smartphone applications running on mobile platforms (e.g., Android, iOS). Due to the GUI (Graphical User Interface) intensive nature, the execution of smartphone applications heavily relies on the interactions with users. Manual GUI testing is extremely slow and unacceptably expensive...
Testing-as-a-Service (TaaS) in a cloud environment can leverage the computation power provided by the cloud. Specifically, testing can be scaled to large and dynamic workloads, executed in a distributed environment with hundreds of thousands of processors, and these processors may support concurrent and distributed test execution and analysis. TaaS may be implemented as SaaS and used to test SaaS...
Search-based test generators, such as those using genetic algorithms and alternative variable methods, can automatically generate test inputs. They typically rely on fitness functions to calculate fitness scores for guiding the search process. This paper presents a novel rule-based testing (RBT) approach to automated generation of test inputs from Java byte code without using fitness functions. It...
Erasure codes are applied in distributed storage systems for fault-tolerance with lower storage overhead than replications. Later, decentralized erasure codes are proposed for decentralized or loosely-organized storage systems. Repair mechanisms aim at maintaining redundancy over time such that stored data are still retrievable. Two recent repair mechanisms, Noop and Coop, are designed for decentralized...
Multiple Security Domains Nondeducibility, MSDND, yields results even when the attack hides important information from electronic monitors and human operators. Because MSDND is based upon modal frames, it is able to analyze the event system as it progresses rather than relying on traces of the system. Not only does it provide results as the system evolves, MSDND can point out attacks designed to be...
The importance of safety-critical systems is increasing, as seen with the terrible accidents recently occurring in nuclear power plants and with airplanes. To ensure the safety of those systems, system engineers should consider how to prevent system hazards during the design phase of system development. Although existing techniques such as event tree analysis and cause-consequence analysis provide...
This research describes a novel security metric, network taint, which is related to software taint analysis. We use it here to bound the possible malicious influence of a known compromised node through monitoring and evaluating network flows. The result is a dynamically changing defense-in-depth map that shows threat level indicators gleaned from monotonically decreasing threat chains. We augment...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.