A model based testing method for Software Security Assurance
Journal Title: International Journal for Research in Applied Science and Engineering Technology (IJRASET) - Year 2016, Vol 4, Issue 4
Abstract
The importance of software security assurance is growing, but traditional development techniques have not kept pace with this need. New cost-effective tools for software quality and security assurance (SSA) are needed. This is consistent with the possible harm that could be result from the loss, incorrectness, alteration, unavailability, or misuse of the data and resources that uses, controls, and protects. This testing likes a penetration testing model to test the given software model. A penetration test can help verify whether a system is vulnerable to attack, if the defenses were sufficient, and which defenses the test defeated. Given a software model convert into Model-Implementation Description specification. The MID specification uses Petri net to capture both control and data-related requirements for functional testing, access control testing and penetration (pen test) testing with threat models. This model generates test code that can be executed quickly with the implementation under test, presents an automated test generation technique for integrated functional and security level testing of software systems. After generating test cases from the test model according to a given criterion, test code converts the test cases into executable test code by mapping model-level elements into implementation-level constructor. MISTA has implemented test generators for various test coverage criteria of test models, code generators for various scripting and programming languages, and test execution environments such as Java, C, C#, php, visual basic and HTML-Selenium IDE. MISTA has been applied to the functional and security testing of various real-world software systems. Security level testing based on the security assurance components are authentication, authorization, confidentially, availability, integrity and non-repudiation.
Authors and Affiliations
R. Nivesh, Dr. C. Chellappan
Keywords
Related Articles
- EP ID EP22068
- DOI -
- Views 212
- Downloads 4
Design of Auto Level Crossing and Signal Indicating System
The main objective of this paper is to overcome the major issues in Indian Railways. In essence to do the project we need to scrutinize the Research papers, newspapers and internet. In that we notice many dreadful rail-...
A Study On Financial Performance Of Cement Companies In India With Reference to Ultratech Cement Limited and OCL India Limited - A Comparative Analysis
India is the second largest producer of cement in the world. Cement production increased at a compound annual growth rate (CAGR) of 9.7 per cent in the period 2006– 2013, producing 272 million tonnes (MT). In this study...
Enrichment Analysis for Gene Dataset
Enrichment Analysis is carried out for gene expression analysis. Many genes do not obey the central dogma, there are variations in level of expression at each step of the central dogma. Upregulated and downregulated gen...
Comparative Study on IEEE 802.11 N/AC/AD for WLAN
Wireless communication is one of the essential technology in the modern era . From the beginning communication is the part of our life, which is in the form of either analog or digital, can be used in radios , mobile ph...
Corrosion Inhibition of Rumex Vesicarius Extract on Stainless Steel 304 in Hydrochloric Acid Solution
Stainless steel 304 (SS 304) is corrosion restraint in 2 M HCl by Rumex Vesicarius (RV) extract. This is studied using electrochemical (such as potentiodynamic polarization (PP), electrochemical frequency modulation (EF...