A model based testing method for Software Security Assurance
Journal Title: International Journal for Research in Applied Science and Engineering Technology (IJRASET) - Year 2016, Vol 4, Issue 4
Abstract
The importance of software security assurance is growing, but traditional development techniques have not kept pace with this need. New cost-effective tools for software quality and security assurance (SSA) are needed. This is consistent with the possible harm that could be result from the loss, incorrectness, alteration, unavailability, or misuse of the data and resources that uses, controls, and protects. This testing likes a penetration testing model to test the given software model. A penetration test can help verify whether a system is vulnerable to attack, if the defenses were sufficient, and which defenses the test defeated. Given a software model convert into Model-Implementation Description specification. The MID specification uses Petri net to capture both control and data-related requirements for functional testing, access control testing and penetration (pen test) testing with threat models. This model generates test code that can be executed quickly with the implementation under test, presents an automated test generation technique for integrated functional and security level testing of software systems. After generating test cases from the test model according to a given criterion, test code converts the test cases into executable test code by mapping model-level elements into implementation-level constructor. MISTA has implemented test generators for various test coverage criteria of test models, code generators for various scripting and programming languages, and test execution environments such as Java, C, C#, php, visual basic and HTML-Selenium IDE. MISTA has been applied to the functional and security testing of various real-world software systems. Security level testing based on the security assurance components are authentication, authorization, confidentially, availability, integrity and non-repudiation.
Authors and Affiliations
R. Nivesh, Dr. C. Chellappan
Keywords
Related Articles
- EP ID EP22068
- DOI -
- Views 211
- Downloads 4
Density Based Intelligent Traffic Signal System Using PIC Microcontroller
Nowadays congestion in traffic is a serious issue. The traffic congestion can also be caused by large Red light delays, etc. The delay of respective light is hard coded in the traffic light and it is not dependent on tr...
Matrix Converter Technology for Wind Energy Conversion Systems
In recent years, wind energy has become one of the most important and promising sources of renewable energy, which demands additional transmission capacity and better means of maintaining system reliability. The evoluti...
Effect of Parasitic Inductance on Inverter Module Performance
Effect of circuit parasitic inductance is an important consideration in application and characterization of Insulated Gate Bipolar Transistor Module (IGBT). Higher value of parasitic inductance causes higher voltage ove...
Silicon Wafer Technologies: Past & Future
Silicon is now best substrate material for IC technologies. This paper is review about development of wafer technologies in past and future. Also discuss about silicon crystal growth, Silicon on Insulator technologies a...
Wind Energy-An Alternative Energy Source for Future
The purpose of this paper is to provide the real information about Wind Energy, which is energy source of nonconventional type. The nature and behavior of wind is also explained here which is the important factor to deci...