Prioritising security tests on large-scale and distributed software development projects by using self-organised maps

Abstract

Large-scale and distributed software development initiatives demand a systematic testing process in order to prevent failures. Significant amount of resources are usually allocated on testing. Like any development and designing task, testing activities have to be prioritised in order to efficiently validate the produced code. By using source code complexity measurement, Computational Intelligence and Image Processing techniques, this research presents a new approach to prioritise testing efforts on large-scale and distributed software projects. The proposed technique was validated by automatically highlighting sensitive code within the Linux device drivers source code base. Our algorithm was able to classify 3, 077 from 35, 091 procedures as critical code to be tested. We argue that the approach is general enough to prioritise test tasks of most critical large-scale and distributed developed software such as: Operating Systems, Enterprise Resource Planning and Content Management systems.