Abstract
Many security problems only become apparent after software is deployed, and in many cases a failure has occurred prior to the awareness of the problem. Although many would argue that the simpler solution to the problem would be to test the software before deploying it. Although we support this argument, we understand that it is not necessarily applicable in a modern development environment. Software testing is labor intensive and is very expensive from a time and cost perspective. While much research has been undertake to automate software testing, very little has been directed at security testing. Additionally, the majority of these efforts have targeted low-level security (safety) instead of high-level security. In this paper, we present elements of a solution towards automation of testing security properties and for the generation of test data suites for detecting security vulnerabilities in software. © 2008 Springer-Verlag Berlin Heidelberg.
Author supplied keywords
Cite
CITATION STYLE
Hanna, A., Ling, H. Z., Furlong, J., & Debbabi, M. (2008). Towards automation of testing high-level security properties. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5094 LNCS, pp. 268–282). https://doi.org/10.1007/978-3-540-70567-3_21
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
