Automated Methods for Cyber Test and Evaluation
MetadataShow full item record
Cyber security of mission-critical software is a relatively new concern that is difficult to measure and hence difficult to incorporate effectively in software development contracts. The DoD has typically relied on black-box approaches to software testing. However, cyber vulnerabilities, particularly those deliberately injected into systems, are often statistically invisible with respect to affordable levels of black-box testing, which implies that they cannot be effectively detected using conventional testing techniques. This motivates augmenting traditional testing approaches with additional types of test and analysis procedures. This paper explores application of automated testing and other automated analysis methods to reduce cyber risks. We analyze several types of undesirable software behaviors and identify automated methods that could detect them within practical limits on time and computational resources.
RightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
NPS Report NumberSYM-AM-18-091
Showing items related by title, author, creator and subject.
Davis, Edward V., Jr. (Monterey, California: Naval Postgraduate School, 1990-12);Rapid prototyping is emerging as a promising software development paradigm. It provides a systematic and automatable means of developing a software system under circumstances where initial requirements are not well known ...
Eatinger, Christopher J. (Monterey, California. Naval Postgraduate School, 2007-06);Software testing is a crucial step in the development of any software system, large or small. Testing can reveal the presence of logic errors and other flaws in the code that could cripple the system's effectiveness. Many ...
Dennison, Thomas E. (Monterey, California. Naval Postgraduate School, 1992-03);The cost of system operational testing is steadily increasing. It is desirable for the software manager to know if the software is sufficiently well developed or reliable to support such testing. Current software reliability ...