This paper studies the software scenario testing, which is commonly used in black-box testing at present. In the paper, the workflow model based on task-driven, which is very common in scenario testing, is analyzed. A...This paper studies the software scenario testing, which is commonly used in black-box testing at present. In the paper, the workflow model based on task-driven, which is very common in scenario testing, is analyzed. According to test adequacy criteria in scenario testing, the model is designed to correspond test cases in the light of logic block(LB). The final test cases that conform to the test adequacy criteria can be obtained through test case combination and test case reduction. In the last part of the paper, example of actual workflow is to design the efficient test case. Therefore the method is proved to be effective.展开更多
Generally,software testing is considered as a proficient technique to achieve improvement in quality and reliability of the software.But,the quality of test cases has a considerable influence on fault revealing capabi...Generally,software testing is considered as a proficient technique to achieve improvement in quality and reliability of the software.But,the quality of test cases has a considerable influence on fault revealing capability of software testing activity.Test Case Prioritization(TCP)remains a challenging issue since prioritizing test cases is unsatisfactory in terms of Average Percentage of Faults Detected(APFD)and time spent upon execution results.TCP ismainly intended to design a collection of test cases that can accomplish early optimization using preferred characteristics.The studies conducted earlier focused on prioritizing the available test cases in accelerating fault detection rate during software testing.In this aspect,the current study designs aModified Harris Hawks Optimization based TCP(MHHO-TCP)technique for software testing.The aim of the proposed MHHO-TCP technique is to maximize APFD and minimize the overall execution time.In addition,MHHO algorithm is designed to boost the exploration and exploitation abilities of conventional HHO algorithm.In order to validate the enhanced efficiency of MHHO-TCP technique,a wide range of simulations was conducted on different benchmark programs and the results were examined under several aspects.The experimental outcomes highlight the improved efficiency of MHHO-TCP technique over recent approaches under different measures.展开更多
Software testing is an important means to assure the software quality. This paper presents a practicable method to generate test cases of software testing, which is operational and high efficient. We discuss the ident...Software testing is an important means to assure the software quality. This paper presents a practicable method to generate test cases of software testing, which is operational and high efficient. We discuss the identification of software specification categories and choices and make a classification tree. Based on the orthogonal array, it is easy to generate test cases. The number of this method is less than that of all combination of the choices.展开更多
The reliability of real-time embedded software directly determines the reliability of the whole real-time embedded sys- tem, and the effective software testing is an important way to ensure software quality and reliab...The reliability of real-time embedded software directly determines the reliability of the whole real-time embedded sys- tem, and the effective software testing is an important way to ensure software quality and reliability. Based on the analysis of the characteristics of real-time embedded software, the formal method is introduced into the real-time embedded software testing field and the real-time extended finite state machine (RT-EFSM) model is studied firstly. Then, the time zone division method of real-time embedded system is presented and the definition and description methods of time-constrained transition equivalence class (timeCTEC) are presented. Furthermore, the approaches of the testing sequence and test case generation are put forward. Finally, the proposed method is applied to a typical avionics real- time embedded software testing practice and the examples of the timeCTEC, testing sequences and test cases are given. With the analysis of the testing result, the application verification shows that the proposed method can effectively describe the real-time embedded software state transition characteristics and real-time requirements and play the advantages of the formal methods in accuracy, effectiveness and the automation supporting. Combined with the testing platform, the real-time, closed loop and automated simulation testing for real-time embedded software can be realized effectively.展开更多
Software operational profile (SOP) is used in software reliability prediction, software quality assessment, performance analysis of software, test case allocation, determination of "when to stop testing," etc. Due...Software operational profile (SOP) is used in software reliability prediction, software quality assessment, performance analysis of software, test case allocation, determination of "when to stop testing," etc. Due to the limited data resources and large efforts required to collect and convert the gathered data into point estimates, reluctance is observed by the software professionals to develop the SOP. A framework is proposed to develop SOP using fuzzy logic, which requires usage data in the form of linguistics. The resulting profile is named fuzzy software operational profile (FSOP). Based on this work, this paper proposes a generalized approach for the allocation of test cases, in which occurrence probability of operations obtained from FSOP are combined with the criticality of the operations using fuzzy inference system (FIS). Traditional methods for the allocation of test cases do not consider the application in which software operates. This is intuitively incorrect. To solve this problem, allocation of test cases with respect to software application using the FIS model is also proposed in this paper.展开更多
Test complexity and test adequacy are frequently raised by software developers and testing agents.However,there is little research works at this aspect on specification-based testing at the use case description level....Test complexity and test adequacy are frequently raised by software developers and testing agents.However,there is little research works at this aspect on specification-based testing at the use case description level.Thus,this research proposes an automatic test cases generator approach to reduce the test complexity and to enhance the percentage of test coverage.First,to support the infrastructure for performing automatic,this proposed approach refines the use cases using use case describing template and save it in the text file.Then,the saved file is input to the Algorithm of Control Flow Diagram(ACFD)to convert use case details to a control flow diagram.After that,the Proposed Tool of Generating Test Paths(PTGTP)is used to generate test cases from the control flow diagram.Finally,the genetic algorithm associated with transition coverage is adapted to optimize and evaluate the adequacy of such test cases.A money withdrawal use case in the ATM system is used as an ongoing case study.Preliminary results show that the generated test cases achieve high coverage with an optimal test case.This automatic test case generation approach is effective and efficient.Therefore,it could promote to use other test case coverage criteria.展开更多
Software test case optimization improves the efficiency of the software by proper structure and reduces the fault in the software.The existing research applies various optimization methods such as Genetic Algorithm,Cr...Software test case optimization improves the efficiency of the software by proper structure and reduces the fault in the software.The existing research applies various optimization methods such as Genetic Algorithm,Crow Search Algorithm,Ant Colony Optimization,etc.,for test case optimization.The existing methods have limitations of lower efficiency in fault diagnosis,higher computa-tional time,and high memory requirement.The existing methods have lower effi-ciency in software test case optimization when the number of test cases is high.This research proposes the Tournament Winner Genetic Algorithm(TW-GA)method to improve the efficiency of software test case optimization.Hospital Information System(HIS)software was used to evaluate TW-GA model perfor-mance in test case optimization.The tournament Winner in the proposed method selects the instances with the best fitness values and increases the exploitation of the search to find the optimal solution.The TW-GA method has higher exploita-tion that helps to find the mutant and equivalent mutation that significantly increases fault diagnosis in the software.The TW-GA method discards the infor-mation with a lower fitness value that reduces the computational time and mem-ory requirement.The TW-GA method requires 5.47 s and the MOCSFO method requires 30 s for software test case optimization.展开更多
At first, the core ideology, advantage and principle of Software Testing Automation Framework (STAF) are presented in this paper. Several automated testing frameworks are summarized and analyzed. In addition, date dri...At first, the core ideology, advantage and principle of Software Testing Automation Framework (STAF) are presented in this paper. Several automated testing frameworks are summarized and analyzed. In addition, date driven automation test framework is given more attention. Test script is the important composing part of software test automation. Then this paper introduces several technologies of script along with their characteristics. Every technology applies to different places. Moreover, an automated test system with an automated test script language XML which is implemented to solve the problems in current automatic testing solutions. The design and implantation of the test script automation framework based on apache ant is put forward. The proposed key technology details of framework are also introduced. We take the automation test methodology of database connectivity operations by ODBC data source as example for validation, using auto test script as the key technology. Finally, the results demonstrate that it can best increase software test effectiveness and reduce workloads as well as save more efforts.展开更多
Unified modeling language (UML) is a powerful graphical modeling language with intuitional meaning. It provides various diagrams to depict system characteristics and complex environment from different viewpoints and...Unified modeling language (UML) is a powerful graphical modeling language with intuitional meaning. It provides various diagrams to depict system characteristics and complex environment from different viewpoints and different application layers. UML-based software development and modeling environments have been widely accepted in industry, including areas in which safety is an important issue such as spaceflight, defense, automobile, etc. To ensure and improve software quality becomes a main concern in the field. As one of the key techniques for software quality, software testing can effectively detect system faults. UML based software testing based is an important research direction in software engineering. The key to software testing is the generation of test cases. This dissertation studies an approach to generating test cases from UML statecharts.展开更多
Aiming to improve the Structured Query Language( SQL) injection penetration test accuracy through the formalismguided test case generation,an attack purpose based attack tree model of SQL injection is proposed,and the...Aiming to improve the Structured Query Language( SQL) injection penetration test accuracy through the formalismguided test case generation,an attack purpose based attack tree model of SQL injection is proposed,and then under the guidance of this model, the formal descriptions for the SQL injection vulnerability feature and SQL injection attack inputs are established. Moreover,according to new coverage criteria,these models are instantiated and the executable test cases are generated.Experiments show that compared with the random enumerated test case used in other works,the test case generated by our method can detect the SQL injection vulnerability more effectively. Therefore,the false negative is reduced and the test accuracy is improved.展开更多
Internet-of-Things(IoT)has attained a major share in embedded software development.The new era of specialized intelligent systems requires adaptation of customized software engineering approaches.Currently,software en...Internet-of-Things(IoT)has attained a major share in embedded software development.The new era of specialized intelligent systems requires adaptation of customized software engineering approaches.Currently,software engineering has merged the development phases with the technologies provided by industrial automation.The improvements are still required in testing phase for the software developed to IoT solutions.This research aims to assist in developing the testing strategies for IoT applications,therein ontology has been adopted as a knowledge representation technique to different software engineering processes.The proposed ontological model renders 101 methodology by using Protégé.After completion,the ontology was evaluated in three-dimensional view by the domain experts of software testing,IoT and ontology engineering.Satisfied results of the research are showed in interest of the specialists regarding proposed ontology development and suggestions for improvements.The Proposed reasoning-based ontological model for development of testing strategies in IoT application contributes to increase the general understanding of tests in addition to assisting for the development of testing strategies for different IoT devices.展开更多
In recent years large corporations as well as smaller commercial enterprises have begun to devote increased attention to software testing and software quality. This paper introduces a novel tool—the Framework for Ext...In recent years large corporations as well as smaller commercial enterprises have begun to devote increased attention to software testing and software quality. This paper introduces a novel tool—the Framework for Extensible Application Testing (FEAT), implemented by the author and applicable for automatic generation and execution of test cases. The paper discusses system requirements, design, architecture and modes of operation. It also contains a detailed comparison of the FEAT framework with existing test environments, focusing in particular on the STAF/STAX framework. The final section is devoted to experimental research into the applicability and efficiency of the presented tools in various projects and configurations, as reflected by quality metrics.展开更多
The techniques of test case prioritization schedule the execution order of test cases to attain respective target, such as enhanced level of forecasting the fault. The requirement of the prioritization can be viewed a...The techniques of test case prioritization schedule the execution order of test cases to attain respective target, such as enhanced level of forecasting the fault. The requirement of the prioritization can be viewed as the en-route for deriving an order of relation on a given set of test cases which results from regression testing. Alteration of programs between the versions can cause more test cases which may respond differently to following versions of software. In this, a fixed approach to prioritizing test cases avoids the preceding drawbacks. The JUnit test case prioritization techniques operating in the absence of coverage information, differs from existing dynamic coverage-based test case prioritization techniques. Further, the prioritization test cases relying on coverage information were projected from fixed structures relatively other than gathered instrumentation and execution.展开更多
Selection of test cases plays a key role in improving testing efficiency. Black-box testing is an important way of testing, and its validity lies on the selection of test cases in some sense. A reasonable and effectiv...Selection of test cases plays a key role in improving testing efficiency. Black-box testing is an important way of testing, and its validity lies on the selection of test cases in some sense. A reasonable and effective method about the selection and generation of test cases is urgently needed. This letter first introduces some usualmethods on black-box test case generation,then proposes a new algorithm based on interface parameters and discusses its properties, finally shows the effectiveness of the algorithm.展开更多
A more automated graphic user interface (GUI) test model, which is based on the event-flow graph, is proposed. In the model, a user interface automation API tool is first used to carry out reverse engineering for a GU...A more automated graphic user interface (GUI) test model, which is based on the event-flow graph, is proposed. In the model, a user interface automation API tool is first used to carry out reverse engineering for a GUI test sample so as to obtain the event-flow graph. Then two approaches are adopted to create GUI test sample cases. That is to say, an improved ant colony optimization (ACO) algorithm is employed to establish a sequence of testing cases in the course of the daily smoke test. The sequence goes through all object event points in the event-flow graph. On the other hand, the spanning tree obtained by deep breadth-first search (BFS) approach is utilized to obtain the testing cases from goal point to outset point in the course of the deep regression test. Finally, these cases are applied to test the new GUI. Moreover, according to the above-mentioned model, a corresponding prototype system based on Microsoft UI automation framework is developed, thus giving a more effective way to improve the GUI automation test in Windows OS.展开更多
A software security testing behavior model,SETAM,was proposed in our previous work as the integrated model for describing software security testing requirements behavior,which is not only compatible with security func...A software security testing behavior model,SETAM,was proposed in our previous work as the integrated model for describing software security testing requirements behavior,which is not only compatible with security functions and latent typical misuse behaviors,but also with the interaction of them.In this paper,we analyze the differences between SETAM with security use case and security misuse case in different types of security test requirements.To illustrate the effectiveness of SETAM,we compare them in a practical case study by the number of test cases and the number of faults detected by them.The results show that SETAM could decrease about 34.87% use cases on average,and the number of faults detected by SETAM increased by 71.67% in average,which means that our model can detect more faults with fewer test cases for software security testing.展开更多
基金National Torch Project, China ( No. 2009GH510068 )National High-Tech R & D Program of China ( 863 ) ( No.2007AA010401)
文摘This paper studies the software scenario testing, which is commonly used in black-box testing at present. In the paper, the workflow model based on task-driven, which is very common in scenario testing, is analyzed. According to test adequacy criteria in scenario testing, the model is designed to correspond test cases in the light of logic block(LB). The final test cases that conform to the test adequacy criteria can be obtained through test case combination and test case reduction. In the last part of the paper, example of actual workflow is to design the efficient test case. Therefore the method is proved to be effective.
基金The authors extend their appreciation to the Deanship of Scientific Research at King Khalid University for funding this work under Grant Number(RGP.1/127/42)Princess Nourah bint Abdulrahman University Researchers Supporting Project Number(PNURSP2022R237),Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘Generally,software testing is considered as a proficient technique to achieve improvement in quality and reliability of the software.But,the quality of test cases has a considerable influence on fault revealing capability of software testing activity.Test Case Prioritization(TCP)remains a challenging issue since prioritizing test cases is unsatisfactory in terms of Average Percentage of Faults Detected(APFD)and time spent upon execution results.TCP ismainly intended to design a collection of test cases that can accomplish early optimization using preferred characteristics.The studies conducted earlier focused on prioritizing the available test cases in accelerating fault detection rate during software testing.In this aspect,the current study designs aModified Harris Hawks Optimization based TCP(MHHO-TCP)technique for software testing.The aim of the proposed MHHO-TCP technique is to maximize APFD and minimize the overall execution time.In addition,MHHO algorithm is designed to boost the exploration and exploitation abilities of conventional HHO algorithm.In order to validate the enhanced efficiency of MHHO-TCP technique,a wide range of simulations was conducted on different benchmark programs and the results were examined under several aspects.The experimental outcomes highlight the improved efficiency of MHHO-TCP technique over recent approaches under different measures.
基金the Aviation Science Foundation of China( Grant No.02F15001)the National Natural Science Foundation of China( Grant No.60674100)
文摘Software testing is an important means to assure the software quality. This paper presents a practicable method to generate test cases of software testing, which is operational and high efficient. We discuss the identification of software specification categories and choices and make a classification tree. Based on the orthogonal array, it is easy to generate test cases. The number of this method is less than that of all combination of the choices.
基金supported by the Aviation Science Foundation of China
文摘The reliability of real-time embedded software directly determines the reliability of the whole real-time embedded sys- tem, and the effective software testing is an important way to ensure software quality and reliability. Based on the analysis of the characteristics of real-time embedded software, the formal method is introduced into the real-time embedded software testing field and the real-time extended finite state machine (RT-EFSM) model is studied firstly. Then, the time zone division method of real-time embedded system is presented and the definition and description methods of time-constrained transition equivalence class (timeCTEC) are presented. Furthermore, the approaches of the testing sequence and test case generation are put forward. Finally, the proposed method is applied to a typical avionics real- time embedded software testing practice and the examples of the timeCTEC, testing sequences and test cases are given. With the analysis of the testing result, the application verification shows that the proposed method can effectively describe the real-time embedded software state transition characteristics and real-time requirements and play the advantages of the formal methods in accuracy, effectiveness and the automation supporting. Combined with the testing platform, the real-time, closed loop and automated simulation testing for real-time embedded software can be realized effectively.
文摘Software operational profile (SOP) is used in software reliability prediction, software quality assessment, performance analysis of software, test case allocation, determination of "when to stop testing," etc. Due to the limited data resources and large efforts required to collect and convert the gathered data into point estimates, reluctance is observed by the software professionals to develop the SOP. A framework is proposed to develop SOP using fuzzy logic, which requires usage data in the form of linguistics. The resulting profile is named fuzzy software operational profile (FSOP). Based on this work, this paper proposes a generalized approach for the allocation of test cases, in which occurrence probability of operations obtained from FSOP are combined with the criticality of the operations using fuzzy inference system (FIS). Traditional methods for the allocation of test cases do not consider the application in which software operates. This is intuitively incorrect. To solve this problem, allocation of test cases with respect to software application using the FIS model is also proposed in this paper.
文摘Test complexity and test adequacy are frequently raised by software developers and testing agents.However,there is little research works at this aspect on specification-based testing at the use case description level.Thus,this research proposes an automatic test cases generator approach to reduce the test complexity and to enhance the percentage of test coverage.First,to support the infrastructure for performing automatic,this proposed approach refines the use cases using use case describing template and save it in the text file.Then,the saved file is input to the Algorithm of Control Flow Diagram(ACFD)to convert use case details to a control flow diagram.After that,the Proposed Tool of Generating Test Paths(PTGTP)is used to generate test cases from the control flow diagram.Finally,the genetic algorithm associated with transition coverage is adapted to optimize and evaluate the adequacy of such test cases.A money withdrawal use case in the ATM system is used as an ongoing case study.Preliminary results show that the generated test cases achieve high coverage with an optimal test case.This automatic test case generation approach is effective and efficient.Therefore,it could promote to use other test case coverage criteria.
文摘Software test case optimization improves the efficiency of the software by proper structure and reduces the fault in the software.The existing research applies various optimization methods such as Genetic Algorithm,Crow Search Algorithm,Ant Colony Optimization,etc.,for test case optimization.The existing methods have limitations of lower efficiency in fault diagnosis,higher computa-tional time,and high memory requirement.The existing methods have lower effi-ciency in software test case optimization when the number of test cases is high.This research proposes the Tournament Winner Genetic Algorithm(TW-GA)method to improve the efficiency of software test case optimization.Hospital Information System(HIS)software was used to evaluate TW-GA model perfor-mance in test case optimization.The tournament Winner in the proposed method selects the instances with the best fitness values and increases the exploitation of the search to find the optimal solution.The TW-GA method has higher exploita-tion that helps to find the mutant and equivalent mutation that significantly increases fault diagnosis in the software.The TW-GA method discards the infor-mation with a lower fitness value that reduces the computational time and mem-ory requirement.The TW-GA method requires 5.47 s and the MOCSFO method requires 30 s for software test case optimization.
文摘At first, the core ideology, advantage and principle of Software Testing Automation Framework (STAF) are presented in this paper. Several automated testing frameworks are summarized and analyzed. In addition, date driven automation test framework is given more attention. Test script is the important composing part of software test automation. Then this paper introduces several technologies of script along with their characteristics. Every technology applies to different places. Moreover, an automated test system with an automated test script language XML which is implemented to solve the problems in current automatic testing solutions. The design and implantation of the test script automation framework based on apache ant is put forward. The proposed key technology details of framework are also introduced. We take the automation test methodology of database connectivity operations by ODBC data source as example for validation, using auto test script as the key technology. Finally, the results demonstrate that it can best increase software test effectiveness and reduce workloads as well as save more efforts.
文摘Unified modeling language (UML) is a powerful graphical modeling language with intuitional meaning. It provides various diagrams to depict system characteristics and complex environment from different viewpoints and different application layers. UML-based software development and modeling environments have been widely accepted in industry, including areas in which safety is an important issue such as spaceflight, defense, automobile, etc. To ensure and improve software quality becomes a main concern in the field. As one of the key techniques for software quality, software testing can effectively detect system faults. UML based software testing based is an important research direction in software engineering. The key to software testing is the generation of test cases. This dissertation studies an approach to generating test cases from UML statecharts.
基金National Natural Science Foundation of China(No.51274150)Tianjin Major Project of Application Foundation and Advanced Technology,China(No.12JCZDJC27800)
文摘Aiming to improve the Structured Query Language( SQL) injection penetration test accuracy through the formalismguided test case generation,an attack purpose based attack tree model of SQL injection is proposed,and then under the guidance of this model, the formal descriptions for the SQL injection vulnerability feature and SQL injection attack inputs are established. Moreover,according to new coverage criteria,these models are instantiated and the executable test cases are generated.Experiments show that compared with the random enumerated test case used in other works,the test case generated by our method can detect the SQL injection vulnerability more effectively. Therefore,the false negative is reduced and the test accuracy is improved.
基金This work was supported by the King Saud University(in Riyadh,Saudi Arabia)through the Researcher Support Project Number(RSP-2021/387).
文摘Internet-of-Things(IoT)has attained a major share in embedded software development.The new era of specialized intelligent systems requires adaptation of customized software engineering approaches.Currently,software engineering has merged the development phases with the technologies provided by industrial automation.The improvements are still required in testing phase for the software developed to IoT solutions.This research aims to assist in developing the testing strategies for IoT applications,therein ontology has been adopted as a knowledge representation technique to different software engineering processes.The proposed ontological model renders 101 methodology by using Protégé.After completion,the ontology was evaluated in three-dimensional view by the domain experts of software testing,IoT and ontology engineering.Satisfied results of the research are showed in interest of the specialists regarding proposed ontology development and suggestions for improvements.The Proposed reasoning-based ontological model for development of testing strategies in IoT application contributes to increase the general understanding of tests in addition to assisting for the development of testing strategies for different IoT devices.
文摘In recent years large corporations as well as smaller commercial enterprises have begun to devote increased attention to software testing and software quality. This paper introduces a novel tool—the Framework for Extensible Application Testing (FEAT), implemented by the author and applicable for automatic generation and execution of test cases. The paper discusses system requirements, design, architecture and modes of operation. It also contains a detailed comparison of the FEAT framework with existing test environments, focusing in particular on the STAF/STAX framework. The final section is devoted to experimental research into the applicability and efficiency of the presented tools in various projects and configurations, as reflected by quality metrics.
文摘The techniques of test case prioritization schedule the execution order of test cases to attain respective target, such as enhanced level of forecasting the fault. The requirement of the prioritization can be viewed as the en-route for deriving an order of relation on a given set of test cases which results from regression testing. Alteration of programs between the versions can cause more test cases which may respond differently to following versions of software. In this, a fixed approach to prioritizing test cases avoids the preceding drawbacks. The JUnit test case prioritization techniques operating in the absence of coverage information, differs from existing dynamic coverage-based test case prioritization techniques. Further, the prioritization test cases relying on coverage information were projected from fixed structures relatively other than gathered instrumentation and execution.
基金Supported in part by the National Natural Science Foundation of China (NSFC)(60073012),Natural Science Foundation of Jiangsu(BK2001004)
文摘Selection of test cases plays a key role in improving testing efficiency. Black-box testing is an important way of testing, and its validity lies on the selection of test cases in some sense. A reasonable and effective method about the selection and generation of test cases is urgently needed. This letter first introduces some usualmethods on black-box test case generation,then proposes a new algorithm based on interface parameters and discusses its properties, finally shows the effectiveness of the algorithm.
文摘A more automated graphic user interface (GUI) test model, which is based on the event-flow graph, is proposed. In the model, a user interface automation API tool is first used to carry out reverse engineering for a GUI test sample so as to obtain the event-flow graph. Then two approaches are adopted to create GUI test sample cases. That is to say, an improved ant colony optimization (ACO) algorithm is employed to establish a sequence of testing cases in the course of the daily smoke test. The sequence goes through all object event points in the event-flow graph. On the other hand, the spanning tree obtained by deep breadth-first search (BFS) approach is utilized to obtain the testing cases from goal point to outset point in the course of the deep regression test. Finally, these cases are applied to test the new GUI. Moreover, according to the above-mentioned model, a corresponding prototype system based on Microsoft UI automation framework is developed, thus giving a more effective way to improve the GUI automation test in Windows OS.
基金Supported by the National High Technology Research and Development Program of China (863 Program) (2009AA01Z402)the PLA University of Science and Technology Pre-research Project (20110202, 20110210)+1 种基金the Natural Science Foundation of Jiangsu Province of China (BK2012059,BK2012060)the PLAUST Outstanding Graduate Student Thesis Fund (2012)
文摘A software security testing behavior model,SETAM,was proposed in our previous work as the integrated model for describing software security testing requirements behavior,which is not only compatible with security functions and latent typical misuse behaviors,but also with the interaction of them.In this paper,we analyze the differences between SETAM with security use case and security misuse case in different types of security test requirements.To illustrate the effectiveness of SETAM,we compare them in a practical case study by the number of test cases and the number of faults detected by them.The results show that SETAM could decrease about 34.87% use cases on average,and the number of faults detected by SETAM increased by 71.67% in average,which means that our model can detect more faults with fewer test cases for software security testing.
