On the automation of security testing

Franz Wotawa*

*Korrespondierende/r Autor/-in für diese Arbeit

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandBegutachtung

Abstract

Due to the still increasing interconnectedness of systems it is very much important to further strengthen activities towards assuring security requirements of those systems. Quality assurance methods like coding guidelines with a focus on security related issues, and static analysis tools are necessary but not sufficient because of the fact that security is a system property. Therefore, it is important to also perform system tests focusing on security threads. When carrying out in a manual way testing is very labor intensive and the question arise whether it is possible to automate security testing? In this paper we take up this question, discuss the underlying challenges, and introduce current work dealing with the automation of security testing. In particular, we present work on using combinatorial testing and AI planning for detecting vulnerabilities in systems. In addition, we discuss shortcomings of the present approaches, open research challenges and further research directions.

Originalspracheenglisch
TitelProceedings - 2016 International Conference on Software Security and Assurance, ICSSA 2016
Herausgeber (Verlag)Institute of Electrical and Electronics Engineers
Seiten11-16
Seitenumfang6
ISBN (elektronisch)9781509043880
DOIs
PublikationsstatusVeröffentlicht - 21 Feb. 2017
Veranstaltung2016 International Conference on Software Security and Assurance: ICSSA 2016 - St. Pölten, Österreich
Dauer: 24 Aug. 201625 Aug. 2016
Konferenznummer: 2

Publikationsreihe

NameProceedings - 2016 International Conference on Software Security and Assurance, ICSSA 2016

Konferenz

Konferenz2016 International Conference on Software Security and Assurance
KurztitelICSSA
Land/GebietÖsterreich
OrtSt. Pölten
Zeitraum24/08/1625/08/16

ASJC Scopus subject areas

  • Software
  • Sicherheit, Risiko, Zuverlässigkeit und Qualität

Fingerprint

Untersuchen Sie die Forschungsthemen von „On the automation of security testing“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren