Testing for Software Security

Herbert Thompson and James Whittaker, Florida Institute of Technology

Software can be correct without being secure. Therefore we must be vigilant in assessing the security implications of software behavior instead of being focused on the search for specification violations. If we want to include security problems in our testing periscope, we must consider the malicious use of functionality that might be possible outside normal use of the product. The goal of this presentation is to challenge current techniques by making the testing process more attuned to, and aggressive toward, security holes.

Upcoming Events

Apr 28
Jun 02
Sep 22