Testing for Software Security
Software can be correct without being secure. Therefore we must be vigilant in assessing the security implications of software behavior instead of being focused on the search for specification violations. If we want to include security problems in our testing periscope, we must consider the malicious use of functionality that might be possible outside normal use of the product. The goal of this presentation is to challenge current techniques by making the testing process more attuned to, and aggressive toward, security holes.