Updated NIST Software Uses Combination Testing to Catch Bugs Fast and Easy
Researchers at the National Institute of Standards and Technology (NIST) have released an updated version of a computer system testing tool that can cut costs by more efficiently finding flaws. A tutorial on using the tool accompanies the new release. Catching software 'bugs' before a program is released enhances computer security because hackers often exploit these flaws to introduce malware, including viruses, to disrupt or take control of computer systems. But it's difficult. A widely cited 2002 study prepared for NIST* reported that even though 50 percent of software development budgets go to testing, flaws in software still cost the U.S. economy $59.5 billion annually.
Exhaustive checking of all possible combinations of input actions that could cause software failure is not practical, explained NIST's Raghu Kacker, because of the huge number of possibilities, but it's also not necessary. Based on studies of software crashes in applications, including medical devices and Web browsers, NIST's Rick Kuhn and other researchers determined that between 70 and 95 percent of software failures are triggered by only two variables interacting and practically 100 percent of software failures are triggered by no more than six. 'Testing every combination up to six variables can be as good as exhaustive testing,' said Kacker.
Working with researcher Jeff Yu Lei and his students from the University of Texas at Arlington, NIST designed Advanced Combinatorial Testing System (ACTS), a freely distributed software tool to generate plans for efficiently testing combinations of two to six interacting variables. The method goes beyond the commonly used 'pairwise' approach to software testing, which tests combinations of two variables, so it can detect more obscure flaws. (See ''Combinatorial' Approach Squashes Software Bugs Faster, Cheaper' in NIST Tech Beat, Dec. 12, 2007, at www.nist.gov/itl/math/bugs_121207.cfm.) Kuhn describes the process 'as packing as many combinations into a set of tests as efficiently as we know how.' For example, testing all possible interactions for a product with 34 on and off switches would require 17 billion tests. Using ACTS, all three-way interactions can be evaluated using only 33 tests and all six-way combinations with just 522 tests, instead of 17 billion.
The first version of ACTS was released in 2008. Since then, it has been distributed at no cost to 465 organizations and individuals in industry, academia and government. 'About half of our users are in IT, but other heavy users are in the financial, defense and telecommunications sectors,' said Kuhn. In August, NIST and Lockheed Martin initiated a Cooperative Research and Development Agreement to study the application of ACTS in the company's large and complex software applications. The two groups will jointly publish the results. NIST released the latest update of ACTS in October. The new version includes an improved user interface and a better method of specifying relationships between parameters for testing. This can eliminate the problem, for example, of spending time on tests for invalid combinations, such as using Internet Explorer on a Linux system. Information for requesting ACTS is available at http://csrc.nist.gov/groups/SNS/acts/index.html.
Just released is a new tutorial, Practical Combinatorial Testing, that introduces key concepts and methods along with explaining the use of software tools for generating combinatorial tests. Cost and other practical considerations are addressed. The tutorial is designed to be accessible to undergraduate students in computer science or engineering and includes extensive references. NIST Special Publication 800-142 (link to http://csrc.nist.gov/groups/SNS/acts/documents/SP800-142-101006.pdf) can be downloaded at crsc.nist.gov/acts.
-
Most popular related searches
Related news
-
Medical Baby Monitoring Devices Market Future Growth Explored in Latest Research Report
Fast.MR has published a new report on Global Medical Baby Monitoring Devices market, presenting how Medical Baby Monitoring Devices market is anticipated to unfold during 2020 -2025. The report coverage includes market sizing, and market share data across segments, countries and regions. It also covers market dynamics including growth drivers and restraints which are impacting the growth of market. Key trends shaping the future of market are also presented in report to give reader a better view of market. The...
-
Avery Biomedical Devices’ Nextgen Diaphragm Pacing Transmitter, Spirit, Earns FDA Approval – Now Available
Avery Biomedical Devices (Commack, NY), the global leader in high reliability diaphragm pacemakers, announced that its new diaphragm pacemaker transmitter, Spirit, has earned FDA approval and is now being offered to patients using its pacing system. This NextGen transmitter features a light-weight compact design with easy-to-use touch controls and offers precision-enhancing digital circuitry. Avery Chief Executive Officer Linda Towler stated, “At Avery, our R&D activities have always been focused on...
-
Avery Biomedical Letter to Medscape Regarding Diaphragm Pacing
Please find below a letter that our attorney sent to the editors of Medscape (parent company WebMD) who have published false information about our product.Medscape Letter Regarding Avery System Avery Biomedical Devices has an outstanding track record spanning over 45 years including an outstanding safety record, long term viability with some patients pacing for more than 35 years, and exceptional patient satisfaction. It is also the only device of its kind with full FDA premarket approval and CE marking privileges...
-
Borealis appoints IMCD as Bormed healthcare portfolio distributor
Distribution agreement to take effect as of 1 October 2021 New agreement applies to Bormed™ portfolio of innovative polyolefin grades for healthcare Complementary Borealis and IMCD product portfolios to enable even more choice in polymers Borealis announces that it has selected IMCD, a global leader in the distribution of specialty chemicals and ingredients, as its new European distributor of its dedicated grade range of Bormed™ polyolefins for healthcare. The distribution agreement covers most...
-
Merck and INBRAIN Neuroelectronics Collaborate to Develop the Next Generation of Bioelectronic Therapies
Innovation Center project of Merck collaborates to develop smart neuro-modulation for targeted treatment of chronic diseases. Joint development agreement represents a promising step towards a highly selective and efficient next generation of bioelectronic therapies powered by graphene. INBRAIN Neuroelectronics, a company at the intersection of medtech, deeptech and digital health dedicated to developing the world’s first graphene-based intelligent neuroelectronic system, today announced a collaboration...
Customer comments
No comments were found for Updated NIST Software Uses Combination Testing to Catch Bugs Fast and Easy. Be the first to comment!