• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.10 no.4
• /
• pp.325-332
• /
• 2017

In this paper, a survey of test sequence generation methods for testing the conformance of a protocol implementation to its specification is presented. The best known methods proposed in the literature are called transition tour, distinguishing sequence, characterizing sequence, and unique input/output sequence. Also, several variants of the above methods are introduced. Applications of these methods to the finite state machine model are discussed. Then, comparative analysis of the methods is made in terms of test sequence length. Finally, conclusions are given as follows. The T-method produces the shortest test sequence, but it has the worst fault coverage. The W-method tends to produce excessively long test sequences even though its fault coverage is complete. The problem with the DS-method is that a distinguishing sequence may not exist. The UIO-method is more widely applicable, but it does not provide the same fault coverage as the DS-method.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.7
• /
• pp.3511-3532
• /
• 2019

Coverage-guided fuzzing is an efficient solution that has been widely used in software testing. By guiding fuzzers through the coverage information, seeds that generate new paths will be retained to continually increase the coverage. However, we observed that most samples follow the same few high-frequency paths. The seeds that exercise a high-frequency path are saved for the subsequent mutation process until the user terminates the test process, which directly affects the efficiency with which the low-frequency paths are tested. In this paper, we propose a fuzzing solution, ER-Fuzz, that truncates the recording of a high-frequency path to influence coverage. It utilizes a deep learning-based classifier to locate the high and low-frequency path transfer points; then, it instruments at the transfer position to promote the probability low-frequency transfer paths while eliminating subsequent variations of the high-frequency path seeds. We implemented a prototype of ER-Fuzz based on the popular fuzzer AFL and evaluated it on several applications. The experimental results show that ER-Fuzz improves the coverage of the original AFL method to different degrees. In terms of the number of crash discoveries, in the best case, ER-Fuzz found 115% more unique crashes than did AFL. In total, seven new bugs were found and new CVEs were assigned.

• Journal of KIISE:Information Networking
• /
• v.28 no.3
• /
• pp.355-368
• /
• 2001

Protocol conformance test is used to promote interoperability of protocol implementatons developed by venders. Non-interopcrability between protocol implementations may be caused by ambiguity and/or misintellJretation of the protocol specifications by vendors. Conventional method on protocol conformance test has been standardized by IS0;IEC JTCI with the purpose of whether a protocol implementation conforms to its specification. However, sometimes the conventional method gives wrong test results because the test is based on static test sequences. This problem is caused by the fact as some failed transitions of a protocol FSM included in test sequences have an effect on the test result of transitions to be tested. In this paper, a new approach called Dynamic Conformance Test Method (DCTM) is proposed to solve this problem. DCTM dynamically selects test sequence durng testing depending on an information showing an alternative path without failed tranistions. As a result, the fault coverage of the DCTM is better than that of the conventional test method. In order to demonstrate the fault coverage of DCTM compared to that of the conventional method. a testing tool is implemented and appied to the TCP protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1463-1474
• /
• 2018

Fuzzing is one of the software testing techniques that find security flaws by inputting invalid values or arbitrary values into the program and various methods have been suggested to increase the efficiency of such fuzzing. In this paper, focusing on the existence of field with high relevance to coverage and software crash, we propose a new method for intensively fuzzing corresponding field part while performing field based fuzzing. In this case, we use a deep learning model called Variational Autoencoder(VAE) to learn the statistical characteristic of input values measured in high coverage and it showed that the coverage of the regenerated files are uniformly higher than that of simple variation. It also showed that new crash could be found by learning the statistical characteristic of the files in which the crash occurred and applying the dropout during the regeneration. Experimental results showed that the coverage is about 10% higher than the files in the queue of the AFL fuzzing tool and in the Hwpviewer binary, we found two new crashes using two crashes that found at the initial fuzzing phase.

• Korean Journal of Radiology
• /
• v.22 no.3
• /
• pp.442-453
• /
• 2021

Artificial intelligence (AI) will likely affect various fields of medicine. This article aims to explain the fundamental principles of clinical validation, device approval, and insurance coverage decisions of AI algorithms for medical diagnosis and prediction. Discrimination accuracy of AI algorithms is often evaluated with the Dice similarity coefficient, sensitivity, specificity, and traditional or free-response receiver operating characteristic curves. Calibration accuracy should also be assessed, especially for algorithms that provide probabilities to users. As current AI algorithms have limited generalizability to real-world practice, clinical validation of AI should put it to proper external testing and assisting roles. External testing could adopt diagnostic case-control or diagnostic cohort designs. A diagnostic case-control study evaluates the technical validity/accuracy of AI while the latter tests the clinical validity/accuracy of AI in samples representing target patients in real-world clinical scenarios. Ultimate clinical validation of AI requires evaluations of its impact on patient outcomes, referred to as clinical utility, and for which randomized clinical trials are ideal. Device approval of AI is typically granted with proof of technical validity/accuracy and thus does not intend to directly indicate if AI is beneficial for patient care or if it improves patient outcomes. Neither can it categorically address the issue of limited generalizability of AI. After achieving device approval, it is up to medical professionals to determine if the approved AI algorithms are beneficial for real-world patient care. Insurance coverage decisions generally require a demonstration of clinical utility that the use of AI has improved patient outcomes.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.4
• /
• pp.33-42
• /
• 2007

Accurate predictions of software release times, and estimation of the reliability and availability of a software product require quantification of a critical element of the software testing process : test coverage. This model called Enhanced non-homogeneous poission process(ENHPP). In this paper, exponential coverage and S-shaped model was reviewed, proposes the Kappa coverage model, which maked out efficiency application for software reliability. Algorithm to estimate the parameters used to maximum likelihood estimator and bisection method, model selection based on SSE statistics and Kolmogorov distance, for the sake of efficient model, was employed. From the analysis of mission time, the result of this comparative study shows the excellent performance of Burr coverage model rather than exponential coverage and S-shaped model using NTDS data. This analysis of failure data compared with the Kappa coverage model and the existing model(using arithmetic and Laplace trend tests, bias tests) is presented.

• International Journal of Contents
• /
• v.10 no.3
• /
• pp.41-46
• /
• 2014

A cause-effect graph considers only the desired external behavior of a system by identifying input-output parameter relationships in the specification. When testing a software system with cause-effect graphs, it is important to derive a moderate number of tests while avoiding loss in fault detection ability. Pairwise testing is known to be effective in determining errors while considering only a small portion of the input space. In this paper, we present a new testing technique that generates pairwise tests from a cause-effect graph. We use a Boolean Satisbiability (SAT) solver to generate pairwise tests from a cause-effect graph. The Alloy language is used for encoding the cause-effect graphs and its SAT solver is applied to generate the pairwise tests. Using a SAT solver allows us to effectively manage constraints over the input parameters and facilitates the generation of pairwise tests, even in the situations where other techniques fail to satisfy full pairwise coverage.

• Nuclear Engineering and Technology
• /
• v.31 no.1
• /
• pp.49-57
• /
• 1999

It has been a critical issue to predict the safety critical software reliability in nuclear engineering area. For many years, many researches have focused on the quantification of software reliability and there have been many models developed to quantify software reliability. Most software reliability models estimate the reliability with the failure data collected during the test assuming that the test environments well represent the operation profile. User's interest is however on the operational reliability rather than on the test reliability. The experiences show that the operational reliability is higher than the test reliability. With the assumption that the difference in reliability results from the change of environment, from testing to operation, testing environment factors comprising the aging factor and the coverage factor are developed in this paper and used to predict the ultimate operational reliability with the failure data in testing phase. It is by incorporating test environments applied beyond the operational profile into testing environment factors. The application results show that the proposed method can estimate the operational reliability accurately.

• Journal of the Korean Institute of Telematics and Electronics A
• /
• v.33A no.3
• /
• pp.176-186
• /
• 1996

As the density of VLSI increases, the conventional logic testing is not sufficient to completely detect the new faults generated in design and fabrication processing. Recently, IDDQ testing becomes very attractive since it can overcome the limitations of logic testing. In this paper, G-ATPG (gyeongsang automatic test pattern genrator) is designed which is able to be adapted to IDDQ testing for combinational CMOS VLSI. In G-ATPG, stuck-at, transistor stuck-on, GOS (gate oxide short)or bridging faults which can occur within priitive gate or XOR is modelled to primitive fault patterns and the concept of a fault-sensitizing gate is used to simulate only gates that need to sensitize the faulty gate because IDDQ test does not require the process of fault propagation. Primitive fault patterns are graded to reduce CPU time for the gates in a circuit whenever a test pattern is generated. the simulation results in bench mark circuits show that CPU time and fault coverage are enhanced more than the conventional ATPG using IDDQ test.

• Proceedings of the IEEK Conference
• /
• 1998.06a
• /
• pp.811-814
• /
• 1998

REcent research about current testing($\textrm{I}_{DDQ}$ testing) has been emphasizing that $\textrm{I}_{DDQ}$ testing in addition to the logical voltage testing is necessary to increase the fault coverage. The $\textrm{I}_{DDQ}$. testing can detect physical faults other than the classical stuck-at type fault, which affect reliability. One of the most critical issues in the $\textrm{I}_{DDQ}$ testing is to insert a built-in current sensor (BICS) that can detect abnormal static currents from the power supply or to the ground. This paper presents a new BICS for internal current testing for large CMOS logic circuits. The proposed BICS uses a single phase clock to minimize the hardware overhead. It detects faulty current flowing and converts it into a corresponding logic voltage level to make converts it into a corresponding logic voltage level to make it possible to use the conventional voltage testing techniqeus. By using current mirroring technique, the proposed BICS can work at very high speed. Because the proposed BICS almost does not affects normal operation of CUT(circuit under test), it can be used to a very large circuit without circuit partitioning. By altenating the operational modes, a circuit can be $\textrm{I}_{DDQ}$-tested as a kind of self-testing fashion by using the proposed BICS.