• Title/Summary/Keyword: black-box testing

Search Result 44, Processing Time 0.023 seconds

A Study on the Improvement of Quality for A/V and Mobile System Software Applied to ASTM (Automated Software Test Methods) (ASTM을 적용한 A/V와 Mobile 시스템 소프트웨어 품질 향상에 관한 연구)

  • 한상섭;전경빈;김정희;박상득
    • Journal of Applied Reliability
    • /
    • v.2 no.1
    • /
    • pp.23-32
    • /
    • 2002
  • As the function of digital products gets diverse and complex, more than 30~40% job of software developing and testing group within its development cycle, concentrates on the software testing[1]. To cope with consumers'quickly changing needs, development cycle time gets short, and the number of model and test items increase steadily This is why automating software basic function and UI(User Interface) verification is needed [4][5][6]. This paper draws many strength and weakness defines Input/Output through integrating mobile phone, DVDP, PDA, and Black-Box (Intrusive (mobile) or Non-Intrusive(DVDP, PDA)) testing systematically, which brought above the 64% average of automation rate, and ensure 80% of test coverage [4][5][6].

  • PDF

Evaluating the web-application resiliency to business-layer DoS attacks

  • Alidoosti, Mitra;Nowroozi, Alireza;Nickabadi, Ahmad
    • ETRI Journal
    • /
    • v.42 no.3
    • /
    • pp.433-445
    • /
    • 2020
  • A denial-of-service (DoS) attack is a serious attack that targets web applications. According to Imperva, DoS attacks in the application layer comprise 60% of all the DoS attacks. Nowadays, attacks have grown into application- and business-layer attacks, and vulnerability-analysis tools are unable to detect business-layer vulnerabilities (logic-related vulnerabilities). This paper presents the business-layer dynamic application security tester (BLDAST) as a dynamic, black-box vulnerability-analysis approach to identify the business-logic vulnerabilities of a web application against DoS attacks. BLDAST evaluates the resiliency of web applications by detecting vulnerable business processes. The evaluation of six widely used web applications shows that BLDAST can detect the vulnerabilities with 100% accuracy. BLDAST detected 30 vulnerabilities in the selected web applications; more than half of the detected vulnerabilities were new and unknown. Furthermore, the precision of BLDAST for detecting the business processes is shown to be 94%, while the generated user navigation graph is improved by 62.8% because of the detection of similar web pages.

A Design of Smart Fuzzing System Based on Hybrid Analysis (하이브리드 분석 기반의 스마트 퍼징 시스템 설계)

  • Kim, Mansik;Kang, Jungho;Jun, Moon-seog
    • Journal of Digital Convergence
    • /
    • v.15 no.3
    • /
    • pp.175-180
    • /
    • 2017
  • In accordance with the development of IT industry worldwide, software industry has also grown tremendously, and it is exerting influence on the general society starting from daily life to financial organizations and public institutions. However, various security threats that can inflict serious threat to provided services in proportion to the growing software industry, have also greatly increased. In this thesis, we suggest a smart fuzzing system combined with black box and white box testing that can effectively detectxdistinguish software vulnerability which take up a large portion of the security incidents in application programs.

A Study on the Application of Risk Management for Medical Device Software Test (의료기기 소프트웨어 테스트 위험관리 적용 방안 연구)

  • Kim, S.H.;Lee, jong-rok;Jeong, Dong-Hun;Park, Hui-Byeong
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2012.10a
    • /
    • pp.495-497
    • /
    • 2012
  • Development of application risk management for medical device software test. First, Through questionnaires, Medical device manufacturers, Analysis of software validation and risk management status. Second, Analyzed by comparing the difference between black box testing and white box testing. Third, After analyzing the potential for software analysis tools using code derived factors were quantified, Finally, Medical device risk management process so that it can be applied to build the framework by FMEA(Failure Mode and Effect Analysis) technique. Through this Difficult to build software validation and risk management processes for manufacturers to take advantage of support in medical device GMP(Good Manufacture Practice).

  • PDF

Automatic Test Data Generation for Mutation Testing Using Genetic Algorithms (유전자 알고리즘을 이용한 뮤테이션 테스팅의 테스트 데이터 자동 생성)

  • 정인상;창병모
    • The KIPS Transactions:PartD
    • /
    • v.8D no.1
    • /
    • pp.81-86
    • /
    • 2001
  • one key goal of software testing is to generate a 'good' test data set, which is consideres as the most difficult and time-consuming task. This paper discusses how genetic algorithns can be used for automatic generation of test data set for software testing. We employ mutation testing to show the effectiveness of genetic algorithms (GAs) in automatic test data generation. The approach presented in this paper is different from other in that test generation process requireas no lnowledge of implementation details of a program under test. In addition, we have conducted some experiments and compared our approach with random testing which is also regarded as a black-box test generation technique to show its effectiveness.

  • PDF

Conformance Test Technique for the Electric Power IT Protocol based on TTCN-3 (TTCN-3를 이용한 전력 IT Protocol Conformance Test 기법)

  • Song, Byeong-Kwon;Jang, Yong-Gi;Jeong, Tae-Eui;Kim, Gun-Woong;Kim, Jin-Chul;Kim, Young-Eok
    • Proceedings of the KIEE Conference
    • /
    • 2008.11a
    • /
    • pp.373-375
    • /
    • 2008
  • TTCN-3(Testing & Test Control Notation Version 3) defined in EISI(2001) are the standardized test specification and test implementation language of applicable for all kinds of black-box testing for reactive and distributed system, telecom systems, Mobile system, Internet, CORBA based system, java, XML, etc. This paper using the TTCN-3 on an Electric Power IT Protocol DLMS(Device Language Message Specification) standards for the implementation of the device equipment test the suitability of the protocol.

  • PDF

LINKING EVALUATION OF SUBJECTIVE TIRE TESTS ON THE ROAD WITH OBJECTIVELY MEASURED DATA

  • Stumpf, H.W.
    • International Journal of Automotive Technology
    • /
    • v.2 no.1
    • /
    • pp.17-23
    • /
    • 2001
  • Measurements of the initial values lead to an inverse and mathematically unprecisely formulated problem. A precise definition of an inverse problem is possible. It is to state a mathematical model of a physical process with clearly defined initial and exit values for the system behind the process. One can grasp the idea of an inverse problem by considering the tire as a copy of the objects of nature in a room with observations. Interpretation of nature is generally a result of an inverse problem. On one hand, the tire may be represented through the sensory organs and the nervous system as well as the experiences of the developer's existing apparatus of the projection of reality. On the other hand, it may be represented by a physical law or a model that can be confirmed or is to be refuted with the help of suitable measurements. During reconstruction of a measuring signal and the identification of a black box that can be assumed to be linear and causal, the tire becomes a first type Volterra integral equation of the convolution type. But measurements of the initial values are always fuzzy, the errors grow and the system behavior can no longer be forecasted. Thus, we have to deal with a chaotic system. This chaos produces fractals in a natural way. These are self-similar geometric structures. This self-similarity is clearly visible in the design.

  • PDF

Automated Black-Box Test Case Generation for MC/DC with SAT (SAT를 이용한 MC/DC 블랙박스 테스트 케이스 자동 생성)

  • Chung, In-Sang
    • The KIPS Transactions:PartD
    • /
    • v.16D no.6
    • /
    • pp.911-920
    • /
    • 2009
  • Airbone software must comply the DO-178B standard in order to be certified by the FAA. The standard requires the unit testing of safety-critical software to meet the coverage criterion called MC/DC(Modified Condition/Decision Coverage). Although MC/DC is known to be effective in finding errors related to safety, it is also true that generating test cases which satisfy the MC/DC criterion is not easy. This paper presents a tool named MD-SAT which generates MC/DC test cases with SAT(SATisfiability) technology. It can be employed for generating diverse test cases in tools implementing various testing techniques including decision table based test, cause-effect graphing, and state-based test.

Interoperability Test and Testing Tool for Railway Signaling System (철도신호시스템 상호운용성 검증 방법 및 지원도구의 개발)

  • Hwang, Jong-Gyu;Jo, Hyun-Jeong;Baek, Jong-Hyun
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.16 no.9
    • /
    • pp.5802-5809
    • /
    • 2015
  • Railway signaling system is the vital control system in charge of the core for safely train operation, its functional safety must be checked through sufficient verification. Until now, to verify the interoperability of developed railway signaling system, the on-site testing approaches have been applied after testing in laboratory with simulator. This approaches are some limited range of interoperable verification, so more systematic verification interoperability is required. In this paper, the three phases of interoperability verification for railway signaling system was proposed, and methodology for each phases are represented. And also The interoperability validation methodology and supported testing tool for railway signaling system is represented in this paper

A Study on XAI-based Clinical Decision Support System (XAI 기반의 임상의사결정시스템에 관한 연구)

  • Ahn, Yoon-Ae;Cho, Han-Jin
    • The Journal of the Korea Contents Association
    • /
    • v.21 no.12
    • /
    • pp.13-22
    • /
    • 2021
  • The clinical decision support system uses accumulated medical data to apply an AI model learned by machine learning to patient diagnosis and treatment prediction. However, the existing black box-based AI application does not provide a valid reason for the result predicted by the system, so there is a limitation in that it lacks explanation. To compensate for these problems, this paper proposes a system model that applies XAI that can be explained in the development stage of the clinical decision support system. The proposed model can supplement the limitations of the black box by additionally applying a specific XAI technology that can be explained to the existing AI model. To show the application of the proposed model, we present an example of XAI application using LIME and SHAP. Through testing, it is possible to explain how data affects the prediction results of the model from various perspectives. The proposed model has the advantage of increasing the user's trust by presenting a specific reason to the user. In addition, it is expected that the active use of XAI will overcome the limitations of the existing clinical decision support system and enable better diagnosis and decision support.