How Useful is Software Fault Injection for Evaluating the Security of COTS Products?

doi:10.1109/ACSAC.2001.10009

A
ACSAC
2001
17th Annual Computer Security Applications Conference (ACSAC'01)
Abstract - How Useful is Software Fault Injection for Evaluating the Security of COTS Products?

	This Article
	PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles

17th Annual Computer Security Applications Conference (ACSAC'01)

How Useful is Software Fault Injection for Evaluating the Security of COTS Products? (PDF)

New Orleans, Lousiana

December 10-December 14

ISBN: 0-7695-1405-7

	ASCII Text	x
	"How Useful is Software Fault Injection for Evaluating the Security of COTS Products?," Computer Security Applications Conference, Annual, pp. 0339, 17th Annual Computer Security Applications Conference (ACSAC'01), 2001.

	BibTex	x
	@article{ 10.1109/ACSAC.2001.10009, author = {}, title = {How Useful is Software Fault Injection for Evaluating the Security of COTS Products?}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2001}, isbn = {0-7695-1405-7}, pages = {0339}, doi = {http://doi.ieeecomputersociety.org/10.1109/ACSAC.2001.10009}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - How Useful is Software Fault Injection for Evaluating the Security of COTS Products? SN - 0-7695-1405-7 SP EP PY - 2001 VL - 0 JA - Computer Security Applications Conference, Annual ER -

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ACSAC.2001.10009

Software fault injection (SFI) is a controversial method for identifying errors and improving software. Many respected researchers believe the method holds promise, including the members on our panel, although with careful qualifications. On the other hand, COTS software manufacturers tend to view the method with skepticism for several reasons. One problem is the difficulty in verifying that injected faults are representative of real world faults. Another is that SFI may not be as efficient in identifying errors in software as more conventional testing. The three panelists explored wide-ranging alternatives to the industry view.

Citation:

"How Useful is Software Fault Injection for Evaluating the Security of COTS Products?," acsac, pp.0339, 17th Annual Computer Security Applications Conference (ACSAC'01), 2001

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.