Issue No. 02 - March/April (2005 vol. 3)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2005.55
Peter Oehlert , Microsoft
Boundary conditions are important because significant subsets of boundary condition failures are security failures. As such, the boundary conditions we don't test today are the security patches we'll have to issue tomorrow. An effective way to limit border vulnerabilities is ttesting via fuzzing. This highly automated testing technique can cover large numbers of boundary cases using invalid data (from files, network protocols, and other targets) as application input. This article shows how fuzzing often works well when techniques such as functional testing would be cost prohibitive.
fuzzing, software testing, boundary conditions, completeness testing, comprehensive negative testing, quality assurance
P. Oehlert, "Violating Assumptions with Fuzzing," in IEEE Security & Privacy, vol. 3, no. , pp. 58-62, 2005.