Journal of Central South University of Technology

, Volume 16, Issue 2, pp 258–264

A fault injection model-oriented testing strategy for component security

Authors

    • College of Computer Science and TechnologyHuazhong University of Science and Technology
  • Yan-sheng Lu卢炎生
    • College of Computer Science and TechnologyHuazhong University of Science and Technology
  • Wei Zhang张卫
    • Department of Computer ScienceIowa State University
  • Xiao-dong Xie谢晓东
    • College of Computer Science and TechnologyHuazhong University of Science and Technology
Article

DOI: 10.1007/s11771-009-0044-0

Cite this article as:
Chen, J., Lu, Y., Zhang, W. et al. J. Cent. South Univ. Technol. (2009) 16: 258. doi:10.1007/s11771-009-0044-0

Abstract

A fault injection model-oriented testing strategy was proposed for detecting component vulnerabilities. A fault injection model was defined, and the faults were injected into the tested component based on the fault injection model to trigger security exceptions. The testing process could be recorded by the monitoring mechanism of the strategy, and the monitoring information was written into the security log. The component vulnerabilities could be detected by the detecting algorithm through analyzing the security log. Lastly, some experiments were done in an integration testing platform to verify the applicability of the strategy. The experimental results show that the strategy is effective and operable. The detecting rate is more than 90% for vulnerability components.

Key words

component testingcomponent securityfault injection modeltesting strategydetecting algorithm

Copyright information

© Central South University Press and Springer-Verlag GmbH 2009