Communications of the ACM
Boosting Software Security For a Connected World
A new software security testing paradigm already has helped several European enterprises bring new products and services to market.
Credit: Schneide-Electric.com
European researchers working on the DIAMONDS project have developed a software security testing paradigm that helped several European small- and medium-sized enterprises bring new products and services into the market.
The project brought together 22 industrial and scientific partners from six countries to develop a security testing methodology, and successfully demonstrated and evaluated it in eight industrial settings.
The methodology integrates security risk assessment and security testing over the entire software lifecycle, encompassing early testing, risk assessment, and automatic testing and monitoring. The systematic integration means risk assessment improves testing procedures, while testing systematically improves risk assessments.
The researchers note the DIAMONDS methodology continues to deliver results years after it ended because it is a unique enabling technology for testing the security of critical software systems. "Overall, DIAMONDS enabled five new products, three new services, and 10 product updates," says Fraunhofer FOKUS institute researcher Ina Schieferdecker.
In addition, the project has created new partnerships, enlarged their skills base, added new features to their flagship software tools, and directly led to their involvement in more European projects.
"Software security is not a problem with a single fix--it's too complex a field," Schieferdecker says. "Instead, we developed a new paradigm, known as model-based security testing, along with a diverse array of test automation methods."
From Phys.org
View Full Article
Abstracts Copyright © 2016 Information Inc., Bethesda, Maryland, USA
No entries found