Software security assessment through specification mutations and fault injection

Rauli Kaksonen, Marko Laakso, Ari Takanen

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

44 Citations (Scopus)

Abstract

Numerous information security vulnerabilities exist in contemporary software products. The purpose of this paper is to present a practical approach for software security assessment based on fault injection. The approach has been introduced and applied in a real world case, Wireless Application Protocol gateways. The approach has been effective in systematically uncovering robustness problems in the components tested. The main impact is expected from early elimination of trivial vulnerabilities and elevated awareness in robustness problems and their security implications.
Original languageEnglish
Title of host publicationCommunications and Multimedia Security Issues of the New Century
Subtitle of host publicationIFIP TC6 / TC11 Fifth Joint Working Conference on Communications and Multimedia Security (CMS’01)
EditorsRalf Steinmetz, Jana Dittman, Martin Steinebach
Place of PublicationNew York
PublisherSpringer
Pages173-183
ISBN (Electronic)978-0-387-35413-2
ISBN (Print)978-0-7923-7365-0, 978-1-4757-4811-6
DOIs
Publication statusPublished - 2001
MoE publication typeA4 Article in a conference publication
EventIFIP TC6/TC11 Fifth Joint Working Conference on Communications and Multimedia Security (CMS’01) - Darmstadt, Germany
Duration: 21 May 200122 May 2001

Publication series

SeriesIFIP Advances in Information and Communication Technology
Volume64
ISSN1868-4238

Conference

ConferenceIFIP TC6/TC11 Fifth Joint Working Conference on Communications and Multimedia Security (CMS’01)
Country/TerritoryGermany
CityDarmstadt
Period21/05/0122/05/01

Fingerprint

Dive into the research topics of 'Software security assessment through specification mutations and fault injection'. Together they form a unique fingerprint.

Cite this