1,721,016 research outputs found
Scalable and effective test generation for access control systems
No full textAccess control is essential for safe and secure access to software and hardware resources. Operating systems, database systems, and other applications employ policies to constrain access to application functionality, file systems, and data. Often these policies are implemented in software that serves as a front end guard to the protected resources or is interwoven with the application. It is important that the access control software is correct in that it faithfully implements a policy it is intended to; hence testing of access control systems becomes critical. The challenge is in devising such testing techniques that are scalable and effective in detecting those faults that can occur in an access control system. In this thesis, we address the problem of generating tests for access control systems. As a solution we first evaluated automata theoretic procedures for test generation using fault models specific to implementations of Role Based Access Control (RBAC) and temporal RBAC (TRBAC) systems. This evaluation led to improved and scalable methods for test generation. In particular the proposed procedures are associated with varying cost and effectiveness for conformance testing of RBAC and TRBAC systems. A probabilistic model for fault coverage is proposed and the fault detection effectiveness of proposed test generation techniques is formally analyzed for a variety of fault distributions. Cost and effectiveness of the proposed procedures in functional testing was evaluated using a case study based on an implementation of RBAC. The proposed test generation procedures provide cost efficient solutions with varying level of fault coverage for conformance testing and thus address the functional correctness requirements of RBAC and TRBAC systems
Testing component -based distributed applications
No full textApplications that utilize the broker-based architecture are often composed of several components that need to be tested both separately and together. An important activity during testing is the assessment of the adequacy of test sets. Testers use one or more adequacy criteria for this activity. Traditional test adequacy criteria have several limitations for commercial use. Therefore, a set of scalable interface-based test adequacy criteria have been identified and a testing method that uses these criteria proposed. This method incorporates elements from a component\u27s interface description for computing coverage using multiple test adequacy criteria and performing interface mutation and fault-injection testing. A prototype testing and monitoring tool that implements the proposed method is described. The proposed interface-based test adequacy criteria were evaluated empirically and compared with control flow-based coverage criteria for their relative effectiveness an revealing errors and the cost incurred in developing the test sets. A formal analysis of the fault-detection ability of the testing methods was also carried out. In addition to the assessment of test adequacy, testers often need to assess the tolerance of an application to failures in its components or in the environment. The interface-based testing method has been extended to allow for fault-injection testing at the component interfaces. Experimental results are reported for fault-injection testing on a client-server system. A generic set of faults is identified for use while testing broker-based systems
Adequacy assessment of tests for fault tolerance
No full textAs computer software is extended to areas requiring extreme dependability, there is a stronger need to validate its properties. This thesis proposes a method of validation that uses an interface-based injection scheme with failure modes and a 2-dimensional metric to assess the adequacy of the test sets and the system dependability. To assess a system using the 2-dimensional metric, a 2-phase testing scheme (2PTS) is formalized. The tester first strives for an adequate test set, then uses the test set to assess the system\u27s dependability. A tool named TAMER (a Testing, Analysis, and Measurement Environment for system Robustness) is developed to realize the proposed methodology
Enforcing safety in pervasive computing environments
No full textDevices controlled by embedded software applications are finding increasing use in a variety of environments such as hospitals, health-care units, aircrafts, automobiles, and homes. Such devices may allow remote access to their operations via an Intranet or an Internet. Current efforts in the area of pervasive computing focus on the integration of such “smart” devices into these environments with little or no human assistance. Such integration creates potential for unsafe situations due to the interactions of two or more devices in the environment. The statement of this thesis is that, under certain conditions, it is feasible to enforce safety in pervasive computing environments through the (a) automatic and dynamic synthesis of safety controllers and (b) dynamic enforcement of control actions that prevent the environment from moving to an unsafe state due to the interactions among devices. The novel notions of Connected Spaces and Digital Device Manuals for modeling pervasive computing environments and devices, respectively, are introduced. The safety requirements for the environment are specified as a set of safety policies. Procedures based on control-theoretic and algorithmic techniques are designed for the automatic and dynamic synthesis of centralized and decentralized safety controllers. A safety control protocol used by the controllers for the safety enforcement is introduced. An infrastructure that provides generic capabilities for the online monitoring and control of “smart” devices is designed and built. A safety enforcement mechanism consisting of the safety controllers is implemented using this infrastructure
Tools and techniques for testing-based software reliability estimation
No full textIn this dissertation we point out some fundamental problems with the time-domain models which use the notion of time between failures or the number of faults within a certain time duration, and present our coverage enhanced time-domain reliability models. The coverage enhanced models extend the existing time-domain models by using the notion of useless testing effort. A key feature of our model, unlike the existing models, is that it takes into account the structure of the software under development. This feature not only distinguishes our model from all the existing reliability models, but it is also the basis of our claim that structure-based reliability models are likely to provide more accurate reliability estimates than the existing time-domain models. We have developed a new tool, TRSE, to benchmark existing and new models. Its feature of displaying graphical results enables users to select a good model. The main difference between TRSE and other existing tools is that it provides a rich source of data for investigating effects of varying model parameters on reliability estimates and offers a means through which users can evaluate new models
Modeling the auditory pathway
No full textThere has been much work done to further the knowledge of disorders that affect the auditory pathway. However, current methods of inducing disorders in test animals is very limited. It cannot be done on a neuron by neuron basis, and problems might arise when generalizing results from test animals to humans. The purpose of this work is to address this lack of precision found in the research of the auditory pathway. This work begins to address a solution to this problem by starting to build a complete computational model of the auditory pathway using previously published models. Specifically, a phenomenological model for auditory neurons and a computational model for spherical bushy cells, that were developed independent of each other, were combined into one simulation. The hope of better understanding how disorders affect the auditory pathway is achieved by changing parameters within the models and comparing the outputs. Through experiments that vary parameters from their published values, failure points for parameters are established. Whether those failure points are indicate the useful range of the model or show the failure point of an actual neuron is not conclusive at this point. If it does represent the failure of a neuron, then that would be a useful boundary condition that treatments would need to overcome
Software testing using high-performance computers
No full textReliable software testing is a time consuming operation. In addition to the time spent by the tester in identifying, locating, and correcting bugs, a significant time is spent in the execution of the program under test and its instrumented or fault induced variants. When using mutation based testing to achieve high reliability, the number of such variants can be large. Providing a software testing tool that can efficiently exploit the architecture of a parallel machine implies providing more computing power to the software tester and hence an opportunity to improve the reliability of the product being developed. In this thesis, we consider the problem of utilizing high performance computers to improve the quality of software. We describe three approaches to the parallelization of mutant execution on three architectures: MIMD, Vector, and MIMD with vector processors. We describe the architecture of the P\sp{\rm M}othra system designed to provide the tester a transparent interface to parallel machines. A prototype, constructed by interfacing the Mothra system to an Ncube through a scheduler, was used to conduct the experiments reported in this dissertation. Analysis of algorithms developed and experimental results obtained on these three architecture are presented. Our results enable us to conclude that the MIMD machine, as typified by the Ncube, is superior to some other architectures for mutation based software testing
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Variations on the Author
Full text link“Variations on the Author” discusses two of Eduardo Coutinho’s recent films (Um Dia na Vida, from 2010, and Últimas Conversas, posthumously released in 2015) and their contribution to the general question of documentary authorship. The director’s filmography is characterized by a consistent yet self-effacing form of authorial self-inscription: Coutinho often features as an interviewer that rather than express opinions propels discourses; an interviewer that is good at listening. This mode of self-inscription characterizes him as an author who is not expressive but who is nonetheless markedly present on the screen. In Um Dia na Vida, however, Coutinho is completely absent form the image, while Últimas Conversas, on the contrary, includes a confessional prologue that moves the director from the margins to the center of his films. This article examines the ways in which these works stand out in the filmography of a director who offers new insights into the notion of cinematic authorship
- …
