US NIST announced updated for its Automated Combinatorial Testing for Software (ACTS) research toolkit that should allow developers easily spot software errors in complex
The ACTS toolkit allows development teams to check their products correctly respond to simultaneous inputs that could trigger security vulnerabilities.
The toolkit, developed by researchers from NIST along with the University of Texas at Arlington, Adobe, and SBA Research, the research center for information security in Austria, is particularly useful for testing large and complex systems with thousands of input variables.
The NIST announced that the ACTS toolkit now includes an updated version of Combinatorial Coverage Measurement (CCM), a tool that should help improve safety as well as reduce software costs.
The improvements should help developers to improve the safety of their systems and to reduce development costs.
“Before we revised CCM, it was difficult to test software that handled thousands of variables thoroughly,” wrote NIST mathematician Raghu Kacker. “That limitation is a problem for complex modern software of the sort that is used in passenger airliners and nuclear power plants, because it’s not just highly configurable, it’s also life critical. People’s lives and health are depending on it.”
The early version of the NIST tools was able to handle software that had a few hundred input variables. Another tool developed by the SBA Research could be used to analyze software that has up to 2,000 input
“The two tools can be used in a complementary fashion: While the NIST software can measure the coverage of input combinations, the SBA algorithm can extend coverage to thousands of variables.” added
Even is the SBA Research algorithm was not yet integrated into the ACTS toolkit, the team plans to include it in the future. Waiting for the integration, NIST will make the algorithm available to any developer who requests it.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.