Preprint Article Version 1 Preserved in Portico This version is not peer-reviewed

Maximizing test coverage for security threats Using Optimal Test Data Generation

Version 1 : Received: 4 May 2023 / Approved: 5 May 2023 / Online: 5 May 2023 (10:03:55 CEST)

A peer-reviewed article of this Preprint also exists.

Hussain, T.; Faiz, R.B.; Aljaidi, M.; Khattak, A.; Samara, G.; Alsarhan, A.; Alazaidah, R. Maximizing Test Coverage for Security Threats Using Optimal Test Data Generation. Appl. Sci. 2023, 13, 8252. Hussain, T.; Faiz, R.B.; Aljaidi, M.; Khattak, A.; Samara, G.; Alsarhan, A.; Alazaidah, R. Maximizing Test Coverage for Security Threats Using Optimal Test Data Generation. Appl. Sci. 2023, 13, 8252.

Abstract

As time continues to advance, the need for robust security threat mitigation has become increasingly vital in software. However, ensuring early effective security threat mitigation requires optimal test data and consistent test case design. It is a constant struggle to maximize test coverage through test data optimization. We conducted explanatory research to maximize test coverage of security requirements as modeled in Structured Misuse Case Description (SMCD) i.e., structured specification of misuse case, so as to improve consistency in optimal test data generation. We specified constraints upon Mal activity in Object Constraint Language (OCL) in order to minimize human dependency and improve consistency in optimal test data generation. It was evident through results that MC/DC generated optimal test data of security threats through SMCD in comparison to the Decision Coverage method thus resulting in designing a significantly lower number of test cases and yet maximizing test coverage of security threats. MC/DC generated test data with n+1, while Decision Coverage generated test data with〖 2〗^n, we, therefore, conclude that MC/DC maximizes test coverage through optimal test data from SMCD in comparison to Decision Coverage.

Keywords

Modified Condition/Decision Coverage; Decision Coverage; Test Coverage; Test Data; Object Constraint Language; Structured Misuse Case Description.

Subject

Computer Science and Mathematics, Software

Comments (0)

We encourage comments and feedback from a broad range of readers. See criteria for comments and our Diversity statement.

Leave a public comment
Send a private comment to the author(s)
* All users must log in before leaving a comment
Views 0
Downloads 0
Comments 0
Metrics 0


×
Alerts
Notify me about updates to this article or when a peer-reviewed version is published.
We use cookies on our website to ensure you get the best experience.
Read more about our cookies here.