From securityweek.com
The U.S. National Institute of Standards and Technology (NIST) this week announced that updates to its Automated Combinatorial Testing for Software (ACTS) research toolkit should help developers of complex safety-critical applications find potentially dangerous errors and make their software safer.
ACTS is designed to help developers ensure that their products are safe from simultaneous input combinations that could trigger a dangerous error. A software error can have serious consequences in the case of safety-critical applications, such as the ones present in cars, aircraft and nuclear power plants.
The problem is that it’s difficult to conduct thorough testing in the case of very large systems. However, researchers from NIST — in collaboration with the University of Texas at Arlington, Adobe, and SBA Research, the research center for information security in Austria — have found a way to properly test even software that has thousands of input variables.
Their findings have been implemented in the ACTS toolset through an updated version of the Combinatorial Coverage Measurement (CCM) tool. The improvements should help developers not only improve safety, but also reduce development costs. Ensuring that safety-critical software is reliable can cost 7-20 times more than in the case of conventional software, NIST said.