Prioritizing security regression test cases using threat models

Thumbnail
View/Open
Date
2016-12
Author
Longoria, Jason Andrew
Metadata
Show full item record
Abstract
When existing software is modified, regression testing provides an approach to gain confidence that no unexpected security vulnerabilities have been introduced. If faults or vulnerabilities were introduced by the change, it is beneficial to identify them as soon as possible. Prioritizing regression test cases by their risk exposure improves the likelihood that faults will be found early. This paper reviews regression test case prioritization methods and provides an example prioritization of security regression test cases based on a threat model.
Department
Subject
URI
http://hdl.handle.net/2152/45631
Collections