Prioritizing security regression test cases using threat models

Date

2016-12

Authors

Longoria, Jason Andrew

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

When existing software is modified, regression testing provides an approach to gain confidence that no unexpected security vulnerabilities have been introduced. If faults or vulnerabilities were introduced by the change, it is beneficial to identify them as soon as possible. Prioritizing regression test cases by their risk exposure improves the likelihood that faults will be found early. This paper reviews regression test case prioritization methods and provides an example prioritization of security regression test cases based on a threat model.

Description

LCSH Subject Headings

Citation