Software security testing method

A technology of software security and testing methods, applied in software testing/debugging, platform integrity maintenance, etc., can solve the problems of limited applicability, limited scope of vulnerabilities, uneven detection result efficiency and accuracy, and improve applicability sexual effect

Inactive Publication Date: 2016-02-17
LANGCHAO ELECTRONIC INFORMATION IND CO LTD
View PDF3 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, software security testing in China basically uses basic scanning tools. The range of detectable vulnerabilities is limited, and the applicability of security rules in this industry is limited. The efficiency and accuracy of testing results are uneven.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software security testing method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0016] A software security testing method:

[0017] Define templates for software security rules, and create a library of software security rules to be tested based on the templates;

[0018] Import the software security rule base into the software security vulnerability scanning tool, conduct software security static testing, and form a preliminary software security vulnerability report;

[0019] According to the preliminary software security vulnerability report, the vulnerabilities are screened into obvious vulnerabilities and uncertain vulnerabilities. For uncertain vulnerabilities, test scenarios and test cases are designed according to the vulnerabilities, and stubs are inserted in the relevant codes for dynamic verification, dynamic execution of codes, and execution of test case sets , through the output of the inserted pile, to determine whether it is a true vulnerability.

[0020] According to the above method and content of the invention, the present invention will ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a software security testing method, which belongs to the field of software testing. According to the invention, through establishing a security rule template, creating a to-be-tested software security rule base based on the template, and importing a defined software security rule base into a software security flaw scanning tool to carry out software security static-testing, a preliminary software security flaw report is formed; and then the preliminary software security flaw report is tested by using the testing method with combination of a static method and a dynamic method. The method can improve the applicability and accuracy of software security testing.

Description

technical field [0001] The invention discloses a software safety testing method, which belongs to the field of software testing. Background technique [0002] Software security testing is a test to check whether the existing software security measures in the software are effective, and it is an important means to ensure system security. With the widening of software application fields and the occurrence of software accidents in important fields such as aviation, nuclear industry, medical treatment, etc., software security issues have been paid more and more attention. Software security testing can be divided into two aspects: security function testing and security vulnerability testing. Security function testing is to customize the security function requirements of the software in the software requirements analysis stage, clarify the security functions of the software, and test whether the relevant functions of the software are realized or not in the software acceptance sta...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36G06F21/57
Inventor 赵霞
Owner LANGCHAO ELECTRONIC INFORMATION IND CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products