Analyze the Effectiveness of Security Requirements Testing or Security Tool Testing Using Path Coverage
Use McCabe IQ to determine whether all code of concern is being thoroughly tested by your security tests and security testing tools, using path-level code coverage analysis, the most stringent coverage analysis available.
Many types of security testing may be performed by your organization. This might include:
- functional and performance tests created from security requirements, or
- the use of tools such as sniffers, vulnerability scanners, fuzz testing tools, etc.
While those techniques are excellent, it is still possible that any of those techniques might have holes, due to their randomness or due to the complexity of your code. That is, those tests might not test your code as thoroughly as you would like.
We recommend that, after you create and execute those tests and analyze results, you also execute those same tests on executables built from McCabe IQ's source code instrumentation. Then perform code coverage analysis (focusing on code areas related to security) to determine whether the code that is indicated as NOT tested by those tests needs to be tested with additional security-related test cases. Your security testing techniques may be very good, but still leave some untested code branch outcomes and code paths that could contain vulnerabilities.
The code coverage level should be at least branch coverage; although basis path coverage or boolean/MCDC coverage (which are more thorough) are highly recommended for increased confidence of your security testing. This analysis technique could be used in conjunction with attack surface control flow impacts analysis, to further focus on areas of most concern.
- To schedule a live demonstration or to speak with us about your software security requirements, Contact Us Here.