The Research On Software Security Testing Based On Static Testing Method

As computer network developing, the security of software has been paid much attention to. More and more software has been attacked by computer virus or hackers because of its vulnerabilities and defects. Software testing is a necessary and important way to verify the correctness of the software. Firstly, this paper introduces current study of software testing and testing tools at home and abroad. Then this paper pointed out the disadvantage of traditional software testing methods.Secondly, this paper focused on the static testing analysis. This paper introduced the static testing method based on testing model, summarizes and classifies these models. Then this paper points out the advantage of this testing method, such as testing source code fast and peering into more of a program's dark corners with less fuss than dynamic analysis.Finally, this paper summarizes and classifies the security defects and vulnerabilities of C++ and Java programming language from the aspect of attacked reasons, and introduces the components and work flow of DTS_CPP software system. Then this paper focused on the whole testing process of three vulnerabilities, called buffer overflow, array out-of-box and race condition in C++ programming language.