Research On Software Security Testing Based On The Fault Injection

Software security testing has become an important issue. The purpose of this paper is how to test software effectively in order to improve software security. This paper first analyses and compares the existing research works.Software security testing is a research focus in research institutions and universities. It is more flexible and its development costs are relatively lower than hardware. There are both static methods of scanning the source code and dynamic testing methods of tracking the running program with a large number of such specialized testing tools.Among them, the fault injection technique is a relatively specific method with high flexibility. It can develop special hardware-assisted device to carry out the fault injection testing, also use software method for the purpose. The fault injection technique can be used for software fault tolerance, reliability, security testing. It could be implemented in both static and dynamic ways. Software fault injection testing technology has obtained considerable advances, but there are some problems needed improving further, e.g. the exact fault simulation, inject fault effectively, the versatility and portability issues.This paper firstly discusses several key issues during the testing procedure: the fault model, fault test case generation, fault injection methods and test results analysis. Then,we put forward two schemes from a different focus to resolve above problems. The first scenario mainly focuses on the way of fault injection test cases and how to decide about the test result data. We generate the fault injection test cases with the operational profile in order to emulate runtime abnormal events, modify runtime target system states to induce the fault, develop software security requirement specification as the metric for the test result data. This scenario has no use for the application source code and is independent of software development procedure, so it can emulate the vulnerability exploit more exactly. In the second scenario, we combine the static source code scanner tool and the dynamic fault injection tool, inject faults at interfaces of the application and its environment. In order to bring down the complexity of fault injection test tool, we compare the test result data with the states from the golden run. Additionally, we configure the environment of fault injection test tools in the virtual machine, which improves the robust and flexibility of the tool. To the last, we test the two approaches with two FPT server applications, which demonstrate the effectivity of our approaches.