Sign In

Communications of the ACM

ACM TechNews

Boosting Software Security For a Connected World

View as: Print Mobile App Share:
Software security.

A new software security testing paradigm already has helped several European enterprises bring new products and services to market.


European researchers working on the DIAMONDS project have developed a software security testing paradigm that helped several European small- and medium-sized enterprises bring new products and services into the market.

The project brought together 22 industrial and scientific partners from six countries to develop a security testing methodology, and successfully demonstrated and evaluated it in eight industrial settings.

The methodology integrates security risk assessment and security testing over the entire software lifecycle, encompassing early testing, risk assessment, and automatic testing and monitoring. The systematic integration means risk assessment improves testing procedures, while testing systematically improves risk assessments.

The researchers note the DIAMONDS methodology continues to deliver results years after it ended because it is a unique enabling technology for testing the security of critical software systems. "Overall, DIAMONDS enabled five new products, three new services, and 10 product updates," says Fraunhofer FOKUS institute researcher Ina Schieferdecker.

In addition, the project has created new partnerships, enlarged their skills base, added new features to their flagship software tools, and directly led to their involvement in more European projects.

"Software security is not a problem with a single fix--it's too complex a field," Schieferdecker says. "Instead, we developed a new paradigm, known as model-based security testing, along with a diverse array of test automation methods."

View Full Article


Abstracts Copyright © 2016 Information Inc., Bethesda, Maryland, USA


No entries found