• Journal of the Korea Society of Computer and Information
• /
• v.9 no.1
• /
• pp.17-23
• /
• 2004

Testing tools help software developers and test engineers to automate a part or the whole of test process and reduce the time and cost of software test. However. no automatic tools meet a variety of test requirements with various domains In this paper, we suggest a categorical taxonomy of automatic testing tools and analyze numerous commercial testing tools on its basis. Then we propose a development roadmap of software automatic testing tools. As a result of those analysis. we try to understand the complementary relations of the testing tools and seek for the direction of further development of the testing tools.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.3 s.35
• /
• pp.89-99
• /
• 2005

The testing time and cost of developed software can be reduced by automation of the whole or part of testing process. Since the testing automation tools to be used currently have been developed without their interoperability, test case information such as test procedures, test data, and expectation of test results generated at the stage of test execution cannot be shared and reused in other testing automation tools, In order to reduce testing time and cost, in this thesis, we have proposed a software testing automation framework which makes it possible to share and reuse the test case information generated in testing process. To prove the availability and effectiveness of proposed testing automation framework, three testing automation tools that are available in current market were experimented by the test scenario. As a result of experiment, the testing time and cost could be reduced by sharing and reusing the test case information in software testing automation framework.

• Journal of the Korean Society of Industry Convergence
• /
• v.20 no.4
• /
• pp.265-273
• /
• 2017

Major industries in Gyeongnam area include robot and automobile manufacturing, shipbuilding, and aviation. According to the research, the mechanical part of the products has been advanced, but awareness over the improvement of quality of the software still lacks. The quality performance test presently conducted by the companies in Gyeongnam is mostly the manual performance test performed by the program manager. In order to systematize this and extend the range of using software testing tools, the current study intends to suggest the necessity for conducting a survey on demand to improve performance and securing testing tools such as measured data analysis. Accordingly, this study is going to investigate 33 companies in Gyeongnam related with software in each of the major business areas centering around the actual field and examine activities related to software quality. And after figuring out the current status of retaining testing tools, the study will suggest the ways to enhance recognition over software quality and propose ultimate solutions to solve the problems on the current stage by finding out how to share information as much as possible in order to lay the foundation for extending the range of activity for the sake of software quality.

• IE interfaces
• /
• v.25 no.4
• /
• pp.416-421
• /
• 2012

One of the activities to improve software quality in ISO 26262 is to apply the design principles for software unit design and implementation mentioned in ISO 26262-6, including the evaluation activity. Before evaluation activity, the tool is compared and selected for evaluation. Because the results of the tool a company selected might have an effect on product quality. In this paper, we suggest the method to compare industrial static analysis tools with some of "MISRA C : 2004 Exemplar Suite" and all lessons learned from comparing tools are described. The result on comparison shows that we just couldn't rely on a result of Static Analysis Tool and need to have another appropriate processes and guidelines to evaluate a software.

• Journal of Software Assessment and Valuation
• /
• v.17 no.2
• /
• pp.125-142
• /
• 2021

Reports of rampant cross-site scripting (XSS) vulnerabilities raise growing concerns on the effectiveness of current Static Analysis Security Testing (SAST) tools as an internet security device. Attentive to these concerns, this study aims to examine seven open-source SAST tools in order to account for their capabilities in detecting XSS vulnerabilities in PHP applications and to determine their performance in terms of effectiveness and analysis runtime. The representative tools - categorized as either text-based or graph-based analysis tools - were all test-run using real-world PHP applications with known XSS vulnerabilities. The collected vulnerability detection reports of each tool were analyzed with the aid of PhpStorm's data flow analyzer. It is observed that the detection rates of the tools calculated from the total vulnerabilities in the applications can be as high as 0.968 and as low as 0.006. Furthermore, the tools took an average of less than a minute to complete an analysis. Notably, their runtime is independent of their analysis type.

• International Journal of Contents
• /
• v.13 no.1
• /
• pp.38-44
• /
• 2017

Increased use of software and complexity of software functions, as well as shortened software quality evaluation periods, have increased the importance and necessity for automation of software testing. Automating software testing by using machine learning not only minimizes errors in manual testing, but also allows a speedier evaluation. Research on machine learning in automated software testing has so far focused on solving special problems with algorithms, leading to difficulties for the software developers and testers, in applying machine learning to software testing automation. This paper, proposes a new machine learning framework for software testing automation through related studies. To maximize the performance of software testing, we analyzed and categorized the machine learning algorithms applicable to each software test phase, including the diverse data that can be used in the algorithms. We believe that our framework allows software developers or testers to choose a machine learning algorithm suitable for their purpose.

• International Journal of Computer Science & Network Security
• /
• v.23 no.6
• /
• pp.169-175
• /
• 2023

Ethical hackers are using different tools and techniques to encounter malicious cyber-attacks generated by bad hackers. During the software development process, development teams typically bypass or ignore the security parameters of the software. Whereas, with the advent of online web-based software, security is an essential part of the software development process for implementing secure software. Security features cannot be added as additional at the end of the software deployment process, but they need to be paid attention throughout the SDLC. In that view, this paper presents a new, Ethical Hacking - Software Development Life Cycle (EH-SDLC) introducing ethical hacking processes and phases to be followed during the SDLC. Adopting these techniques in SDLC ensures that consumers find the end-product safe, secure and stable. Having a team of penetration testers as part of the SDLC process will help you avoid incurring unnecessary costs that come up after the data breach. This research work aims to discuss different operating systems and tools in order to facilitate the secure execution of the penetration tests during SDLC. Thus, it helps to improve the confidentiality, integrity, and availability of the software products.

• The KIPS Transactions:PartD
• /
• v.17D no.6
• /
• pp.423-430
• /
• 2010

As software becomes large-scale and complicated, the need for Quality Assurance and management is increased and software testing is becoming more important. The main aims of software testing are not only detecting and handling the defects in the system but also investigating and managing the present system. But automatic testing tools require lots of time and efforts to detect and manage the risk in the system because test-cases used in the general automatic testing tools have the simply static information. In this thesis, the dynamic management technique for weighted testcases is designed to test the high-risk testcases preferentially by giving the testcases dynamic weight.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.8
• /
• pp.1987-1994
• /
• 1997

ATM switching software should be required high reliability, functionality, extendability and maintainability. After development of the software, it is verified and tested by analyzer whether the software is accomplished the characteristics of it or not. There are so many CASE tools in other area, but the CHILL testing tools that can verify ATM softwares have not various functions are not many. In this paper we develop the testing tool which can evaluate and test CHILL programmed ATM software. This Tool supports testing reports, debugging informations and maintenance informations including parallel process about CHILL original programs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.51-59
• /
• 2007

Software testing is the process of analyzing a software item to detect the differences between existing and required conditions and to evaluate the features of the software item. A traditional testing focuses on proper functionality, not security testing. Fuzzing is a one of many software testing techniques and security testing. Fuzzing methodology has advantage that low-cost, efficiency and so on. But fuzzing has defects such as intervening experts. Also, if there is no specification, fuzzing is impossible. ROAD Tool is automated testing tool for RPC(Remote Procedure Call) based protocol and software without specification. Existing tools are semi-automated. Therefore we must modify these tools. In this paper, we design and implement ROAD tool. Also we verify utility in testing results.