Testing
Blog Posts
Redemption: A Prototype for Automated Repair of Static Analysis Alerts
This post introduces Redemption, an open source tool that uses automated code repair technology to repair static analysis alerts in C/C++ source code.
• By David Svoboda
In Cybersecurity Engineering
![David Svoboda](/media/images/thumb_big_d-svoboda_blog_author.max-180x180.format-webp.webp)
Six Best Practices for Developer Testing
Code coverage represents the percent of certain elements of a software item that have been exercised during its testing....
• By Robert V. Binder
![Bob Binder](/media/images/thumb_big_b-binder_blog_authors.max-180x180.format-webp.webp)
Don't Play Developer Testing Roulette: How to Use Test Coverage
Suppose someone asked you to play Russian Roulette. Although your odds of surviving are 5 to 1 (83 percent), it is hard to imagine how anyone would take that risk....
• By Robert V. Binder
![Bob Binder](/media/images/thumb_big_b-binder_blog_authors.max-180x180.format-webp.webp)
Testing Concurrent Systems: Concurrency Defects, Testing Techniques, and Recommendations
Concurrency, which exists whenever multiple entities execute simultaneously, is a ubiquitous and an unavoidable fact of life in systems and software engineering....
• By Donald Firesmith
In Cybersecurity Engineering
![Headshot of Donald Firesmith](/media/images/thumb_big_d-firesmith_blog_auth.max-180x180.format-webp.webp)
Enabling Shift-Left Testing from Small Teams to Large Systems
Shift left is a familiar exhortation to teams and organizations engaged in Agile and Lean software development. It most commonly refers to incorporating test practices....
• By Nanette Brown
In Agile
![Nanette Brown](/media/images/thumb_big_n-brown_blog_authors_.max-180x180.format-webp.webp)
Decision-Making Factors for Selecting Application Security Testing Tools
In the first post in this series, I presented 10 types of application security testing (AST) tools and discussed when and how to use them....
• By Tom Scanlon
In Secure Development
![Thomas Scanlon](/media/images/thumb_big_t-scanlon_blog_author.max-180x180.format-webp.webp)
10 Types of Application Security Testing Tools: When and How to Use Them
This blog post categorizes different types of application security testing tools and provides guidance on how and when to use each class of tool.
• By Tom Scanlon
In CERT/CC Vulnerabilities
![Thomas Scanlon](/media/images/thumb_big_t-scanlon_blog_author.max-180x180.format-webp.webp)
Seven Recommendations for Testing in a Non-Deterministic World
This blog posting describes a number of measures that have proved useful when testing non-deterministic systems.
• By Donald Firesmith
![Headshot of Donald Firesmith](/media/images/thumb_big_d-firesmith_blog_auth.max-180x180.format-webp.webp)
The Challenges of Testing in a Non-Deterministic World
This SEI Blog post discusses the challenges of testing in a non-deterministic world, where system behavior may vary even with identical inputs.
• By Donald Firesmith
![Headshot of Donald Firesmith](/media/images/thumb_big_d-firesmith_blog_auth.max-180x180.format-webp.webp)
The Top 10 Blog Posts of 2015: Technical Debt, DevOps, Graph Analytics, Secure Coding, and Testing
This blog post highlights the top 10 posts published in 2015. As we did with our mid-year review, we will include links to additional related resources that readers might find …
• By Douglas Schmidt (Vanderbilt University)
![Douglas C. Schmidt](/media/images/thumb_big_d-schmidt_blog_author.max-180x180.format-webp.webp)