This post introduces Redemption, an open source tool that uses automated code repair technology to repair static analysis alerts in C/C++ source code.

June 10, 2024 • By David Svoboda

In Cybersecurity Engineering

Code coverage represents the percent of certain elements of a software item that have been exercised during its testing....

November 11, 2019 • By Robert V. Binder

Suppose someone asked you to play Russian Roulette. Although your odds of surviving are 5 to 1 (83 percent), it is hard to imagine how anyone would take that risk....

October 14, 2019 • By Robert V. Binder

Concurrency, which exists whenever multiple entities execute simultaneously, is a ubiquitous and an unavoidable fact of life in systems and software engineering....

June 23, 2019 • By Donald Firesmith

In Cybersecurity Engineering

Shift left is a familiar exhortation to teams and organizations engaged in Agile and Lean software development. It most commonly refers to incorporating test practices....

March 17, 2019 • By Nanette Brown

In Agile

In the first post in this series, I presented 10 types of application security testing (AST) tools and discussed when and how to use them....

August 19, 2018 • By Tom Scanlon

In Secure Development

This blog post categorizes different types of application security testing tools and provides guidance on how and when to use each class of tool.

July 8, 2018 • By Tom Scanlon

In CERT/CC Vulnerabilities

This blog posting describes a number of measures that have proved useful when testing non-deterministic systems.

April 23, 2017 • By Donald Firesmith

This SEI Blog post discusses the challenges of testing in a non-deterministic world, where system behavior may vary even with identical inputs.

January 8, 2017 • By Donald Firesmith

This blog post highlights the top 10 posts published in 2015. As we did with our mid-year review, we will include links to additional related resources that readers might find …

January 4, 2016 • By Douglas Schmidt (Vanderbilt University)