Testing
Blog Posts
Redemption: A Prototype for Automated Repair of Static Analysis Alerts
This post introduces Redemption, an open source tool that uses automated code repair technology to repair static analysis alerts in C/C++ source code.
• By David Svoboda
In Cybersecurity Engineering
Six Best Practices for Developer Testing
Code coverage represents the percent of certain elements of a software item that have been exercised during its testing....
• By Robert V. Binder
Don't Play Developer Testing Roulette: How to Use Test Coverage
Suppose someone asked you to play Russian Roulette. Although your odds of surviving are 5 to 1 (83 percent), it is hard to imagine how anyone would take that risk....
• By Robert V. Binder
Testing Concurrent Systems: Concurrency Defects, Testing Techniques, and Recommendations
Concurrency, which exists whenever multiple entities execute simultaneously, is a ubiquitous and an unavoidable fact of life in systems and software engineering....
• By Donald Firesmith
In Cybersecurity Engineering
Enabling Shift-Left Testing from Small Teams to Large Systems
Shift left is a familiar exhortation to teams and organizations engaged in Agile and Lean software development. It most commonly refers to incorporating test practices....
• By Nanette Brown
In Agile
Decision-Making Factors for Selecting Application Security Testing Tools
In the first post in this series, I presented 10 types of application security testing (AST) tools and discussed when and how to use them....
• By Tom Scanlon
In Secure Development
10 Types of Application Security Testing Tools: When and How to Use Them
This blog post categorizes different types of application security testing tools and provides guidance on how and when to use each class of tool.
• By Tom Scanlon
In CERT/CC Vulnerabilities
Seven Recommendations for Testing in a Non-Deterministic World
This blog posting describes a number of measures that have proved useful when testing non-deterministic systems.
• By Donald Firesmith
The Challenges of Testing in a Non-Deterministic World
This SEI Blog post discusses the challenges of testing in a non-deterministic world, where system behavior may vary even with identical inputs.
• By Donald Firesmith
The Top 10 Blog Posts of 2015: Technical Debt, DevOps, Graph Analytics, Secure Coding, and Testing
This blog post highlights the top 10 posts published in 2015. As we did with our mid-year review, we will include links to additional related resources that readers might find …