A Fault Injection Model of Component Security Testing

The reliability and security of components block the development of component technology. Currently, component security testing is rarely researched as a special subject, and there are not some feasible approaches or technologies in detecting component security vulnerabilities. Problems with the component reliability and security have not yet been solved. The authors propose a FIM (fault injection model) of component security testing, and then specify some related definitions of FIM model and its matrix specification. A TGSM (test-cases generating based on solution matrix) algorithm of fault injection for component security is proposed based on FIM. The algorithm TGSM generates solution matrix that meets K factors coverage according to the matrix form of the FIM model. All rows data of the solution matrix compose the fault injection test-cases. The FIM model is implemented well based on research projects CSTS (component security testing system). Finally, the experimental results show that the approach which generates the fault injection test-cases of 3 factors coverage is effective. It can trigger the vast majority of the security exceptions by using the appropriate test-cases. FIM is effective and operable.