Visible to the public Testing Software and Hardware Data Security Tools Using the Automata Theory and the Graph Theory

TitleTesting Software and Hardware Data Security Tools Using the Automata Theory and the Graph Theory
Publication TypeConference Paper
Year of Publication2020
AuthorsKanner, Tatiana M., Kanner, Andrey M.
Conference Name2020 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT)
Date PublishedMay 2020
ISBN Number978-1-7281-3165-8
Keywordsaccess control subsystem, Chinese Postman Problem, completeness and optimality of testing, composability, control theory, directed graphs, Eulerian path, finite deterministic automaton, pubcrawl, resilience, Resiliency, security, software and hardware data security tools
AbstractThe article focuses on the application of existing provisions of the automata and graph theories to solving the problem of testing software and hardware data security tools (DST). The software and hardware DST, unlike software ones, include hardware components that implement key security functions, while preventing from using a number of testing methods and tools. In addition to the possibility of applying a particular known testing method or tool to software and hardware DST, what remains acute is the problem of ensuring completeness and optimality of such testing. The developers of various DST do not often have a clear understanding of when they can stop testing and whether the test results allow them to talk about its completeness. Accordingly, testing of DST is often spontaneous, and the developer does not understand whether all the security functions have been tested, whether all the states and all possible sets of parameters have been tested, and whether testing is being carried out in the optimal way. To eliminate these shortcomings, the authors of the article propose to use a mathematical approach based on the theories of automata and graphs to solve the problem of testing software and hardware DST, which can be also used for other software and hardware, as well as software tools and systems. Applying this approach in practice, it is possible to confirm or reject the possibility of ensuring completeness of testing a specific data security tool, as well as identifying specific measures to ensure completeness and optimality of testing.
Citation Keykanner_testing_2020