Selection of regression system tests for security policy evolution

Jee Hyun Hwang; Tao Xie; Donia El Kateb; Tejeddine Mouelhi; Yves Le Traon

doi:10.1145/2351676.2351719

Selection of regression system tests for security policy evolution

Jee Hyun Hwang, Tao Xie, Donia El Kateb, Tejeddine Mouelhi, Yves Le Traon

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

As security requirements of software often change, developers may modify security policies such as access control policies (policies in short) according to evolving requirements. To increase confidence that the modification of policies is correct, developers conduct regression testing. However, rerunning all of existing system test cases could be costly and time-consuming. To address this issue, we develop a regression-test-selection approach, which selects every system test case that may reveal regression faults caused by policy changes. Our evaluation results show that our test-selection approach reduces a substantial number of system test cases efficiently.

Original language	English (US)
Title of host publication	2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Proceedings
Pages	266-269
Number of pages	4
DOIs	https://doi.org/10.1145/2351676.2351719
State	Published - 2012
Externally published	Yes
Event	2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Essen, Germany Duration: Sep 3 2012 → Sep 7 2012

Publication series

Name	2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Proceedings

Other

Other	2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012
Country/Territory	Germany
City	Essen
Period	9/3/12 → 9/7/12

Keywords

Regression testing
Security policy
Test selection

ASJC Scopus subject areas

Software

Online availability

10.1145/2351676.2351719

Library availability

Discover UIUC Full Text

Cite this

Hwang, J. H., Xie, T., El Kateb, D., Mouelhi, T., & Le Traon, Y. (2012). Selection of regression system tests for security policy evolution. In 2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Proceedings (pp. 266-269). (2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Proceedings). https://doi.org/10.1145/2351676.2351719

Selection of regression system tests for security policy evolution. / Hwang, Jee Hyun; Xie, Tao; El Kateb, Donia et al.
2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Proceedings. 2012. p. 266-269 (2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Hwang, JH, Xie, T, El Kateb, D, Mouelhi, T & Le Traon, Y 2012, Selection of regression system tests for security policy evolution. in 2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Proceedings. 2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Proceedings, pp. 266-269, 2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012, Essen, Germany, 9/3/12. https://doi.org/10.1145/2351676.2351719

Hwang JH, Xie T, El Kateb D, Mouelhi T, Le Traon Y. Selection of regression system tests for security policy evolution. In 2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Proceedings. 2012. p. 266-269. (2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Proceedings). doi: 10.1145/2351676.2351719

@inproceedings{93d381c44b19499c8dc6e2000c9e26d5,

title = "Selection of regression system tests for security policy evolution",

abstract = "As security requirements of software often change, developers may modify security policies such as access control policies (policies in short) according to evolving requirements. To increase confidence that the modification of policies is correct, developers conduct regression testing. However, rerunning all of existing system test cases could be costly and time-consuming. To address this issue, we develop a regression-test-selection approach, which selects every system test case that may reveal regression faults caused by policy changes. Our evaluation results show that our test-selection approach reduces a substantial number of system test cases efficiently.",

keywords = "Regression testing, Security policy, Test selection",

author = "Hwang, {Jee Hyun} and Tao Xie and {El Kateb}, Donia and Tejeddine Mouelhi and {Le Traon}, Yves",

year = "2012",

doi = "10.1145/2351676.2351719",

language = "English (US)",

isbn = "9781450312042",

series = "2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Proceedings",

pages = "266--269",

booktitle = "2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Proceedings",

note = "2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 ; Conference date: 03-09-2012 Through 07-09-2012",

}

TY - GEN

T1 - Selection of regression system tests for security policy evolution

AU - Hwang, Jee Hyun

AU - Xie, Tao

AU - El Kateb, Donia

AU - Mouelhi, Tejeddine

AU - Le Traon, Yves

PY - 2012

Y1 - 2012

N2 - As security requirements of software often change, developers may modify security policies such as access control policies (policies in short) according to evolving requirements. To increase confidence that the modification of policies is correct, developers conduct regression testing. However, rerunning all of existing system test cases could be costly and time-consuming. To address this issue, we develop a regression-test-selection approach, which selects every system test case that may reveal regression faults caused by policy changes. Our evaluation results show that our test-selection approach reduces a substantial number of system test cases efficiently.

AB - As security requirements of software often change, developers may modify security policies such as access control policies (policies in short) according to evolving requirements. To increase confidence that the modification of policies is correct, developers conduct regression testing. However, rerunning all of existing system test cases could be costly and time-consuming. To address this issue, we develop a regression-test-selection approach, which selects every system test case that may reveal regression faults caused by policy changes. Our evaluation results show that our test-selection approach reduces a substantial number of system test cases efficiently.

KW - Regression testing

KW - Security policy

KW - Test selection

UR - http://www.scopus.com/inward/record.url?scp=84866907183&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84866907183&partnerID=8YFLogxK

U2 - 10.1145/2351676.2351719

DO - 10.1145/2351676.2351719

M3 - Conference contribution

AN - SCOPUS:84866907183

SN - 9781450312042

T3 - 2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Proceedings

SP - 266

EP - 269

BT - 2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012 - Proceedings

T2 - 2012 27th IEEE/ACM International Conference on Automated Software Engineering, ASE 2012

Y2 - 3 September 2012 through 7 September 2012

ER -

Selection of regression system tests for security policy evolution

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this