Joint NIST/SBA Workshop on Combinatorial Security Testing

Welcome to the webpage of the first joint workshop between NIST and SBA Research on combinatorial security testing. The workshop was held at Vienna on April 10, 2015.

Combinatorial testing is a powerful testing methodology originating from discrete mathematics which ensures automation, reduction of test suite sizes and revelation of software or hardware faults that depend on a few parameters of the system under test.

The ACTS/NIST team is one of the leading research groups world-wide on combinatorial testing and pioneers in deploying it to various application domains ranging from aerospace firms and organizations (e.g. Lockheed Martin, NASA) to medical devices and distributed servers.

The Combinatorial Security Testing team of SBA Research aims on extending combinatorial testing from classical software testing to all application layers of Information Security. So far, the team has gained significant experience and recognition by successfully applying combinatorial testing methodologies to complex web applications and operating system kernels.

Organizer

Dr. Dimitris E. Simos, SBA Research

Invited Speakers

Dr. Raghu Kacker, Applied and Computational Mathematics Division, National Institute of Standards & Technology

Prof. Jeff Lei, Department of Computer Science and Engineering, The University of Texas at Arlington

Scope and Outcome

The scope of the workshop was to facilitate the cooperation between the Combinatorial Security Testing team of SBA Research and the ACTS project team of US NIST on research fields of mutual interest.

The workshop was highly successful as it established a common vision for combinatorial security testing in the following years and its results will be made available to the public soon.

Program of the Workshop and Slides of the Presentations:

Speaker Title
10:00 - 10:15 Mag. Markus Klemen
Managing Director
SBA Research
SBA Research Overview [ slides ]
10:15 - 10:30 Dr. Raghu Kacker
PI of ACTS project
ITL/NIST
Introduction to Advanced Combinatorial Testing System [ slides ]
10:30 - 10:45 Prof. Jeff Lei
PI of ACTS project
University of Texas at Arlington
Demonstration of ACTS/IPOG
10:45 - 11:00 Dr. Dimitris E. Simos
Key Researcher
SBA Research
Combinatorial Testing at SBA Research [ slides ]
11:00 - 11:15
Coffee break
11:15 - 12:00 Prof. Jeff Lei
PI of ACTS project
University of Texas at Arlington
A Combinatorial Approach to Conformance Testing of Personal Healthcare Devices [ slides ]
12:00 - 12:20 Bernhard Garn, BSc.
Junior Researcher
SBA Research
Combinatorial XSS Attack Grammars [ slides ]
12:20 - 12:40 Peter Aufner, MSc.
Security Analyst
SBA Research
XSSInjector: A Tool for Security Testing of XSS Vulnerabilities [ slides ]
12:40 - 13:00 Martin Graf, MSc.
Developer
SBA Research
ERIS II: An Experience Report for Large-scale Kernel Testing [ slides ]
13:00 - 13:15 Dr. Dimitris E. Simos
Key Researcher
SBA Research
A Roadmap to Combinatorial Security Testing [ slides ]
13:15 - 14:30
Lunch