A systematic classification of security regression testing approaches
Abstract The openness of modern IT systems and their permanent change make it challenging to keep these systems secure. A combination of regression and security testing called security regression testing, which ensures that changes made to a system do not harm its security, are therefore of high sig...
Ausführliche Beschreibung
Gespeichert in:
| Autor*in: |
Felderer, Michael [verfasserIn] Fourneret, Elizabeta [verfasserIn] |
|---|
| Format: |
E-Artikel |
|---|---|
| Sprache: |
Englisch |
| Erschienen: |
2015 |
|---|
| Schlagwörter: |
|---|
| Übergeordnetes Werk: |
Enthalten in: International Journal on Software Tools for Technology Transfer - Springer-Verlag, 1997, 17(2015), 3 vom: 21. Jan., Seite 305-319 |
|---|---|
| Übergeordnetes Werk: |
volume:17 ; year:2015 ; number:3 ; day:21 ; month:01 ; pages:305-319 |
| Links: |
|---|
| DOI / URN: |
10.1007/s10009-015-0365-2 |
|---|
| Katalog-ID: |
SPR008006407 |
|---|
| LEADER | 01000caa a22002652 4500 | ||
|---|---|---|---|
| 001 | SPR008006407 | ||
| 003 | DE-627 | ||
| 005 | 20201124023052.0 | ||
| 007 | cr uuu---uuuuu | ||
| 008 | 201005s2015 xx |||||o 00| ||eng c | ||
| 024 | 7 | |a 10.1007/s10009-015-0365-2 |2 doi | |
| 035 | |a (DE-627)SPR008006407 | ||
| 035 | |a (SPR)s10009-015-0365-2-e | ||
| 040 | |a DE-627 |b ger |c DE-627 |e rakwb | ||
| 041 | |a eng | ||
| 100 | 1 | |a Felderer, Michael |e verfasserin |4 aut | |
| 245 | 1 | 2 | |a A systematic classification of security regression testing approaches |
| 264 | 1 | |c 2015 | |
| 336 | |a Text |b txt |2 rdacontent | ||
| 337 | |a Computermedien |b c |2 rdamedia | ||
| 338 | |a Online-Ressource |b cr |2 rdacarrier | ||
| 520 | |a Abstract The openness of modern IT systems and their permanent change make it challenging to keep these systems secure. A combination of regression and security testing called security regression testing, which ensures that changes made to a system do not harm its security, are therefore of high significance and the interest in such approaches has steadily increased. In this article we present a systematic classification of available security regression testing approaches based on a solid study of background and related work to sketch which parts of the research area seem to be well understood and evaluated, and which ones require further research. For this purpose we extract approaches relevant to security regression testing from computer science digital libraries based on a rigorous search and selection strategy. Then, we provide a classification of these according to security regression approach criteria: abstraction level, security issue, regression testing techniques, and tool support, as well as evaluation criteria, for instance evaluated system, maturity of the system, and evaluation measures. From the resulting classification we derive observations with regard to the abstraction level, regression testing techniques, tool support as well as evaluation, and finally identify several potential directions of future research. | ||
| 650 | 4 | |a Regression testing |7 (dpeaa)DE-He213 | |
| 650 | 4 | |a Security testing |7 (dpeaa)DE-He213 | |
| 650 | 4 | |a Security regression testing |7 (dpeaa)DE-He213 | |
| 650 | 4 | |a Software evolution |7 (dpeaa)DE-He213 | |
| 650 | 4 | |a Security engineering |7 (dpeaa)DE-He213 | |
| 650 | 4 | |a Software testing |7 (dpeaa)DE-He213 | |
| 650 | 4 | |a Classification |7 (dpeaa)DE-He213 | |
| 650 | 4 | |a Survey |7 (dpeaa)DE-He213 | |
| 700 | 1 | |a Fourneret, Elizabeta |e verfasserin |4 aut | |
| 773 | 0 | 8 | |i Enthalten in |t International Journal on Software Tools for Technology Transfer |d Springer-Verlag, 1997 |g 17(2015), 3 vom: 21. Jan., Seite 305-319 |w (DE-627)SPR008001103 |7 nnns |
| 773 | 1 | 8 | |g volume:17 |g year:2015 |g number:3 |g day:21 |g month:01 |g pages:305-319 |
| 856 | 4 | 0 | |u https://dx.doi.org/10.1007/s10009-015-0365-2 |z lizenzpflichtig |3 Volltext |
| 912 | |a GBV_USEFLAG_A | ||
| 912 | |a SYSFLAG_A | ||
| 912 | |a GBV_SPRINGER | ||
| 951 | |a AR | ||
| 952 | |d 17 |j 2015 |e 3 |b 21 |c 01 |h 305-319 | ||
| author_variant |
m f mf e f ef |
|---|---|
| matchkey_str |
felderermichaelfourneretelizabeta:2015----:sseaicasfctooscrtrgeso |
| hierarchy_sort_str |
2015 |
| publishDate |
2015 |
| allfields |
10.1007/s10009-015-0365-2 doi (DE-627)SPR008006407 (SPR)s10009-015-0365-2-e DE-627 ger DE-627 rakwb eng Felderer, Michael verfasserin aut A systematic classification of security regression testing approaches 2015 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Abstract The openness of modern IT systems and their permanent change make it challenging to keep these systems secure. A combination of regression and security testing called security regression testing, which ensures that changes made to a system do not harm its security, are therefore of high significance and the interest in such approaches has steadily increased. In this article we present a systematic classification of available security regression testing approaches based on a solid study of background and related work to sketch which parts of the research area seem to be well understood and evaluated, and which ones require further research. For this purpose we extract approaches relevant to security regression testing from computer science digital libraries based on a rigorous search and selection strategy. Then, we provide a classification of these according to security regression approach criteria: abstraction level, security issue, regression testing techniques, and tool support, as well as evaluation criteria, for instance evaluated system, maturity of the system, and evaluation measures. From the resulting classification we derive observations with regard to the abstraction level, regression testing techniques, tool support as well as evaluation, and finally identify several potential directions of future research. Regression testing (dpeaa)DE-He213 Security testing (dpeaa)DE-He213 Security regression testing (dpeaa)DE-He213 Software evolution (dpeaa)DE-He213 Security engineering (dpeaa)DE-He213 Software testing (dpeaa)DE-He213 Classification (dpeaa)DE-He213 Survey (dpeaa)DE-He213 Fourneret, Elizabeta verfasserin aut Enthalten in International Journal on Software Tools for Technology Transfer Springer-Verlag, 1997 17(2015), 3 vom: 21. Jan., Seite 305-319 (DE-627)SPR008001103 nnns volume:17 year:2015 number:3 day:21 month:01 pages:305-319 https://dx.doi.org/10.1007/s10009-015-0365-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_SPRINGER AR 17 2015 3 21 01 305-319 |
| spelling |
10.1007/s10009-015-0365-2 doi (DE-627)SPR008006407 (SPR)s10009-015-0365-2-e DE-627 ger DE-627 rakwb eng Felderer, Michael verfasserin aut A systematic classification of security regression testing approaches 2015 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Abstract The openness of modern IT systems and their permanent change make it challenging to keep these systems secure. A combination of regression and security testing called security regression testing, which ensures that changes made to a system do not harm its security, are therefore of high significance and the interest in such approaches has steadily increased. In this article we present a systematic classification of available security regression testing approaches based on a solid study of background and related work to sketch which parts of the research area seem to be well understood and evaluated, and which ones require further research. For this purpose we extract approaches relevant to security regression testing from computer science digital libraries based on a rigorous search and selection strategy. Then, we provide a classification of these according to security regression approach criteria: abstraction level, security issue, regression testing techniques, and tool support, as well as evaluation criteria, for instance evaluated system, maturity of the system, and evaluation measures. From the resulting classification we derive observations with regard to the abstraction level, regression testing techniques, tool support as well as evaluation, and finally identify several potential directions of future research. Regression testing (dpeaa)DE-He213 Security testing (dpeaa)DE-He213 Security regression testing (dpeaa)DE-He213 Software evolution (dpeaa)DE-He213 Security engineering (dpeaa)DE-He213 Software testing (dpeaa)DE-He213 Classification (dpeaa)DE-He213 Survey (dpeaa)DE-He213 Fourneret, Elizabeta verfasserin aut Enthalten in International Journal on Software Tools for Technology Transfer Springer-Verlag, 1997 17(2015), 3 vom: 21. Jan., Seite 305-319 (DE-627)SPR008001103 nnns volume:17 year:2015 number:3 day:21 month:01 pages:305-319 https://dx.doi.org/10.1007/s10009-015-0365-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_SPRINGER AR 17 2015 3 21 01 305-319 |
| allfields_unstemmed |
10.1007/s10009-015-0365-2 doi (DE-627)SPR008006407 (SPR)s10009-015-0365-2-e DE-627 ger DE-627 rakwb eng Felderer, Michael verfasserin aut A systematic classification of security regression testing approaches 2015 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Abstract The openness of modern IT systems and their permanent change make it challenging to keep these systems secure. A combination of regression and security testing called security regression testing, which ensures that changes made to a system do not harm its security, are therefore of high significance and the interest in such approaches has steadily increased. In this article we present a systematic classification of available security regression testing approaches based on a solid study of background and related work to sketch which parts of the research area seem to be well understood and evaluated, and which ones require further research. For this purpose we extract approaches relevant to security regression testing from computer science digital libraries based on a rigorous search and selection strategy. Then, we provide a classification of these according to security regression approach criteria: abstraction level, security issue, regression testing techniques, and tool support, as well as evaluation criteria, for instance evaluated system, maturity of the system, and evaluation measures. From the resulting classification we derive observations with regard to the abstraction level, regression testing techniques, tool support as well as evaluation, and finally identify several potential directions of future research. Regression testing (dpeaa)DE-He213 Security testing (dpeaa)DE-He213 Security regression testing (dpeaa)DE-He213 Software evolution (dpeaa)DE-He213 Security engineering (dpeaa)DE-He213 Software testing (dpeaa)DE-He213 Classification (dpeaa)DE-He213 Survey (dpeaa)DE-He213 Fourneret, Elizabeta verfasserin aut Enthalten in International Journal on Software Tools for Technology Transfer Springer-Verlag, 1997 17(2015), 3 vom: 21. Jan., Seite 305-319 (DE-627)SPR008001103 nnns volume:17 year:2015 number:3 day:21 month:01 pages:305-319 https://dx.doi.org/10.1007/s10009-015-0365-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_SPRINGER AR 17 2015 3 21 01 305-319 |
| allfieldsGer |
10.1007/s10009-015-0365-2 doi (DE-627)SPR008006407 (SPR)s10009-015-0365-2-e DE-627 ger DE-627 rakwb eng Felderer, Michael verfasserin aut A systematic classification of security regression testing approaches 2015 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Abstract The openness of modern IT systems and their permanent change make it challenging to keep these systems secure. A combination of regression and security testing called security regression testing, which ensures that changes made to a system do not harm its security, are therefore of high significance and the interest in such approaches has steadily increased. In this article we present a systematic classification of available security regression testing approaches based on a solid study of background and related work to sketch which parts of the research area seem to be well understood and evaluated, and which ones require further research. For this purpose we extract approaches relevant to security regression testing from computer science digital libraries based on a rigorous search and selection strategy. Then, we provide a classification of these according to security regression approach criteria: abstraction level, security issue, regression testing techniques, and tool support, as well as evaluation criteria, for instance evaluated system, maturity of the system, and evaluation measures. From the resulting classification we derive observations with regard to the abstraction level, regression testing techniques, tool support as well as evaluation, and finally identify several potential directions of future research. Regression testing (dpeaa)DE-He213 Security testing (dpeaa)DE-He213 Security regression testing (dpeaa)DE-He213 Software evolution (dpeaa)DE-He213 Security engineering (dpeaa)DE-He213 Software testing (dpeaa)DE-He213 Classification (dpeaa)DE-He213 Survey (dpeaa)DE-He213 Fourneret, Elizabeta verfasserin aut Enthalten in International Journal on Software Tools for Technology Transfer Springer-Verlag, 1997 17(2015), 3 vom: 21. Jan., Seite 305-319 (DE-627)SPR008001103 nnns volume:17 year:2015 number:3 day:21 month:01 pages:305-319 https://dx.doi.org/10.1007/s10009-015-0365-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_SPRINGER AR 17 2015 3 21 01 305-319 |
| allfieldsSound |
10.1007/s10009-015-0365-2 doi (DE-627)SPR008006407 (SPR)s10009-015-0365-2-e DE-627 ger DE-627 rakwb eng Felderer, Michael verfasserin aut A systematic classification of security regression testing approaches 2015 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Abstract The openness of modern IT systems and their permanent change make it challenging to keep these systems secure. A combination of regression and security testing called security regression testing, which ensures that changes made to a system do not harm its security, are therefore of high significance and the interest in such approaches has steadily increased. In this article we present a systematic classification of available security regression testing approaches based on a solid study of background and related work to sketch which parts of the research area seem to be well understood and evaluated, and which ones require further research. For this purpose we extract approaches relevant to security regression testing from computer science digital libraries based on a rigorous search and selection strategy. Then, we provide a classification of these according to security regression approach criteria: abstraction level, security issue, regression testing techniques, and tool support, as well as evaluation criteria, for instance evaluated system, maturity of the system, and evaluation measures. From the resulting classification we derive observations with regard to the abstraction level, regression testing techniques, tool support as well as evaluation, and finally identify several potential directions of future research. Regression testing (dpeaa)DE-He213 Security testing (dpeaa)DE-He213 Security regression testing (dpeaa)DE-He213 Software evolution (dpeaa)DE-He213 Security engineering (dpeaa)DE-He213 Software testing (dpeaa)DE-He213 Classification (dpeaa)DE-He213 Survey (dpeaa)DE-He213 Fourneret, Elizabeta verfasserin aut Enthalten in International Journal on Software Tools for Technology Transfer Springer-Verlag, 1997 17(2015), 3 vom: 21. Jan., Seite 305-319 (DE-627)SPR008001103 nnns volume:17 year:2015 number:3 day:21 month:01 pages:305-319 https://dx.doi.org/10.1007/s10009-015-0365-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_SPRINGER AR 17 2015 3 21 01 305-319 |
| language |
English |
| source |
Enthalten in International Journal on Software Tools for Technology Transfer 17(2015), 3 vom: 21. Jan., Seite 305-319 volume:17 year:2015 number:3 day:21 month:01 pages:305-319 |
| sourceStr |
Enthalten in International Journal on Software Tools for Technology Transfer 17(2015), 3 vom: 21. Jan., Seite 305-319 volume:17 year:2015 number:3 day:21 month:01 pages:305-319 |
| format_phy_str_mv |
Article |
| institution |
findex.gbv.de |
| topic_facet |
Regression testing Security testing Security regression testing Software evolution Security engineering Software testing Classification Survey |
| isfreeaccess_bool |
false |
| container_title |
International Journal on Software Tools for Technology Transfer |
| authorswithroles_txt_mv |
Felderer, Michael @@aut@@ Fourneret, Elizabeta @@aut@@ |
| publishDateDaySort_date |
2015-01-21T00:00:00Z |
| hierarchy_top_id |
SPR008001103 |
| id |
SPR008006407 |
| language_de |
englisch |
| fullrecord |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a22002652 4500</leader><controlfield tag="001">SPR008006407</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20201124023052.0</controlfield><controlfield tag="007">cr uuu---uuuuu</controlfield><controlfield tag="008">201005s2015 xx |||||o 00| ||eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1007/s10009-015-0365-2</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)SPR008006407</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(SPR)s10009-015-0365-2-e</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Felderer, Michael</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="2"><subfield code="a">A systematic classification of security regression testing approaches</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2015</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">Computermedien</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Online-Ressource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Abstract The openness of modern IT systems and their permanent change make it challenging to keep these systems secure. A combination of regression and security testing called security regression testing, which ensures that changes made to a system do not harm its security, are therefore of high significance and the interest in such approaches has steadily increased. In this article we present a systematic classification of available security regression testing approaches based on a solid study of background and related work to sketch which parts of the research area seem to be well understood and evaluated, and which ones require further research. For this purpose we extract approaches relevant to security regression testing from computer science digital libraries based on a rigorous search and selection strategy. Then, we provide a classification of these according to security regression approach criteria: abstraction level, security issue, regression testing techniques, and tool support, as well as evaluation criteria, for instance evaluated system, maturity of the system, and evaluation measures. From the resulting classification we derive observations with regard to the abstraction level, regression testing techniques, tool support as well as evaluation, and finally identify several potential directions of future research.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Regression testing</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Security testing</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Security regression testing</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Software evolution</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Security engineering</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Software testing</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Classification</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Survey</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Fourneret, Elizabeta</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">International Journal on Software Tools for Technology Transfer</subfield><subfield code="d">Springer-Verlag, 1997</subfield><subfield code="g">17(2015), 3 vom: 21. Jan., Seite 305-319</subfield><subfield code="w">(DE-627)SPR008001103</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:17</subfield><subfield code="g">year:2015</subfield><subfield code="g">number:3</subfield><subfield code="g">day:21</subfield><subfield code="g">month:01</subfield><subfield code="g">pages:305-319</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://dx.doi.org/10.1007/s10009-015-0365-2</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_SPRINGER</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">17</subfield><subfield code="j">2015</subfield><subfield code="e">3</subfield><subfield code="b">21</subfield><subfield code="c">01</subfield><subfield code="h">305-319</subfield></datafield></record></collection>
|
| author |
Felderer, Michael |
| spellingShingle |
Felderer, Michael misc Regression testing misc Security testing misc Security regression testing misc Software evolution misc Security engineering misc Software testing misc Classification misc Survey A systematic classification of security regression testing approaches |
| authorStr |
Felderer, Michael |
| ppnlink_with_tag_str_mv |
@@773@@(DE-627)SPR008001103 |
| format |
electronic Article |
| delete_txt_mv |
keep |
| author_role |
aut aut |
| collection |
springer |
| remote_str |
true |
| illustrated |
Not Illustrated |
| topic_title |
A systematic classification of security regression testing approaches Regression testing (dpeaa)DE-He213 Security testing (dpeaa)DE-He213 Security regression testing (dpeaa)DE-He213 Software evolution (dpeaa)DE-He213 Security engineering (dpeaa)DE-He213 Software testing (dpeaa)DE-He213 Classification (dpeaa)DE-He213 Survey (dpeaa)DE-He213 |
| topic |
misc Regression testing misc Security testing misc Security regression testing misc Software evolution misc Security engineering misc Software testing misc Classification misc Survey |
| topic_unstemmed |
misc Regression testing misc Security testing misc Security regression testing misc Software evolution misc Security engineering misc Software testing misc Classification misc Survey |
| topic_browse |
misc Regression testing misc Security testing misc Security regression testing misc Software evolution misc Security engineering misc Software testing misc Classification misc Survey |
| format_facet |
Elektronische Aufsätze Aufsätze Elektronische Ressource |
| format_main_str_mv |
Text Zeitschrift/Artikel |
| carriertype_str_mv |
cr |
| hierarchy_parent_title |
International Journal on Software Tools for Technology Transfer |
| hierarchy_parent_id |
SPR008001103 |
| hierarchy_top_title |
International Journal on Software Tools for Technology Transfer |
| isfreeaccess_txt |
false |
| familylinks_str_mv |
(DE-627)SPR008001103 |
| title |
A systematic classification of security regression testing approaches |
| ctrlnum |
(DE-627)SPR008006407 (SPR)s10009-015-0365-2-e |
| title_full |
A systematic classification of security regression testing approaches |
| author_sort |
Felderer, Michael |
| journal |
International Journal on Software Tools for Technology Transfer |
| journalStr |
International Journal on Software Tools for Technology Transfer |
| lang_code |
eng |
| isOA_bool |
false |
| recordtype |
marc |
| publishDateSort |
2015 |
| contenttype_str_mv |
txt |
| container_start_page |
305 |
| author_browse |
Felderer, Michael Fourneret, Elizabeta |
| container_volume |
17 |
| format_se |
Elektronische Aufsätze |
| author-letter |
Felderer, Michael |
| doi_str_mv |
10.1007/s10009-015-0365-2 |
| author2-role |
verfasserin |
| title_sort |
systematic classification of security regression testing approaches |
| title_auth |
A systematic classification of security regression testing approaches |
| abstract |
Abstract The openness of modern IT systems and their permanent change make it challenging to keep these systems secure. A combination of regression and security testing called security regression testing, which ensures that changes made to a system do not harm its security, are therefore of high significance and the interest in such approaches has steadily increased. In this article we present a systematic classification of available security regression testing approaches based on a solid study of background and related work to sketch which parts of the research area seem to be well understood and evaluated, and which ones require further research. For this purpose we extract approaches relevant to security regression testing from computer science digital libraries based on a rigorous search and selection strategy. Then, we provide a classification of these according to security regression approach criteria: abstraction level, security issue, regression testing techniques, and tool support, as well as evaluation criteria, for instance evaluated system, maturity of the system, and evaluation measures. From the resulting classification we derive observations with regard to the abstraction level, regression testing techniques, tool support as well as evaluation, and finally identify several potential directions of future research. |
| abstractGer |
Abstract The openness of modern IT systems and their permanent change make it challenging to keep these systems secure. A combination of regression and security testing called security regression testing, which ensures that changes made to a system do not harm its security, are therefore of high significance and the interest in such approaches has steadily increased. In this article we present a systematic classification of available security regression testing approaches based on a solid study of background and related work to sketch which parts of the research area seem to be well understood and evaluated, and which ones require further research. For this purpose we extract approaches relevant to security regression testing from computer science digital libraries based on a rigorous search and selection strategy. Then, we provide a classification of these according to security regression approach criteria: abstraction level, security issue, regression testing techniques, and tool support, as well as evaluation criteria, for instance evaluated system, maturity of the system, and evaluation measures. From the resulting classification we derive observations with regard to the abstraction level, regression testing techniques, tool support as well as evaluation, and finally identify several potential directions of future research. |
| abstract_unstemmed |
Abstract The openness of modern IT systems and their permanent change make it challenging to keep these systems secure. A combination of regression and security testing called security regression testing, which ensures that changes made to a system do not harm its security, are therefore of high significance and the interest in such approaches has steadily increased. In this article we present a systematic classification of available security regression testing approaches based on a solid study of background and related work to sketch which parts of the research area seem to be well understood and evaluated, and which ones require further research. For this purpose we extract approaches relevant to security regression testing from computer science digital libraries based on a rigorous search and selection strategy. Then, we provide a classification of these according to security regression approach criteria: abstraction level, security issue, regression testing techniques, and tool support, as well as evaluation criteria, for instance evaluated system, maturity of the system, and evaluation measures. From the resulting classification we derive observations with regard to the abstraction level, regression testing techniques, tool support as well as evaluation, and finally identify several potential directions of future research. |
| collection_details |
GBV_USEFLAG_A SYSFLAG_A GBV_SPRINGER |
| container_issue |
3 |
| title_short |
A systematic classification of security regression testing approaches |
| url |
https://dx.doi.org/10.1007/s10009-015-0365-2 |
| remote_bool |
true |
| author2 |
Fourneret, Elizabeta |
| author2Str |
Fourneret, Elizabeta |
| ppnlink |
SPR008001103 |
| mediatype_str_mv |
c |
| isOA_txt |
false |
| hochschulschrift_bool |
false |
| doi_str |
10.1007/s10009-015-0365-2 |
| up_date |
2024-07-03T16:43:13.409Z |
| _version_ |
1803576927489884160 |
| fullrecord_marcxml |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a22002652 4500</leader><controlfield tag="001">SPR008006407</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20201124023052.0</controlfield><controlfield tag="007">cr uuu---uuuuu</controlfield><controlfield tag="008">201005s2015 xx |||||o 00| ||eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1007/s10009-015-0365-2</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)SPR008006407</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(SPR)s10009-015-0365-2-e</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Felderer, Michael</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="2"><subfield code="a">A systematic classification of security regression testing approaches</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2015</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">Computermedien</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Online-Ressource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Abstract The openness of modern IT systems and their permanent change make it challenging to keep these systems secure. A combination of regression and security testing called security regression testing, which ensures that changes made to a system do not harm its security, are therefore of high significance and the interest in such approaches has steadily increased. In this article we present a systematic classification of available security regression testing approaches based on a solid study of background and related work to sketch which parts of the research area seem to be well understood and evaluated, and which ones require further research. For this purpose we extract approaches relevant to security regression testing from computer science digital libraries based on a rigorous search and selection strategy. Then, we provide a classification of these according to security regression approach criteria: abstraction level, security issue, regression testing techniques, and tool support, as well as evaluation criteria, for instance evaluated system, maturity of the system, and evaluation measures. From the resulting classification we derive observations with regard to the abstraction level, regression testing techniques, tool support as well as evaluation, and finally identify several potential directions of future research.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Regression testing</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Security testing</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Security regression testing</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Software evolution</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Security engineering</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Software testing</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Classification</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Survey</subfield><subfield code="7">(dpeaa)DE-He213</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Fourneret, Elizabeta</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">International Journal on Software Tools for Technology Transfer</subfield><subfield code="d">Springer-Verlag, 1997</subfield><subfield code="g">17(2015), 3 vom: 21. Jan., Seite 305-319</subfield><subfield code="w">(DE-627)SPR008001103</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:17</subfield><subfield code="g">year:2015</subfield><subfield code="g">number:3</subfield><subfield code="g">day:21</subfield><subfield code="g">month:01</subfield><subfield code="g">pages:305-319</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://dx.doi.org/10.1007/s10009-015-0365-2</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_SPRINGER</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">17</subfield><subfield code="j">2015</subfield><subfield code="e">3</subfield><subfield code="b">21</subfield><subfield code="c">01</subfield><subfield code="h">305-319</subfield></datafield></record></collection>
|
| score |
7.40158 |