Assessing Survivability Using Software Fault Injection

Abstract

This presents an approach and experimental results from using software fault injection to assess information survivability. We define information survivability to mean the ability of an information system to continue to operate in the presence of faults, anomalous system behavior, or malicious attack. In the past, finding and removing software flaws has traditionally been the realm of software testing. Software testing has largely concerned itself with ensuring that software behaves correctly, and intractable problem for any non-trivial piece of software. In this paper, we present 'off-nominal' testing techniques, which are not concerned with the correctness of the software, but with the survivability of the software in the face of anomalous events and malicious attack. Where software testing is focused on ensuring that the software computes the specified function correctly, we are concerned that the software continues to operate in the presence of faults, unusual system events or malicious attacks.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Apr 01, 2001
Accession Number
ADP010875

Entities

People

  • Jeffrey Voas

Tags

Communities of Interest

  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Application Software
  • Ball Bearings
  • Buffer Overflow Attack
  • Case Studies
  • Computer Program Reliability
  • Computer Programming
  • Computer Programs
  • Computers
  • Electron Microscopes
  • Information Processing
  • Information Systems
  • Internet
  • Networks
  • Open Source Software
  • Operating Systems
  • Reliability
  • Vulnerability

Fields of Study

  • Computer science
  • Engineering

Readers

  • Artificial Intelligence
  • Computational Modeling and Simulation
  • Cybersecurity.