Software Security Testing: Bibliography

• Overviews:
• Software Engineering for Security: a Roadmap
• Software Engineering for Secure Software- State of the Art: A Survey by Jayaram K R and Aditya Mathur
• Software Security Testing Software Security Testing slides by McGraw  more papers from Cigital Labs
  
  
• Approaches:
• SQL injection monitoring at Georgia Tech　
• Using Dynamic Compilation for Software Analysis and Security Testing at U. Delaware
• U Maryland  Software testing from a security perspective (ICSM 02)   Security testing using a susceptibility matrix (ISSRE 02)
• Protos: Security Testing of Protocol Implementations 
• Protocol testing
• Wenliang Du at Syracuse
• Model-based Approach to Security Test Automation
• Test Data Management Part 2 — Data Privacy and Techniques for De-Identifying Test Data
• Privacy-Preserving DB Testing
  
  
• Events
• SESS05 - Software Engineering for Secure Systems
• ISSSE 06 - IEEE International Symposium on Secure Software Engineering
• FOSAD 2005 -5th International School on Foundations of Security Analysis and Design

• Robustness Testing
• Survey: Robustness Testing of Software-Intensive Systems
• Robustness Testing resource  robustness testing of a HA middleware
• Ballista: COTS Software Robustness Testing at CMU
• Fuzz: Fuzz Testing of Application Reliability at Wisconsin
• Robustness Testing at Cigital Lab
• JCrasher and CnC at Georgia Tech
• Java Robustness Testing at Rutgers U.  More updated list of paper
• Model-based Robustness Testing

Maintained by