Software test attacks to break mobile and embedded devices. (2013)
- Record Type:
- Book
- Title:
- Software test attacks to break mobile and embedded devices. (2013)
- Main Title:
- Software test attacks to break mobile and embedded devices
- Further Information:
- Note: Jon Duncan Hagar.
- Authors:
- Hagar, Jon Duncan
- Contents:
- Setting the Mobile and Embedded Framework; Objectives of Testing Mobile and Embedded Software Systems; What Is Embedded Software?; What Are "Smart" Handheld and Mobile Systems?; Why Mobile and Embedded Attacks?; Framework for Attacks; Beginning Your Test Strategy; Attacks on Mobile and Embedded Software; If You Are New to Testing; An Enlightened Tester Makes a Better Tester Developer Attacks: Taking the Code Head On ; Attack 1: Static Code Analysis; Attack 2: Finding White-Box Data Computation Bugs; Attack 3: White-Box Structural Logic Flow Coverage; Test Coverage Concepts for White-Box Structural Testing; Not e of Concern in Mobile and Embedded Environments Control System Attacks; Attack 4: Finding Hardware System Unhandled Uses in Software; Attack 5: Hardware-to-Software and Software-to-Hardware Signal Interface Bugs; Attack 6: Long-Duration Control Attack Runs ; Attack 7: Breaking Software Logic and/or Control Laws; Attack 8: Forcing the Unusual Bug Cases Hardware Software Attacks ; Attack 9: Breaking Software with Hardware and System Operations; Attack 10: Finding Bugs in Hardware-Software Communications; Attack 11: Breaking Software Error Recovery; Attack 12: Interface and Integration Testing; Attack 13: Finding Problems in Software-System Fault Tolerance Mobile and Embedded Software Attacks; Attack 14: Breaking Digital Software Communications; Attack 15: Finding Bugs in the Data; Attack 16: Bugs in System-Software Computation; Attack 17: Using Simulation andSetting the Mobile and Embedded Framework; Objectives of Testing Mobile and Embedded Software Systems; What Is Embedded Software?; What Are "Smart" Handheld and Mobile Systems?; Why Mobile and Embedded Attacks?; Framework for Attacks; Beginning Your Test Strategy; Attacks on Mobile and Embedded Software; If You Are New to Testing; An Enlightened Tester Makes a Better Tester Developer Attacks: Taking the Code Head On ; Attack 1: Static Code Analysis; Attack 2: Finding White-Box Data Computation Bugs; Attack 3: White-Box Structural Logic Flow Coverage; Test Coverage Concepts for White-Box Structural Testing; Not e of Concern in Mobile and Embedded Environments Control System Attacks; Attack 4: Finding Hardware System Unhandled Uses in Software; Attack 5: Hardware-to-Software and Software-to-Hardware Signal Interface Bugs; Attack 6: Long-Duration Control Attack Runs ; Attack 7: Breaking Software Logic and/or Control Laws; Attack 8: Forcing the Unusual Bug Cases Hardware Software Attacks ; Attack 9: Breaking Software with Hardware and System Operations; Attack 10: Finding Bugs in Hardware-Software Communications; Attack 11: Breaking Software Error Recovery; Attack 12: Interface and Integration Testing; Attack 13: Finding Problems in Software-System Fault Tolerance Mobile and Embedded Software Attacks; Attack 14: Breaking Digital Software Communications; Attack 15: Finding Bugs in the Data; Attack 16: Bugs in System-Software Computation; Attack 17: Using Simulation and Stimulation to Drive Software Attacks Time Attacks: "It’s about Time" ; Attack 18: Bugs in Timing Interrupts and Priority Inversions; State Modeling Example; Attack 19: Finding Time-Related Bugs; Attack 20: Time-Related Scenarios, Stories, and Tours; Attack 21: Performance Testing Introduction; Supporting Concepts; Completing and Reporting the Performance Attack; Wrapping Up Human User Interface Attacks: "The Limited (and Unlimited) User Interface" ; How to Get Started—the UI; Attack 22: Finding Supporting (User) Documentation Problems; Attack 23: Finding Missing or Wrong Alarms; Attack 24: Finding Bugs in Help Files Smart and/or Mobile Phone Attacks ; General Notes and Attack Concepts Applicable to Most Mobile-Embedded Devices; Attack 25: Finding Bugs in Apps; Attack 26: Testing Mobile and Embedded Games; Attack 27: Attacking App–Cloud Dependencies Mobile/Embedded Security; The Current Situation; Reusing Security Attacks; Attack 28: Penetration Attack Test; Attack 29: Information Theft—Stealing Device Data; Attack 30: Spoofing Attacks; Attack 31: Attacking Viruses on the Run in Factories or PLCs Generic Attacks; Attack 32: Using Combinatorial Tests; Attack 33: Attacking Functional Bugs Mobile and Embedded System Labs ; Introduction to Labs; To Start; Test Facilities; Why Should a Tester Care?; What Problem Does a Test Lab Solve?; Staged Evolution of a Test Lab; Simulation Environments; Prototype and Early Development Labs; Development Support Test Labs; Integration Labs; Pre-Product and Product Release (Full Test Lab); Field Labs; Other Places Labs Can Be Realized; Developing Labs: A Project inside of a Project; Planning Labs; Requirement Considerations for Labs; Functional Elements for a Developer Support Lab; Functional Elements for a Software Test Lab; Test Lab Design Factors; Lab Implementation; Lab Certification; Operations and Maintenance in the Lab; Lab Lessons Learned; Automation Concepts for Test Labs; Tooling to Support Lab Work; Test Data Set-Up; Test Execution: For Developer Testing; Test Execution: General; Product and Security Analysis Tools; Tools for the Lab Test Results Recording; Performance Attack Tooling; Basic and Generic Test Support Tools; Automation: Test Oracles for the Lab Using Modeling Tools; Simulation, Stimulation, and Modeling in the Lab Test Bed; Continuous Real-Time, Closed-Loop Simulations to Support Lab Test Environments; Keyword-Driven Test Models and Environments; Data Collection, Analysis, and Reporting; Post-Test Data Analysis; Post-Test Data Reporting; Wrap Up: N-Version Testing Problems in Labs and Modeling; Final Thoughts: Independence, Blind Spots, and Test Lab Staffing Some Parting Advice ; Are We There Yet?; Will You Get Started Today?; Advice for the "Never Ever" Tester; Bug Database, Taxonomies, and Learning from Your History; Lessons Learned and Retrospectives; Implementing Software Attack Planning; Regression and Retest; Where Do You Go from Here? Appendix A: Mobile and Embedded Error Taxonomy: A Software Error Taxonomy (for Testers); Appendix B: Mobile and Embedded Coding Rules; Appendix C: Quality First: "Defending the Source Code So That Attacks Are Not So Easy"; Appendix D: Basic Timing Concepts; Appendix E: Detailed Mapping of Attacks; Appendix F: UI /GUI and Game Evaluation Checklist; Appendix G: Risk Analysis, FMEA, and Brainstorming References Glossary Index … (more)
- Publisher Details:
- Boca Raton, Florida : Chapman & Hall/CRC
- Publication Date:
- 2013
- Extent:
- 1 online resource, illustrations
- Subjects:
- 005.8
Penetration testing (Computer security)
Mobile computing -- Security measures
Embedded computer systems -- Security measures - Languages:
- English
- ISBNs:
- 9781466575318
- Related ISBNs:
- 146657531X
9781466575301
1466575301 - Notes:
- Note: Includes bibliographical references and index.
Note: Print version record. - Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.143588
- Ingest File:
- 01_089.xml