It is a 10x in terms of the time it takes to perform root cause analysis and a 10x in terms of the coverage on the defect stream. These productivity enhancements are achieved by raising the level of abstraction and systematizing the analysis methodology. The impact of this productivity boost is far-reaching in its business impact with reported gains that are enormous.
He received his Ph. His research focuses on methods and tools for reliable and secure software, automatic software monitoring, and intrusion detection. He teaches software reliability and security related courses both in academia and industry and has extensive publications in these areas.
More information about his research and teaching can be found at http: Shahriar is an expert on software security testing with extensive publications and industry experience in the area of software and security engineering.
More information about his research and publications can be obtained from http: Duration and intended audience The tutorial is intended for half day 3 hours duration.
Content description The tutorial consists of the six major parts. In the first part, we will briefly introduce software testing and test coverage concepts that are used in practice.
We will also discuss the limitation of different coverage criteria. In the second part, we will provide an idea how the exploitation of four most common vulnerabilities buffer overflow, format string bug, SQL injection, and cross site scripting that affect program behaviors.
In the third part, we will provide an overview of software application or program security testing and compare with traditional software testing approach. We will also relate software security bug classes with traditional software bug classes, followed by a brief idea on other complementary security assurance approaches.
In the fourth part, we will introduce the idea of mutation-based security testing approach. We will briefly introduce mutation operators and mutant killing criteria for testing buffer overflow and format string bug vulnerabilities.
We will present how the mutation-based testing and analysis can help in testing programs against potential buffer overflow and format string bug related attacks. In the fifth part, we will describe how mutation-based security testing approach can be applied for web-based program vulnerabilities namely SQL injection.
We will briefly introduce a number of mutation operators and mutant killing criteria for adequate testing of SQL injection of programs. Then, we will relate how the mutation-based testing and analysis can detect SQL injection attacks. In the sixth part, we will describe how mutation-based security testing approach can be applied for web-based program vulnerabilities namely cross site scripting XSS.
We will briefly introduce a number of mutation operators and mutant killing criteria for adequate testing of XSS vulnerabilities in programs. Finally, we will relate how the mutation-based testing and analysis can help in identifying possible XSS attacks.
Back to the Top.ROOT CASE ANALYSIS Root Case Analysis is best input for reliability engineering and predictive maintenance, preventing catastrophic failures of critical plant production system. Root Case Analysis is a logical approach to problem resolution and develops a cost effective actions that prevent re-occurrences.
ODC is known to reduce the time taken to perform root cause analysis by over a factor of The gains come primarily from a different approach to root cause analysis, where the ODC data is generated rapidly (in minutes, as opposed to hours per defect) and analytics used for the cause and effect analysis.
Abstract-- Orthogonal Defect Classification (ODC) allows us to do a “10x ” on Root Cause Analysis (RCA).
Intended Use: For In Vitro Diagnostic Use Reveal Decloaker, 10X is a buffered solution that is intended for laboratory use in heatinduced antigen retrieval of formalin-fixed paraffin-embedded (FFPE) tissues for immunohistochemistry (IHC) procedures.