Proposing SQL Statement Coverage Metrics: Difference between revisions
Programsam (talk | contribs) |
Programsam (talk | contribs) |
||
| Line 391: | Line 391: | ||
<center>'''Figure 9. Batch SQL Statements'''</center> | <center>'''Figure 9. Batch SQL Statements'''</center> | ||
== 8. Conclusions and Future Work == | |||
We have shown that a major portion of recent cyber vulnerabilities are occurring due to a lack of input validation testing. Testing strategies should incorporate new techniques to account for the likelihood of input validation attacks. Structural coverage metrics allow us to see how much of an application is executed by a given test set. We have shown that the notion of coverage can be extended to target statements and their input values. Finally, we have answered our research question with a case study which demonstrates that using the technique we describe, it is possible to dynamically gather accurate coverage metric values produced by a given test set. | |||
== 9. References == | == 9. References == | ||